6cc1445b5ac38d3089d71166b9de373013ba8aec1da9977b779535cd1846d301

Analysis

max time kernel
5s
max time network
137s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
21-08-2024 15:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b418a20ab90b3cc2b2b2af0796cca72d_JaffaCakes118.apk
Size

9.2MB
MD5

b418a20ab90b3cc2b2b2af0796cca72d
SHA1

f4470d634188aaf77c9de4289518d0cfd57ff8d6
SHA256

6cc1445b5ac38d3089d71166b9de373013ba8aec1da9977b779535cd1846d301
SHA512

4ac6f7dc1efd2fb783041167fdd4fa44ab08024d969bf0e454a1b9928bc84e9143186942b5444cac3b358bd91fb79bf2e6f45781ae5f9030c5a3e810a56d2d34
SSDEEP

196608:jTKwgo6QnjgJVrVgeNBJhoXHst9pHxp4sa5dBLiDlUc:nHgo9jgJVOeNBJQUj4sW+p

Score

6^/10

discovery execution persistence

Malware Config

Signatures

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

Processes:

ir.iut.moraba

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	ir.iut.moraba

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

Processes:

ir.iut.moraba

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	ir.iut.moraba

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

Processes:

ir.iut.moraba

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	ir.iut.moraba

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

Processes:

ir.iut.moraba

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	ir.iut.moraba

ir.iut.moraba
1⤵
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
PID:4948

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/ir.iut.moraba/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/e8bde639-58f0-4d0c-b8bb-c0420c3a41d9.jobs

Filesize
179B

MD5
ac58f99a1b179d71e8621412ad31c6a1

SHA1
b51fdad95876f5615735c2ab411031ff67d5e946

SHA256
9537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb

SHA512
faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b

Download Submit
/data/data/ir.iut.moraba/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/f0ff0852-e906-4129-8e88-6778e9601c6b.jobs

Filesize
176B

MD5
f56f328eea1d5c96a1b96dbbf59488df

SHA1
440c784cacff61932e2f61580b7cfdc3a4943c95

SHA256
90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918

SHA512
36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb

Download Submit
/data/data/ir.iut.moraba/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/ffeedb20-7952-4f1f-8204-4c3c5636c289.jobs

Filesize
278B

MD5
d61a6a67bbda5fe595ae845f8a2af748

SHA1
6a09e63a250ee5b1eeaeead354caec5acadbb0be

SHA256
9b2123126ed4cbd1be4e091638d7f2b86d67a57cc500eaf8f39e1c07b0d665ed

SHA512
28ba1e16d18e3e775d9c59dd0e83db40a8b27c668d15dbd759bdd4ad5d391fc0ea90188724c6a95de52ec90ae704121b7e3a3ba94a4cd3e7e4614a7804a13050

Download Submit
/data/data/ir.iut.moraba/databases/__pushe_base_lib_db

Filesize
24KB

MD5
b4d807a604ad6692ad8344cc937af758

SHA1
88863c71630b591b747b1ae662bbce28d457107c

SHA256
6c32196a1b4973efcce00dbcbfc10968a71d312a4f32743ff2c587b52ab16380

SHA512
81443ecde2beb489752dda566881e23febf42cf569904e9213679ea6752d0e3dac3d7e120101b8c2c586c46b446d0afd4b93101d6b48572915ac2db5760b80ba

Download Submit
/data/data/ir.iut.moraba/databases/__pushe_base_lib_db-journal

Filesize
512B

MD5
74761712a2cbc21a2dc5191a6b840fd9

SHA1
554c4bb7f7a2986039d97c6f166c948711785d32

SHA256
69e41655402c73b955ea3fd71554250e0a605a9a07965b296724cf277b5f764e

SHA512
803ef320956572ebf9fe4a9ba39a6d9161f73836e8ad27235db3b35efc75a20ea09e0e7547195eafa58cf698848263e33357c1d8d1b736fee3a937413bede089

Download Submit
/data/data/ir.iut.moraba/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
9106232edd18f41da4547016b36e014a

SHA1
7e75da9e8c9743a34d4e537d4ca388ead2bb1a8d

SHA256
5a44c528cdc20a6b7a265b75b26c4dfd5c26f5240668528d06c34dbf8d67b17e

SHA512
b06665e9c605f86828b59436450803a4d6fc480c3085c3ac3f4caab48f8c65c11be34694d3a0e51f95c00deb28c23dc860c5e91ebbe7f5250e6d92ba973b39b5

Download Submit
/data/data/ir.iut.moraba/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
9427af8357bea908fea7149b7faeafbf

SHA1
348d0d995bdf932d6bab8bf420fedcb9434f99c0

SHA256
4caafda8054699f7cfee12c2924f09f78812d2da2d4a77b75da031578cdc0ebe

SHA512
6781faf1bdfd4c97831d795912e203332a4930a365878801286a73935b56c814cbd4e94386f8bd1bfb09abdc13549c5d5ca6575b16f88a79ea2955d976ab6073

Download Submit
/data/data/ir.iut.moraba/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
477a7dedd72e02967fe4f64372c713b3

