6cc1445b5ac38d3089d71166b9de373013ba8aec1da9977b779535cd1846d301

Analysis

max time kernel
6s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
21-08-2024 15:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b418a20ab90b3cc2b2b2af0796cca72d_JaffaCakes118.apk
Size

9.2MB
MD5

b418a20ab90b3cc2b2b2af0796cca72d
SHA1

f4470d634188aaf77c9de4289518d0cfd57ff8d6
SHA256

6cc1445b5ac38d3089d71166b9de373013ba8aec1da9977b779535cd1846d301
SHA512

4ac6f7dc1efd2fb783041167fdd4fa44ab08024d969bf0e454a1b9928bc84e9143186942b5444cac3b358bd91fb79bf2e6f45781ae5f9030c5a3e810a56d2d34
SSDEEP

196608:jTKwgo6QnjgJVrVgeNBJhoXHst9pHxp4sa5dBLiDlUc:nHgo9jgJVOeNBJQUj4sW+p

Score

6^/10

discovery execution persistence

Malware Config

Signatures

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

Processes:

ir.iut.moraba

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	ir.iut.moraba

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

Processes:

ir.iut.moraba

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	ir.iut.moraba

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

Processes:

ir.iut.moraba

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	ir.iut.moraba

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

Processes:

ir.iut.moraba

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	ir.iut.moraba

ir.iut.moraba
1⤵
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
PID:4249

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/ir.iut.moraba/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/63411828-55bf-4211-b939-1bedb7ab044b.jobs

Filesize
278B

MD5
0739d806d211c2bbccf4dea76fda38de

SHA1
d2e423c18158a4c7fdf776c89413b6a7066378ab

SHA256
f5c5fde65b9ab9140d5e878ab24c81c8657627c67dfef96bbcfb6d986ff96e37

SHA512
111de6a68476017e643ae0e375e42ed743751bea7e212ef54570f889fcdd32f90870b0b2a091108c80e2ecf8d96f00ea957131afa6afc337d46748e1a513806d

Download Submit
/data/data/ir.iut.moraba/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/b5c93d44-f439-4a55-9143-e3a0d06bcbeb.jobs

Filesize
176B

MD5
f56f328eea1d5c96a1b96dbbf59488df

SHA1
440c784cacff61932e2f61580b7cfdc3a4943c95

SHA256
90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918

SHA512
36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb

Download Submit
/data/data/ir.iut.moraba/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/db7eff39-bfff-4dd8-9cba-7b623e696365.jobs

Filesize
179B

MD5
ac58f99a1b179d71e8621412ad31c6a1

SHA1
b51fdad95876f5615735c2ab411031ff67d5e946

SHA256
9537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb

SHA512
faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b

Download Submit
/data/data/ir.iut.moraba/databases/__pushe_base_lib_db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/ir.iut.moraba/databases/__pushe_base_lib_db-journal

Filesize
512B

MD5
34b4673815ca1d7e324e5fc4801e82a3

SHA1
22de254fc58130a62c1a650da37459d36d566122

SHA256
d904aa7e1587d1661f7dcd3e8feccb8b1e3b299cdd2ed7c27bb3de4d36e40150

SHA512
4fcbca2f922f2bb2e0e98b0cc13e1c607edc6ff953ef909f47321e0dfc9445cd88e51bfff66fefda5de51cc80e5dc19ac0da91eafd497d18e7b4cf7ac777e829

Download Submit
/data/data/ir.iut.moraba/databases/__pushe_base_lib_db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/ir.iut.moraba/databases/__pushe_base_lib_db-wal

Filesize
40KB

MD5
dfc0f4c29d51ea14cc88b7d08fc8a77a

SHA1
c935a9a87a52db9c344b04316163c66b6da585d7

SHA256
c28b1dccb5b1068d00350e0d28652f968bb7f9546b32d97158314b89b8c4fe33

SHA512
ebb751d72647b516c089c4efd58f4abc3b6b07f662cc940e187c49c71538ab3112f46f1a7c18e4dbef5e798d5cbc4c4c7acd3f50a4185a18ecfe621202455def

