852320b116ecaa612dba779e55a8839610d195f77c5052b9f8be47defefb0b41

Analysis

max time kernel
4s
max time network
167s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
19-08-2024 10:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

aaa9f3cc262b9d02b279e7d694ec6104_JaffaCakes118.apk
Size

8.4MB
MD5

aaa9f3cc262b9d02b279e7d694ec6104
SHA1

030f8832f34275c0b779770b7044027f060d5f6d
SHA256

852320b116ecaa612dba779e55a8839610d195f77c5052b9f8be47defefb0b41
SHA512

acb4949cad4df87090fb1f7e75c9363799b1219393a5afc81a56ce96d61b00d6d5d642cd65c34d692e5d5b20758fa380e535ceb6fe96005a0b345ff04e68e244
SSDEEP

196608:Sw1NAJSl9C3XbqCNwhhT4hz7C0UVgaum1PaIKsZrdU:KonQbRs4hz79UWmdlLc

Score

6^/10

discovery execution persistence

Malware Config

Signatures

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	ir.daryadar.pasta

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	ir.daryadar.pasta

ir.daryadar.pasta
1⤵
- Queries information about active data network
- Schedules tasks to execute at a specified time
PID:4487

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/ir.daryadar.pasta/databases/__pushe_base_lib_db

Filesize
24KB

MD5
2cdf77d5c14dd3f313b60c691579a0b9

SHA1
6a74a7a3170cabead82152871c90749afdd6f310

SHA256
55ba022e5aa9eb87c256026289112e4c0531a41d0d56380fcf845de71ff99ca0

SHA512
eaf21f0acf8b98ac8bf4bce81e66a07d6a501483b141bfb7a2ef476a8dc9927ccd39971f4e0d1f7969576dbf7abb7befb3bec04e40c5a9b28fa7a2f15ae7a98c

Download Submit
/data/user/0/ir.daryadar.pasta/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
14c727341cece1464bd0b02daf15be04

SHA1
935ed4a15c3c2598f20867c3b1821298bdf6e2df

SHA256
4d9102cd3e4a4e25e448d8d3e5fd4f115d9316e1e9b30c620b09f8323dccdaf4

SHA512
5bfa34bbe9b2138128c7d5bb10e7440ac69c5ec1ccd059ff272c4f1ea60cf6fac309a872eb209620132653f6413d85371b01634592e24025ba8a0d45391765ad

Download Submit
/data/user/0/ir.daryadar.pasta/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
1b6c245dc99814237d8071bb84be1fc8

SHA1
39254d32f7775757ce5f6de1ebf3683a3200cf68

SHA256
4b4e89a643dfa09b9689a2874586e5f695527b08f799ea2a4730b42c9a7c3dd0

SHA512
a6aa3b81144e042452eac2a1a388b28edbbc6493ca50035df12ac12f8c4239dfa3f986a3c5341cc1550d1fa31c621334e3c6951b46696564af93840f589a666d

Download Submit
/data/user/0/ir.daryadar.pasta/databases/__pushe_base_lib_db-journal

Filesize
512B

MD5
69c23c05c450a9edc89b8378c400a7d7

SHA1
0408a6b382432727766376ca97db7c894618f466

SHA256
d06775b9a9f6eebae1e27794698067e03e0596dc91f8d0523f15a7ccf23ba249

SHA512
9d14b3ee4639fc9c5551eabefc61216c61e30a9d53d5b2f8ddea5e68ff01b1224bf21235c3cedac5fc39b3974ca77390a56416848e1e9f96cf226900c7432eab

Download Submit
/data/user/0/ir.daryadar.pasta/databases/evernote_jobs.db

Filesize
16KB

MD5
47080e3bfcf2db9b8620f2faf6c5857a

SHA1
6f63c1851255e0fa99567f047382074b086d38bc

SHA256
dc4f8a73f49d2a6b41ff425fd08b85c1eba5280c438a1a1ff9832e91dfa56cbb

SHA512
e757043d82798926a5ddd716457accf6616894ad1ad79ec832293a1f662910b663239f899bf05a5c8d90fed5bcb093c5529e5bc842fe9003c1d5902f9ed84473