SHA1
615462abe12e1b3fb3ef9450a2a1fd0187ec9af4

SHA256
9dc89ede2c76cc6de07fda2eedeeed2dadcf2f316a1baf6691e765a801b17f32

SHA512
ad0fd77b4babf442c54451553e80a8053c424917852d9dc78217423d095bf28bda7ef08ce887125d4dd60931ea9834c5a3fe9ea5d9285250b68126eaf1b1cd7b

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb

Filesize
24KB

MD5
259a1e4e7ebc4b0d0341ffcf0c3bc2ea

SHA1
9b8da5a0b24833a3e84567d9d8ee0d2f54d7b48c

SHA256
4f4987ac3d84abad3490459fa7a32b7bfadaae5f329e15dcff36e07d34faaeb1

SHA512
dc1296e2b0b18dd83a3782acb700e155ea9a60ef193bfa8c98999e7cc3c5b73a97c20a974cc956ab438aeeba812ec2d2f401fb2e714bb9bb5fb421fa4b7a2313

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb

Filesize
20KB

MD5
0601d64c68f79d0920fb443ddb632141

SHA1
528aab582bf98c0483f2317387516376f8b287a6

SHA256
38c1cf73a135ef8026b93e4097a16a08672b701623b3bcc6e1517701a8a839b0

SHA512
61f3cdfa4cbb69e0db74f4bb93ab1b924a1ec12b56f867ff0945c44f430bd142de4c44c48f438fa80e3ce8971a0da1da00bb40e394df030a49fbde40d95aea1f

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb

Filesize
20KB

MD5
98a5ed3827998ce9023b7c43536ecfd6

SHA1
6342b909f0c846ba18002dd164f54f79918de45f

SHA256
b50cad0a642cce76117d13b14c4de746013bcdcd00655ab86fccc908d5af1db8

SHA512
86f871273a7dd3a8b92f8cedb2d4ff13f0f513e2202c74bb564caa3c870261c6a276b5e792e68af23871655450f4de9e59d7c5eb0eaa3f91bfd415f21ce2ef76

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb-journal

Filesize
512B

MD5
435dfaed1044e7a695ad73ab8a91ba17

SHA1
54165b2b1acdf3e7c7217f991e539a11d0b1af93

SHA256
7fd2f990e9eb964ed311ff86a0e7eb55bc659a91891b2273016ecf3fbaf772fe

SHA512
06ace696f4d03099c66ef4862132aa58b1630386a6ee6695c54ba1f3160d3a1eb045ded27f000f2e68a10e73cd52864088f32704bc1dc287d62577da230bce41

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb-journal

Filesize
8KB

MD5
a62e6018461d084a15f06332fd0c1014

SHA1
e96ebbf854e44bfaa905d9355c4dc6c1663f83f7

SHA256
a626e27a1eaa836303c19d7fccd435456f84c86f454ddd46b90b7f94c6c0fe5f

SHA512
400e43a1700679dc7dc8bf7703b57e486bfef1c323f3b111774f6f55d7d0a21432e36c339d96ef5b1dca4ca0d043e6f89ea878c1630b9548af718db20ad0e54a

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb-journal

Filesize
8KB

MD5
5a6e1fb5ad37e3d32e2c0936f2005e97

SHA1
c34eca31fc573cfa5a4b22dba53f797872adf191

SHA256
f738486e175de62c380cb010347958708edd5ee943080041f1e92d3c65eba969

SHA512
b69efd60fe8cced149d189e7ed42eb39b66392bdca6a24e1ec922964bdb7da414114430c5456c537a482112eb2e420e8bfa5d9f7348c59aeaed86a7b5b16eada

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb-journal

Filesize
8KB

MD5
49bcbd8d2dfe01113619b19ce5c2e0f9

SHA1
a8707c6a7e750c8c46b171453546c9ec4202bbff

SHA256
664d057d54e366ade1e3356a39975be2e97c2ce8c883c4e0a58fc9772bf4068a

SHA512
46a5acf3d0e6884b625941cb9e660c7bc3e33c0d2fb4c6f56eae282efa1ab43eb2dca3f06d9f6e93d7ded487431a2e5ece3e110cc705cffd97ac54e61234ed4e

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb-journal

Filesize
12KB

MD5
8b9eb7a6ae4e78ecac10fcc75b72b8d2

SHA1
354d7d024fb339366e62c9a8038557f25d505cff

SHA256
f91b1380bfa129f7de900e502672db291b7ae3065e98ee3153dac275efdb6da0

SHA512
98f568e065bc7ea4a16a7617c279c22e5c7310561b79e911d3a9105a310418dd6570fd2aa036ad92809139e8ea3bf41be1823bee66189f951a384b091b043089

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb-journal

Filesize
12KB

MD5
23fcdda9b72cd9aeea4e98b9b459e4d2

SHA1
c3646a776579ecfe04d1fdf65fe53445ad3f1817

SHA256
ebb7201523a826ed4080352315fe4b076a13255441c7b60a6ad0db7b88272716

SHA512
2dd3d70672bdc9ec9110f6f25760d6551e1e373d08d8c20d0b3ef56ec4d3a27471ed9bdb5d0fe3261004022c3070b649ad655ee023a5abaa6cae0d89b51070b1

