ce429f54e9f5753532cad2c609dc46975d0ca5ef792c496e37e3f626a014c7bd

Analysis

max time kernel
146s
max time network
162s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
06-09-2024 19:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d041d7a3bd37103a51faa8295dbf5986_JaffaCakes118.apk
Size

5.9MB
MD5

d041d7a3bd37103a51faa8295dbf5986
SHA1

f5f4e269a29c1cd2390d0f09b41cc5b0f880dbc2
SHA256

ce429f54e9f5753532cad2c609dc46975d0ca5ef792c496e37e3f626a014c7bd
SHA512

9c0df5551a6f70399f92104e7fa1c6bcfc5bcd12f499c2ace191ed9c4579baeee4ce6e0bd34ec9808c1aea470e6f42480ebf1eb507c48b5c43615f03b6112a61
SSDEEP

98304:5fsadOybik4gpS8U90VUJyr53bgOE25JAOPArfT6+F95UHmZkgK:MLaS8U9qUJyVgORbPgT6qKx

Score

8^/10

discovery evasion execution impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	com.br.pizzamaker:Metrica
/sbin/su	com.br.pizzamaker:Metrica

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.br.pizzamaker
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.br.pizzamaker:Metrica

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.br.pizzamaker

Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.br.pizzamaker
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.br.pizzamaker:Metrica

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.br.pizzamaker

Schedules tasks to execute at a specified time 1 TTPs 2 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	com.br.pizzamaker
Framework service call	android.app.job.IJobScheduler.schedule	com.br.pizzamaker:Metrica

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.br.pizzamaker
Framework API call	javax.crypto.Cipher.doFinal	com.br.pizzamaker:Metrica

com.br.pizzamaker
1⤵
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:5115

com.br.pizzamaker:Metrica
1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:5221

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.br.pizzamaker/files/ZPkFS.log

Filesize
12KB

MD5
5968518fe6389c861301ad617723924d

SHA1
a0a1127aabe279921c735f00ca1303e6fbf2df9b

SHA256
a913f052eebc817fa8de8edd3921da778b4bb778c43c705e2dafcbad5b22a286

SHA512
326a7096a17819be1ec5046b0fe5960db04a22e65e79b83d91626c0ab0513aeb8e012ac50480c02dbf7fe25e52fe1db07c0ecfba86e62cf75400ac76420dd354

Download Submit
/data/data/com.br.pizzamaker/no_backup/credentials.dat

Filesize
233B

MD5
de4115aa2b5d00a2ae7ef363262225d1

SHA1
d734512c95579e935caa941f528c7acc1d65ed1c

SHA256
6fc44a05b7a71a8b5029b6ee71fd1acfa04730c3b92809df5cc1a502009318f7

SHA512
78ce5763ca4cf55a15ee1e7ed0e72b4897eb839d6e1d798e01fc3667f0b103b22f9c24942f98714b37d708996016dd90a5d3f0ed9de573da29d6b170c27923e0

Download Submit
/data/data/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker

Filesize
36KB

MD5
ee28e8688a73e86bbe040f83e4255a2a

SHA1
873275a83e9168540e1d387770115d11c5db4406

SHA256
d7c6ae4181c11b8728f596e7310bb45e964efeda3e7170633831cdee2118c73f

SHA512
82794d83ecf5a654fdbb9fdea55325e88e949567b1123b6b437f63b8d111210d9df091d62cfb19d0bddf7739995bbd0abf59441472902eca7400a948e1ee3718

Download Submit
/data/data/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker-journal

Filesize
20KB

MD5
05edde96cd42611ae16d2a62482a5545

SHA1
76f1bca2cea241b5689651f66592f8544f312b3a

SHA256
946949b9fa5f9dd6758574bc9ac193a1c78fe7229d1dfa61bb5e541e5152081f

SHA512
32b95ca7c2139b9e5eb98451f96d44320dcdb1097855ebc135e20bcb03963e8a83eda46ca6ac58b49a30152d26cd30b5126912d2d71e35b78c4391a99be40fd3

Download Submit
/data/data/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker-journal

Filesize
8KB

MD5
9fceb2cf82b404c58a7b3bb16f673548

SHA1
796378834f4b249725c65bcbc0f67550b8eaf09c

SHA256
ae31c2461817a2ef0ad6b7048b2297a1ae3d6259479e4f8f9ab4e51e948765e7

SHA512
1517f5ec33ab9fc5e60c1e3f493d53964f989d9418891594dc3d71a8d7f92230357786f765955f6ba07f26d42e168ab2847f2fda500b6cecfa767b63c230488f