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb

Filesize
24KB

MD5
1f347cea6a53594be878e35079bdabc4

SHA1
ae24631f83d3c875dd678040baafb5e64fc6ba6e

SHA256
46cc2cd48a3621ce276d0927dfaa0e367261e740d6c248c48fa48b25be769fd5

SHA512
6f09f140cda839271dcc15857faa5ec7fed65afabd0ed53164744e0b15c145b4fd0ae3f6ef0ad01cdf4eb612510f7f150ea72781740a9c6d67ed1075e5e026e9

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb

Filesize
20KB

MD5
da86b768c505369c4c8e5e381fd90c74

SHA1
699ff323090ab112b57c17f207ef1290fd5e823b

SHA256
1a5ac35bffbd826daf992114eaf06cad8e775857d0bf3a02ce50a7d064585265

SHA512
199f2aa3f7f82aae5bed60c6b40fb089f94d1e42fec6f8e7d39bb4c0d7a935d652da6b9b52574b0e2c3b98aa223aec28e2753f3436d754f007adf41435f551b5

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb

Filesize
20KB

MD5
68d9f8ad068fa4a2d4f8d18eecb68001

SHA1
b2622eb9615512d0feb37c4ed108e49ec987f120

SHA256
1a14907c97462ba4c17bde749a61802e12c154b2ebf65633738152179f247575

SHA512
b3b330a7d196d00a2a0d63e784ea9457cfaaefc1e7eebfe756a7443b7fe542dd2f1edbf25c7c5623a7d08a9e651c4ec93a22a1e5d6624e9969e8f488c25fe114

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb-journal

Filesize
512B

MD5
4b59679431933594a6ff6828d40d6374

SHA1
a2a5564aa127c96201fb92e63fbdc198f40ad7bb

SHA256
d2a5e6d86123bbddc840bb899f66c1393b47c702a300802d2bf527805dd5c8de

SHA512
6076502e21ae0a56012aba0a16d5c55fc707a668815b8a176f4c8a6a88e5a65a5f8fc388019abb5a2efc900a4df78a04799c3f2ba7444de11ff6c408de0df2be

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb-wal

Filesize
40KB

MD5
7abbe8186f26eac5ab7d51b2c939a20a

SHA1
deee3b51de5a60855600b8572319df7509741ead

SHA256
337966d8da616406e70965b3bb6e9acefe82a13baadbab408bff0207f2927d08

SHA512
b2edbcd7ffe9e50d8c51afb86bbd6cab84fe01333cc176148d69e7f263fa9313b306081115c3a53c7332bde9e37d7b0f4142b20ea0fbeafcc2a4f2a80bd5b66f

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb-wal

Filesize
8KB

MD5
b59344e4d1bef4efaf7df393ed911b73

SHA1
7acafbf93340d32d3078189628d5ebc2f8ae6741

SHA256
efb33b9235a1c567abb483e66bded4dd0ab37cb52f431b582e2b38cbaf598e97

SHA512
b267f585557ee5c14b6b518b78b2f7b8989fab272b747e023f81783efd4162a5c7901aeda633da5aa9ff8eee7c9c55b0081ba074d0035ab5d49798fd18e09fe4

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb-wal

Filesize
8KB

MD5
3e0cd3b17e7131b008133c41df93b9db

SHA1
f7d427fb3bbb8aa077ee9bd1b84d3be5483c14a5

SHA256
940b52637192e949548960115c3f596cf29b3fcbf39f0acc4161f41c6eed1c01

SHA512
cdff03ad026ba898466863825b336e9020451c485e52663bfcddd5b5f5782ffcc5ba7333466d1bd51f1382da27df082a44382da5c41f9e7f5e8cf4408ca07eab

Download Submit
/data/data/ir.iut.moraba/databases/db_default_job_manager-journal