Download Submit
/data/data/ir.iut.moraba/databases/db_default_job_manager

Filesize
28KB

MD5
801ef0a9860f56f3fc6221997a05ec66

SHA1
53c5b821c6423665eedd3d7421d184f184e797ff

SHA256
013db358a05f3349339bea453490ced044457e045378982b0a2f973ca4a0aa2d

SHA512
2375cd4c4de178c68ba917dff6afb89bedb263dce81c29d8e1f6e1f849e0a74214e934dcee1a9a488de7e966c9cef1589ec77af6a40b40cd1a3f25760b55cca2

Download Submit
/data/data/ir.iut.moraba/databases/db_default_job_manager-journal

Filesize
12KB

MD5
70a433a0c1d25ff7f685a3a15c7f39ac

SHA1
e830ffc07b16d6b23729ad8bc2ac486ca40dd4cd

SHA256
7724ff9990907edc4d80e213132df869441779942d26765cb5076b9d17afd37a

SHA512
af38a627082791caa689df27755a5f35b16eca47549fc28b72380f259d42ac7af5c6bb96b0af2067f4fa6c94ec7b549eafadc73e88160d1a8317e3f6cdff9afe

Download Submit
/data/data/ir.iut.moraba/databases/db_default_job_manager-journal

Filesize
20KB

MD5
172ccf8a52aae8c5fd689b8c6f80eedd

SHA1
fdda0a0930d103f915ca3e51423635649b82543d

SHA256
376e861c8fb56bfefd5f0a0cb0ef59d99cfc5fb5a3929012e45878b6d5e1dc00

SHA512
56561dbc56076b0431c2ac5231759d6d56d7b997635be6b1db835cbae61cf67abccb64533f197f8dbfd74923dbf21895ff31e7cf29e31a617c2bc2695d4858a1

Download Submit
/data/data/ir.iut.moraba/databases/db_default_job_manager-journal

Filesize
20KB

MD5
75be7476d498aa027925b3008f82f992

SHA1
329f5c256f87258da73e445ca3d469653aae052d

SHA256
f9488f4bf674e90728eaf68b53720d80c62323704e6b1aaebc775a46b50f7899

SHA512
6010c8e8d8aca449ad0d59591a4774850a06ad81d84401f026ac2450f1701d344562a0007b49b4d7b68741d58443b422d7c15c3f272555b9f52ec408adcc3139

Download Submit
/data/data/ir.iut.moraba/databases/db_default_job_manager-journal

Filesize
512B

MD5
d336c02c69e285e74f0a46cb7ca3c3e0

SHA1
1b5250ae2d18a39b8dd2ca56e14e7e2e9c584958

SHA256
af80e7cdbbd50608e17225b1bc6388aff1e6aa8de7cc99032f93a45ec25ba890

SHA512
dd932b510bf0c5651302b71fee99376a6e39539b1670174a7a84dd191639c2140eded77034beac98abf980e8a83cc73403cbb6dd4f23e892841d7296d3a855cf

Download Submit
/data/data/ir.iut.moraba/databases/db_default_job_manager-journal

Filesize
8KB

MD5
bfa88f24dadcc7a0dcaf1ff3f436dc60

SHA1
002ac3c47ea84374ce4af4c528333692ef2a4dd2

SHA256
5f231108ea5446c5e8de180f35a003a4fb91f92ee3d35f1f94774a3a0683821a

SHA512
0067c1c7168555645aa622038ec8984862a44566d7a591e80417cf1cd57cfc15ecd7b0fccb975704152498d61d0e5dcdd5f6a01f7b79dca85c315d04f333d1ee

Download Submit
/data/data/ir.iut.moraba/databases/db_default_job_manager-journal

Filesize
8KB

MD5
c5f57582a4d6fa9d6242c19f3cad9b4c

SHA1
e9382297d11d66ecce60cf8625443a8f3afe7203

SHA256
b82070eddee6abdf4ad11a414bf52d29b16770adc2ab442c96f01a5bbcf77ebc

SHA512
9b1c9481593ad310f2d7e807dced810a3d59419461d39ab5b1d3845bd9c6522cd810b6e42e65f55cf18b50a23de0281f0c6ffefe83777d4a959420bc5b260ec8

Download Submit
/data/data/ir.iut.moraba/files/db.db

Filesize
179KB

MD5
f81ac1486079e47d6690d9ba9ae56f95

SHA1
31f20b027a77bb751d29382de19c68aa497356f8

SHA256
65a3e8d4142077b80aa203ef5028ed78c6d3ea10a25076f4f2376c62918422cd

SHA512
16c9086e9f0901f15987ce1257a81847cfb1172109aa4b488c8fd62959e2e44dd96eb9431bd1e7aee7c785c75467283f3a0d700c8ecd02b5a040373638084425

Download Submit