6cc1445b5ac38d3089d71166b9de373013ba8aec1da9977b779535cd1846d301

Analysis

max time kernel
6s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
21-08-2024 15:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b418a20ab90b3cc2b2b2af0796cca72d_JaffaCakes118.apk
Size

9.2MB
MD5

b418a20ab90b3cc2b2b2af0796cca72d
SHA1

f4470d634188aaf77c9de4289518d0cfd57ff8d6
SHA256

6cc1445b5ac38d3089d71166b9de373013ba8aec1da9977b779535cd1846d301
SHA512

4ac6f7dc1efd2fb783041167fdd4fa44ab08024d969bf0e454a1b9928bc84e9143186942b5444cac3b358bd91fb79bf2e6f45781ae5f9030c5a3e810a56d2d34
SSDEEP

196608:jTKwgo6QnjgJVrVgeNBJhoXHst9pHxp4sa5dBLiDlUc:nHgo9jgJVOeNBJQUj4sW+p

Score

6^/10

discovery execution persistence

Malware Config

Signatures

Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

ir.iut.moraba

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo ir.iut.moraba
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

System Network Configuration Discovery
T1422

Processes:

ir.iut.moraba

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone ir.iut.moraba
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
execution persistence

Scheduled Task/Job
T1603

Processes:

ir.iut.moraba

description ioc process

Framework service call android.app.job.IJobScheduler.schedule ir.iut.moraba

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	ir.iut.moraba

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	ir.iut.moraba

description	ioc	process
Framework service call	android.app.job.IJobScheduler.schedule	ir.iut.moraba

ir.iut.moraba
1⤵
- Queries information about active data network
- Queries the mobile country code (MCC)
- Schedules tasks to execute at a specified time
PID:4501

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/ir.iut.moraba/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/32b143e9-85b1-4b1a-b9de-0f0c9613c596.jobs

Filesize
176B

MD5
f56f328eea1d5c96a1b96dbbf59488df

SHA1
440c784cacff61932e2f61580b7cfdc3a4943c95

SHA256
90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918

SHA512
36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb

Download Submit
/data/user/0/ir.iut.moraba/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/866fbdf4-3618-4102-b561-121f4b1fef34.jobs

Filesize
278B

MD5
a27dc5afb72316dcc6a0d85d36325f9f

SHA1
ec33f21d49075be59ad93bbcbedb8b164fae1767

SHA256
4ec27fe21d1dabcc3ebbd434318ebb4212ab6c5a617ad7ec56ed7b0ca4618ccd

SHA512
3bc57b3723c90c530fd38978e164984949583adf48e31d061a3ef3751ac8fc845e7c1441d80d93562de6e76ceb8d7d661b82dd81c22d31f3d682169957302a4e

Download Submit
/data/user/0/ir.iut.moraba/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/d2bbf4f7-560e-4b6d-beeb-34f405ae23f3.jobs

Filesize
179B

MD5
ac58f99a1b179d71e8621412ad31c6a1

SHA1
b51fdad95876f5615735c2ab411031ff67d5e946

SHA256
9537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb

SHA512
faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b

Download Submit
/data/user/0/ir.iut.moraba/databases/__pushe_base_lib_db

Filesize
24KB

MD5
5d6c7c2fcf8f8021cb7160ff0df4c59c

SHA1
fa614654c3188cff82ab4e542fa34e47e6faa89c

SHA256
05b7696715a01f9a443348c8f16b9ded18b6d1580ae14ec51939b82722339cee

SHA512
d4f8059ffe67ba2f8f54b0f9e24b42a4d272cf33b2738964d1d46c2f243be19ce56099059be0e1b315c5c3ff4ee6b24db08504d44c83e10bacdf0eff08b00d12

Download Submit
/data/user/0/ir.iut.moraba/databases/__pushe_base_lib_db-journal

Filesize
512B

MD5
d3f858f68f204b5132787579910abe59

SHA1
d5ff67700bcd08d25369d98605e0c272e2b21d95

SHA256
2466ec3b1a3a2366b17362716e44537417a507e52b77df722344a68a2e05e2b2

SHA512
b142b83ac2f5597dbb5372afed91387813e23b0ebf77a6081f049d35de3a7feb577169062a9a43137cc991b7b187803b2e2ad7633f4c7f8a6550b1dd422d0266