Download Submit
/data/user/0/ir.daryadar.pasta/databases/evernote_jobs.db

Filesize
16KB

MD5
b710177efff343f45e74691d0b89163f

SHA1
8f63bcc1942638ddfbe1d690cf2afca9f7b58957

SHA256
d5cba81112fac14c06a0f0d095a2008769b4ad2693c1c765675ac688bc22a68f

SHA512
aec5941047758f3614e8af3f5940834a4c0241d97603678a8313a6e109d78fe8491185c1eb570166037865b0de9794a66db747e53542ea48d5934d775fce185b

Download Submit
/data/user/0/ir.daryadar.pasta/databases/evernote_jobs.db-journal

Filesize
512B

MD5
9a7a8c86796ebe962dca863fa4100ab3

SHA1
99b4901ffaf375e21ab0e44022d2b2ce44c7edc6

SHA256
ca9ee0f995beee4e748290c0c9bdaaeb0c6d481164e8e960085824065467a80e

SHA512
6cf19c50ecd15b287d0d0ec3061dda08d54f523a65ee882851c5dbb0425b96e4c47ccb6e574c42d3bdedd1b5d711040b41cb359104205652b6d9b0fdc42adea3

Download Submit
/data/user/0/ir.daryadar.pasta/databases/evernote_jobs.db-journal

Filesize
8KB

MD5
efdfd39a1254e5c54e37b24e2e30548c

SHA1
f4fc3fbc747e271f3937298062ed655bce48ceec

SHA256
363a152843499caa6e754f368111489ab0f34083b618569bcf2b99e32fd1f29d

SHA512
d4a3655b08800cd62315becafb135614f4994a0192bbe77a64e30d50826b5e0b8dc09e87bfad85eef79ad4c0d7e5ade872f769a481dbbf9ef40866d5c3a62d29

Download Submit
/data/user/0/ir.daryadar.pasta/databases/evernote_jobs.db-journal

Filesize
8KB

MD5
50eb7f0e37b8d36b5ba5341294cbbbef

SHA1
dc4a46c18ae41600e78e853c66be836cdbfc3872

SHA256
0f2111a8130130ae1a94fee6048a4ebd55bce8d9988b280b31697849cb948c56

SHA512
cebe45504f01dd71335dee279dccd9bdde232f17b08365853cd60bd6b564f756cb91878a26d66e25231fd68257371cf5b03442ed19067cefb2b265741aa80f3a

Download Submit
/data/user/0/ir.daryadar.pasta/databases/evernote_jobs.db-journal

Filesize
8KB

MD5
05197813a4300dd434af9cae48dd67f6

SHA1
72b95f063c2171da743e705de9a92afb882cee09

SHA256
7e5924f6c3491632432addd54783c4288d5f7a8eac5a43478d0cfa79a480c11e

SHA512
8225f902f0c30ff55b40dc9cffdcebbe20caaf39b079c9a4058291bdcb99ec353e70b0b8a60c772b12e7eaa9e3b9a48f5f0e01bab2ae5f349906d13494ffa777

Download Submit
/data/user/0/ir.daryadar.pasta/files/4_5942895236148625435.db

Filesize
293KB

MD5
484629d1d08f1fb56fe355b8aa85eebc

SHA1
71de3c03b5d2eaba249443f40fb4f71ee1faa1b8

SHA256
dd988c825dc8efe5acccb5df8cfae7c9c914556a04d0e4cc366fcaa5b51880c1

SHA512
07535ad9ad9a4f38c313d17e9f8990c302622386b8175ed7fa69246309e2293060689ade8b1a61967350d6475680cb7a7ca882cf289790a992e6c4689754ddf3

Download Submit
/data/user/0/ir.daryadar.pasta/files/unsent_requests

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads