Analysis

  • max time kernel
    4s
  • max time network
    161s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    23-08-2024 21:32

General

  • Target

    bd3bc11db46364f4c652119750137982_JaffaCakes118.apk

  • Size

    4.2MB

  • MD5

    bd3bc11db46364f4c652119750137982

  • SHA1

    460db596ca3e5a164d9b1a117d96773e06d00d9c

  • SHA256

    39aea88a014e0aaf2b1ab24a4eec733f635b33d35db363daf0813750480407bd

  • SHA512

    0cfbcb894e2a259490711f39e89b3ef9f96ed1201113526149f00c892402eee83ad76d7543a78ebf77bb294ae84d0f8ce4ba32880118e4b86aa289d8057068e7

  • SSDEEP

    98304:zU2nTfAEwzbJ4NAkmNf/By/b9GQyd74FVqoxJ2BO:zU2nzA34NU9/EpJC4FV3J2BO

Malware Config

Signatures

  • Queries information about active data network 1 TTPs 1 IoCs
  • Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

Processes

  • ir.rosan_iran2016.torshi
    1⤵
    • Queries information about active data network
    • Schedules tasks to execute at a specified time
    PID:4515

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/ir.rosan_iran2016.torshi/databases/__pushe_base_lib_db

    Filesize

    24KB

    MD5

    2cdf77d5c14dd3f313b60c691579a0b9

    SHA1

    6a74a7a3170cabead82152871c90749afdd6f310

    SHA256

    55ba022e5aa9eb87c256026289112e4c0531a41d0d56380fcf845de71ff99ca0

    SHA512

    eaf21f0acf8b98ac8bf4bce81e66a07d6a501483b141bfb7a2ef476a8dc9927ccd39971f4e0d1f7969576dbf7abb7befb3bec04e40c5a9b28fa7a2f15ae7a98c

  • /data/user/0/ir.rosan_iran2016.torshi/databases/__pushe_base_lib_db-journal

    Filesize

    8KB

    MD5

    c6d385e052638bcfe6773cd4837b0e81

    SHA1

    5dd04ab7a5bcb711fbabb062d862a1b9796f3e9b

    SHA256

    7ad9a681e6a4052cef9264ba696c0d6542b7c7e4a4f8ed295a9b6f5970bbf3eb

    SHA512

    1f8f1d26372680e051946beb5e002c10c4abb6bc8551ed3e97027879e06675b175d7d4601b0d21d470b437ef8847776e150e6d89c9a63f8076fa3dd337b4cfee

  • /data/user/0/ir.rosan_iran2016.torshi/databases/__pushe_base_lib_db-journal

    Filesize

    8KB

    MD5

    5f7a540d6e5a02a1189601217aeef9e1

    SHA1

    50a1a024ff1f1946519e022587f572700a52273f

    SHA256

    65b913d56d687f4a85ef74d61ecc2554ddf37b86fa60df227da66ff2a376ba0f

    SHA512

    b6a3e5fdb6dd5ac2b22aba308c32967e3de2079871b13e49f423716b0d16f8202955252d0332fc5adf4669a6ad5b4db5e55ca95c72119ca3297d767f2de345a8

  • /data/user/0/ir.rosan_iran2016.torshi/databases/__pushe_base_lib_db-journal

    Filesize

    512B

    MD5

    630b2ffa0faa6da9d8acc5040c214093

    SHA1

    2cacadbb63877eea505e2137ae273ac5ec1f4b5a

    SHA256

    8311ae74633e37c0b8ee5beb21d7963607ac30d56c22c9151e404547d8a26550

    SHA512

    2bd9aca42269658a58b705d34df674c74e7edf5ef2153bf67cbc5282e4b67a28f16ccd5a76eca1b91498d132c817d46404c5bf6fc4c33b57096dcf27971aae31

  • /data/user/0/ir.rosan_iran2016.torshi/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    47080e3bfcf2db9b8620f2faf6c5857a

    SHA1

    6f63c1851255e0fa99567f047382074b086d38bc

    SHA256

    dc4f8a73f49d2a6b41ff425fd08b85c1eba5280c438a1a1ff9832e91dfa56cbb

    SHA512

    e757043d82798926a5ddd716457accf6616894ad1ad79ec832293a1f662910b663239f899bf05a5c8d90fed5bcb093c5529e5bc842fe9003c1d5902f9ed84473