Download Submit
/data/user/0/ir.iut.moraba/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
20ae5feb299bdbdd0a981a18765e7436

SHA1
7990bd7ab708242779fbde8a1ba9e2bb4e00a3b9

SHA256
ed09b2f841e2c65a3425e12b90d934ebe2fcf90f58bc46a231589d64e68391fb

SHA512
2a079eecc5cf86fa63f234df2d6f09358c7c9d538be72df9ac197604ead0dbcc2084ddc8ff7832b91eded952a988848a29128fb7749cd33126939e15e2dbaa08

Download Submit
/data/user/0/ir.iut.moraba/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
f628ff284f348243afd2825eedce429f

SHA1
69b30bd17495116ccc363fb2e9705c7892f37cdf

SHA256
e4fd487c649a2448b66a17f889ce22e1f6a527fee6f3951897e8af19953fed38

SHA512
0fff3964808a8e719647e2109c64b3c13dd4055c3f5479529bf32351c6e739f61ef1fac2ba766e043b8f83e644f2aeab07a0c2331dda31793fe377dbaafe2e99

Download Submit
/data/user/0/ir.iut.moraba/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
577586d9449ac7b2ad7df8beab50fe6d

SHA1
8061eb70266517fa4be8ce36c573214d6b2945eb

SHA256
0dbe9a48e020ba6046799e142f649029de65fbe5d26aa1bf709570d181049b3a

SHA512
bb9c0af333df4c237017f190d16a50d145af469a965a684bb5f082f8ed1c738c4387055a5c33fbe4276edc2c5e2bd298bd1d5cb9b30071af0e814ba1ec3b5a17

Download Submit
/data/user/0/ir.iut.moraba/databases/cheshdb

Filesize
24KB

MD5
0660d3ef5f0245096a9fa0f61d6a8666

SHA1
282222362a5a05e3153b7f6b49ef35c667b19542

SHA256
1091580378b83e0ab3222d05659ab9aef1d2c65d766d5e04735b628d7a760ba2

SHA512
18bbe88051278314b76611bd68156ce60a9c3af3818d39991fa58d28bd9bcb8476eb00ef52ad8ae7d16c1d7ffcd9f2e8a858e2fd806ae59b5d85a8c3a9ca12a7

Download Submit
/data/user/0/ir.iut.moraba/databases/cheshdb

Filesize
20KB

MD5
11570301a605b0f4c7d3c591617fa5f2

SHA1
f6ee876e5e04ee25f3013f3f17b5987bcb6ed78f

SHA256
1e84056d3013d4cc13a23422333a21ab3db2ac787155eda9511f1a4263fc8ffa

SHA512
19a3da2daa8c4af64dc8ee46979b40672f912a296bd0a85335af2bb3e495b143d61676ae7ccc500b34bbabb73cb653922312c3d245f94ab02f286f6fcb085182

Download Submit
/data/user/0/ir.iut.moraba/databases/cheshdb

Filesize
20KB

MD5
7d211806be626f1068678ad7617ae509

SHA1
81ef5407caf9f90d3032beb7826a2b4295f8854e

SHA256
5f55983cae47667a384967e9e8c6c588104f4b5fdd9564271fd1fcd5bccfc2f2

SHA512
d0aeacabeaff9f3f83384f8a0542b639a350c3176c3a10cba224493124c7d6196aadb93f31401445941b6db72ff0d30674119e8511c3a11eedf7c8edea5da26d

Download Submit
/data/user/0/ir.iut.moraba/databases/cheshdb

Filesize
20KB

MD5
69721d631f7425d99cfc02b3b0e637cc

SHA1
f28724a4ea58d345b7bc8934e3a8b005b605db04

SHA256
ba97d4518e94e6ad1c9c0fb2ff63a0553325ff574d95969334ee42d58a389f5d

SHA512
502f136f30332e605d5e339c615c4770091c7f40f89b6bcf7ec4a5375b3368dcec2cbe8953d80faa369a7a45cab13094f111be29dc4a431e3c852b02d38c0e10