Filesize
512B

MD5
87ffe45f106fdc0ca783f07f1aeab91a

SHA1
9397eab1d2fd397e647ea19cbb8d1bd1c6744114

SHA256
6ec67175762a36f4f1a5b2e33d970a63a806eb9184c704413074dc4b33ba981d

SHA512
62e06057c5f8f46066dc7c202d1f87b313cf12067f440e795a7d93f258d7bcd0fc2097dde5e047e352bb2d1bbea13b58105327fb9d363c393fd6be02e53b9773

Download Submit
/data/data/ir.iut.moraba/databases/db_default_job_manager-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/ir.iut.moraba/databases/db_default_job_manager-wal

Filesize
136KB

MD5
4a7c6dec87e0d0a1bf4f549f1c798859

SHA1
33a763cf4a8ae3bbb934757865349ef93df32e35

SHA256
0b3150575afbf77185cd33cdad64c6791d838e1afbb213fb36b9998d2cc2b301

SHA512
50542bc478245b8f47ab1974e892b7d7551b8509563e741e78b3fb80a96c0a5aa100663fcd502426d533676fb8086669d747d22eb5aa04ecf414ca6d0377f2f5

Download Submit
/data/data/ir.iut.moraba/databases/evernote_jobs.db-journal

Filesize
512B

MD5
eb81a9dd4404965398c33eca0b07c565

SHA1
39272dff893a3f88037e903c048bb05e6a705ae7

SHA256
fde34691cde2aa60720d66fb4d623ddf90e396e01855dd95a665a98891fdf0fe

SHA512
88c32eb74effa3cf3d5d1dde08051a84600c7d940d6c40a720033c45bf4500b6eab1747222c70aa62a079075452f72fa11187be7cd20103de0c115c6f3c539d7

Download Submit
/data/data/ir.iut.moraba/databases/evernote_jobs.db-wal

Filesize
32KB

MD5
a11dfcfa636b7fe97c482099a882d9ed

SHA1
82258e6a0a5c013fdd3659edbbb1ea7d479da21c

SHA256
05cd92babfb5d9acda9315ce2944aa61d70ebc27d95070777a834fbbdeeb6445

SHA512
4b14876ba5062a92c6ccefe98681f030bdf53ea3b159dd3fd62443628dacf74f7d0a5f5f63a14b5f29ad2a1cb16d55dd8d10d5b9397befb0cb2869bc5b8731d6

Download Submit
/data/data/ir.iut.moraba/files/db.db

Filesize
179KB

MD5
f81ac1486079e47d6690d9ba9ae56f95

SHA1
31f20b027a77bb751d29382de19c68aa497356f8

SHA256
65a3e8d4142077b80aa203ef5028ed78c6d3ea10a25076f4f2376c62918422cd

SHA512
16c9086e9f0901f15987ce1257a81847cfb1172109aa4b488c8fd62959e2e44dd96eb9431bd1e7aee7c785c75467283f3a0d700c8ecd02b5a040373638084425

Download Submit
/data/data/ir.iut.moraba/files/db.db

Filesize
1024B

MD5
9bcdde6a06eb20885424874bea9f9a54

SHA1
41691d5b62a2a567bf71f734b6241a386a551d02

SHA256
40fccdbd1a66e073a36173ad2d48077ac3574017e76426caf1f6b5ac1cf3c103

SHA512
25e84a0d661dc51de551b153c40abd620d513535af7f3a8e954490a96e60201e93e289f4bb4497a37a472f183fdef164357438e3eac72c6b1f4fbc69b0de774b

Download Submit
/data/data/ir.iut.moraba/files/db.db-journal

Filesize
1KB

MD5
d061c8a251bcc986a6720f493dd2c612

SHA1
58b98de021ff6ce0bcc46dbf7990f6405c104373

SHA256
823c16cc72c6be55cc04622fcaf0d379c32f76444220960276686c6aafa63f58

SHA512
e7ef5ecdad3281fea4c0083ddb05aa206a2fa321d63666e361630e0c07281e0939daced62c96e21f3ca99772550411adee6654e41002c012ab5a97ce668bbdb5

Download Submit