  • /data/user/0/ir.rosan_iran2016.torshi/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    c5c75c2792823b240f73323e2cd9eec8

    SHA1

    ee47ff5673955d0c8772525a1b3355fcf7284d6c

    SHA256

    be78024045e5caae2071b140868f3a3353a712a55aa80b9705aa08a5700fbe72

    SHA512

    0b424a67853bfc10784cf89df256e0ee59ed0d716a8c098854484cf192cdd3aa15f586adf03f7478db350dad75f890e20ccf2e35696634f5fbbcc2d26f43cb99

  • /data/user/0/ir.rosan_iran2016.torshi/databases/evernote_jobs.db-journal

    Filesize

    512B

    MD5

    bd8242b3a2bc250551657f6590e03270

    SHA1

    d2a34805e817a1d943f319361c8e4f4d21e406e8

    SHA256

    ae9176f9d585f94f0d1c1e5cbbdc279710268da2abe4dcfea634fbc98c631c79

    SHA512

    48c5ccf91b534633508361fdc478e9f4583d55119f22b59e8655b61300b4cd5bac98c2c9f4e7a1a2ca1ec40387c1a2f4e733bb5f00d49ba8831406d5e06fa6a5

  • /data/user/0/ir.rosan_iran2016.torshi/databases/evernote_jobs.db-journal

    Filesize

    8KB

    MD5

    ce572b0504a30a7ce3939cd5b111cf2c

    SHA1

    6b2a5d820defe08929995a0cdcc7e15383ab95dc

    SHA256

    7b79bb1bfdeeaee3edb5b5ffb33ab3894368b96d3f82d6364aeabe1bd6650a53

    SHA512

    1ca92273f3ac4b169683cd4c7f7ba4f61ef4fcc9c7165a307b707213eeec1c27ecb46848b2660701de22164d680a7655e131c96a065c97491d47216258ebbb52

  • /data/user/0/ir.rosan_iran2016.torshi/databases/evernote_jobs.db-journal

    Filesize

    8KB

    MD5

    77e2dba79740998bed05cf39cc8e6560

    SHA1

    6a0e09fb6a8262b7308b7ea248b5489beb2769a9

    SHA256

    fc9770f3d16b123fe5065c09871530172f8f6b61f5fa2b5bfaa1560929c7e736

    SHA512

    fde500032e7f871d4b00d1f71d3719e17635476e2df596ccf6265ac5760f26141f945a49093e89d2f46dd35db3aa21dcb2475045a0c6c288b4a8616cbb07ecfa

  • /data/user/0/ir.rosan_iran2016.torshi/databases/evernote_jobs.db-journal

    Filesize

    8KB

    MD5

    0109c47df7e78f57e7dd59b525372894

    SHA1

    1819d6ee892c8f843c2af6cc8653387b3d344e7c

    SHA256

    86ff8929319f24704e64d62d97b4d126053a3349ec40c3d2e3ebe77723868a13

    SHA512

    598a75f6fb145e12fc1fe8df18bf7fe5172b31bd086dcb814eb611b67e4e99021472f36f8fb9945a1079da09c0f4f7dfa89e4d4309468096d072aa0f66355edc

  • /data/user/0/ir.rosan_iran2016.torshi/files/4_5942895236148625435.db

    Filesize

    299KB

    MD5

    a19c2ee959de591882abee257ee26220

    SHA1

    8fad45232d955a6f33ee61dfafa3479439e9aa95

    SHA256

    59923c6db0056021b64d30de21dcb397e00eea13b152e23b18d8dee365f9d5d0

    SHA512

    ff1a2704d225452873abc5b4a1945a860fb56bbec4d1b17fd1178058a78a9be3647e3aae92cd412985b2703ecf3a2db7240601a7890e217e063c00200bd45d44

  • /data/user/0/ir.rosan_iran2016.torshi/files/unsent_requests

    Filesize

    58B

    MD5

    0d210bfb2a0e1f1b4c082a6a0f79de07

    SHA1

    bb8ed9e364db79d1d9f2fcde3f15091893222faa

    SHA256

    988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

    SHA512

    536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1