Download Submit
/data/user/0/ir.iut.moraba/databases/cheshdb-journal

Filesize
512B

MD5
af5f4469eea85b85d50753224e1afc4b

SHA1
9ac3c2a4c0d0204d13ea040fb8f03224d3b89b08

SHA256
0ee86683790499e92e8336a66304560f902874c56df77216c0b187134baef08f

SHA512
836c2b05686b47d740fb9feaa72e35cc570fb5d25f492f734501ad794fb302a2fb0da07a992b63cff012e417d3b385ddab288d9aa75014886e4e2e5ed23578b0

Download Submit
/data/user/0/ir.iut.moraba/databases/cheshdb-journal

Filesize
8KB

MD5
1325e386f6613660486592f3f9799db7

SHA1
5c94671a4cfd8a4e753b325b3100f55ee8eda9be

SHA256
2ba99ddcc2f5b702edbe4680dd77aa1c74dae98682a714b0eec861ddb90dcfda

SHA512
2506cef4f20eb3a868d15199c7305a383e83ebc54ffbe893abf64d1827cc8a26cd4103b5186d7a8cfd356404484c6b5fa6c86be228a66be994103e247989a791

Download Submit
/data/user/0/ir.iut.moraba/databases/cheshdb-journal

Filesize
8KB

MD5
11002052e5078a1bbfe7b325bb5e1cf0

SHA1
bb86b97419ac64fb78f84c122dfac78052c8cd35

SHA256
aec36e53d55afcf0b762ae936459eb2acca4d341c42efd08e4991573fc8de0b4

SHA512
cf41efcf8b8660e8a814f7af632375c1ea6d9789ffdbc5febadd1f7bdf9dc3d9734c63691c0dc9bb748045fd1a867df3647b1e6da5dd0c831a00386e92627bf5

Download Submit
/data/user/0/ir.iut.moraba/databases/cheshdb-journal

Filesize
8KB

MD5
7c2d54133b7f7425c3a2d0ff9871ba1e

SHA1
a91c8808c89c6bc4f01d9848267a1b05fcc83305

SHA256
3c2bdb1daeaa59edec436625142f655c8b62626590044c8c4b6dc74deb707b06

SHA512
83ad2576fcff6c55daa144e69095bd14e26c0244c0005815918cb5643df96747864901210940984eb39f9686a14e823ee33bc02d3df165d51e323264e20940e8

Download Submit
/data/user/0/ir.iut.moraba/databases/cheshdb-journal

Filesize
12KB

MD5
24ed6c508758905f4231eb55908d118c

SHA1
7a99a4f59d9fda2e5303adef29c143c7f2220edc

SHA256
c41540661611b3b6c786285a15af401af4bbc4a88db7e6f67aa6dc859c3e3ef1

SHA512
937b0c9c3f7046ec56439c8dacbd263a0e85358e6850cfc1b9958f5297d261bd1b796bd09a244ed21534cea978e97d9f77749a37fde4904eded15a844505b2a7

Download Submit
/data/user/0/ir.iut.moraba/databases/cheshdb-journal

Filesize
12KB

MD5
fc4aec26d0e9cc622e51f2a9c7701f0c

SHA1
0784e892531e78abb999c669eee84e7c724b5423

SHA256
2b95dbcdc2fdd1012a7138eb39a90d30186cd82cb47efad7fbdb57857a36df90

SHA512
26353a33e59924effbe361c25f3e61e96ea86d26a1d20ae80532a5b5dd9033f20f13f9e5db856e38962278cf70fa5100d91c1b15485f6a9c08cc1cf483b205ae

Download Submit
/data/user/0/ir.iut.moraba/databases/db_default_job_manager

Filesize
28KB

MD5
acbe6507c4ee08675128ae77ea493add

SHA1
d609289b26fabccb90251e86b7169271e7c5a3dd

SHA256
465e665486cab28a43fe488ed1747ec4e6a19d2aad178d6fc25a60e1831ac550

SHA512
8e9d736064b7b937a4e5e19ea8e73abe19e1f3abf70ae2f40b641545bdb08799e784bff3f6610af2ef471582591c0dd5ca1db16d4c2af685bea50927765a126e

Download Submit
/data/user/0/ir.iut.moraba/databases/db_default_job_manager-journal

Filesize
12KB

MD5
f66dc57ae9fb1ba7b324f4744d654dcd

SHA1
9a3512eb209a437c898a84cbf32ea839b8bd69eb

SHA256
8001d4a68bcd55772a26e361cb4b478f62b49fff71a9f9cbcf60248e09c2476f

SHA512
0f1baee044c774132f41789e6a534bd18a413a0aa75536e23efb2da40797e298af4c4602f7814d445fd8a5c18419f283810ce1e7f9baed7dc0e4aff13be521fc

Download Submit
/data/user/0/ir.iut.moraba/databases/db_default_job_manager-journal

Filesize
20KB

MD5
949666fce707dcbf19ff6378cac1a290

SHA1
43f32f34aa8b6e890839f9c838521d225387de2f

SHA256
028c12cfdffef145ab431a511bf224597d5aed80007276561e1fec864f7579bc

SHA512
7d6136dfeca9f1af5e2f945d92f166d6b4864bf311e220facc370824ab99f43433e3fbbdf49a264be80bfb32c2a385e24ba71376ac9f9fb14d753e2f37ef6f72

Download Submit
/data/user/0/ir.iut.moraba/databases/db_default_job_manager-journal

Filesize
20KB

MD5
00fb833bd5ce3aaa3f5fb194ba28887c

SHA1
1dd53f7aa3dbc0473f38c1f842f9dd8010890437

SHA256
c229512e3219928c76a11662d8963a129beec5ea310c901c913ad81cb4e5dd05

SHA512
7659434346a1d143ad77aee2942e76808fd2f3af55c68c02e433a575f5881769fe9d7eb1aa098578f1dd4ed6eecf5cb03defe6ed793e9ee34414f08b683dbec7

Download Submit
/data/user/0/ir.iut.moraba/databases/db_default_job_manager-journal

Filesize
512B

MD5
4a4b9c92c97af1905a1db466fd71f3cb

SHA1
2babc27f5703ad55808a968897613c8b5ab48282

SHA256
536ecffc33e7791d240ff3dbe74d549e7342a9365f3c799210e0eebf66c7725c

SHA512
79000daac02d47a21d95e964c48ef82079ef3a4d6a7625c62fc409513e8809bf6761fba3ff9cd69ebd99ea63379ad11d34233ed0cc011b265ecfa6c65e088328

Download Submit
/data/user/0/ir.iut.moraba/databases/db_default_job_manager-journal

Filesize
8KB

MD5
4d93927588293ccf8917906271ec7e75

SHA1
4fc9bcb24bda414bdac79c8b94c082421ccc7c49

SHA256
3b2d08f0241040ec2b14d43bc1d3c4e490dfa7cf22a1e15453f21c76c21a9271

SHA512
d5237e09764abf18054e6e1259547e5c105fc88e64df22fb90779177d9b8b077c6a6a785334cbb0d51d1f113fb65690d7261dc848f2c19f0d845537fe3553ab5

Download Submit
/data/user/0/ir.iut.moraba/databases/db_default_job_manager-journal

Filesize
8KB

MD5
b26d73e7e296142ba95d146c18ff6c1e

SHA1
a8d111ceaec206467cf590ef7bd7a91fd247a4ef

SHA256
47a519981750a6f0997a4dcce11defa6f23032e11c6448fad5b6a9af859892e4

SHA512
369755945d8ecc193ed85dadf0314389768f33a610b750f1d09124c9cf0961d37121c176cc1b9015928c8bfc3c9d10a1b131712b99c3c46aa124c8e703d5f3e4

Download Submit
/data/user/0/ir.iut.moraba/files/db.db

Filesize
179KB

MD5
f81ac1486079e47d6690d9ba9ae56f95

SHA1
31f20b027a77bb751d29382de19c68aa497356f8

SHA256
65a3e8d4142077b80aa203ef5028ed78c6d3ea10a25076f4f2376c62918422cd

SHA512
16c9086e9f0901f15987ce1257a81847cfb1172109aa4b488c8fd62959e2e44dd96eb9431bd1e7aee7c785c75467283f3a0d700c8ecd02b5a040373638084425

Download Submit