Download Submit
/data/data/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker-journal

Filesize
8KB

MD5
13fabd809371ab519cf0106fa08ff56d

SHA1
f1b3b26d66e12ae4d4171a8165b320d7711b43cf

SHA256
6df51c089bcf9dc2d02fbda5d97e2e61fed9685d3cc471afcfdefe73f0046e1a

SHA512
bbee2b18c8399669197c458706959886fe1cfd7d2820629c46c195f8b4d50ae3f3a7946ee58d0fab2265b95b5be19de3aaa43dcfcb10c2abae70a0e4a7819d97

Download Submit
/data/data/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker-journal

Filesize
12KB

MD5
df7674c0238a8ebbb8cd0f8c4180d4a5

SHA1
6ab9b60690438c0505d1d5ee0450f8e5bee44107

SHA256
27fb3c343f5abb215a7d376b14b16a9d54fa1d94a29619d0d349ca52266eb803

SHA512
fb114f4654050988131d2b58f8f6eaf0e0382e431762be9f959d64785acc3dd09c0df4846286feed15ede411122798ecf706e9fe77a1df8ac5c7d9a91564b37c

Download Submit
/data/data/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker-journal

Filesize
12KB

MD5
2e27b7e985075b1174c359d5d2207374

SHA1
e846ff32a23a36837f293f54606c4c9d7e4ecd15

SHA256
9cf83100427c9b78267a0405f36a1c4f36265e8b46d8e11ba7c092f78b4dcd35

SHA512
4180e58d6fd4148fee4ffb13050a5f4295120532e18c32cd52f03f8e2a49180ae013a9286358b4408be34a014417b76a6b4027579480cdda7fe42f84ec1fc25b

Download Submit
/data/data/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker-journal

Filesize
12KB

MD5
e56f2ae6a03cc0bf972cfe5f83aba5b0

SHA1
ffed24e3d87fc321b1ac185215c10fd0cd3f58c9

SHA256
9108cf78482e97606ec90e544a8c296dfb74d304a53c2f683e4c9013f2a7f1c7

SHA512
691719be99454c8ab158b05a4e414aab3442534eab307ce0f15702cd25ff9ccb067384e79bbe4f4403f7e4ec6506523f1c906374fd60f57daa92ce82b7386567

Download Submit
/data/data/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180

Filesize
36KB

MD5
f6e495c7a239b65235d361c86d009cab

SHA1
5d833f59100d17da8a875a8d1f56a48503245e7f

SHA256
8b2cb40582a36d5f042116e3ec4ae8219afb050c103923edf06ed971bf452641

SHA512
768c40ec362817ee8883d81af6d7e84aacec0ba7d655fc927edf21aa072ea94bdd1809c2a8e01fc3d28142a73df8db27eea493a3aff93ffb5066601c152b89a1

Download Submit
/data/data/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
512B

MD5
3881777d159c43e65acf5d3b0a0162df

SHA1
e3f0ac23830e1db42b5ff9de938db00d2894014e

SHA256
ac734804060fda600c8a1c6dc17e9c88a3e991ea3b1e56cb2eeb207f38e5fec3

SHA512
d086f8658872ea82d8eb981b5bdaf9a4f2135336898daab3cc193f4b0e2cef763db349b621f9225ac9c6374a66b2dba171087687ee905c99b77e9fdcb38d6d7d

Download Submit
/data/data/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
8KB

MD5
0e97d7736e747d06e605b43e12a99dec

SHA1
0bad9c46851b554c3d70350c4d986f91fdc5b1fd

SHA256
127284d66e585a27e428fe14dd5d7690219349060cc538751b64bd83718aff9f

SHA512
b624af2d719840816e0ab4d8f3811c1a72c1f1b850951195af15496654e8b19de52e5194e038875e57b76b801ac0009fd25f59eeed03444e1d6927f235e054ad

Download Submit
/data/data/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
8KB

MD5
3e3948b2e6325396e9d57ae4ddd5bd3a

SHA1
1c4e71bdb6d27a10080523955f12fe6cbfbdd3a8

SHA256
8a38cf37599e0f15723996301b32fc6b37f0cdbc426f3cb1553bf0cef1e1d604

SHA512
c929e6f5d3e7c75bd35fddf87129aa9e256e18e83c1a19177a0662d4b1fb492bf1001697b6a40484e665292f8f30f1411589f1692a3e17219fd16453ca2ce987

Download Submit
/data/data/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
cb00a9afb967e05f8db5b95dfb60bc88

SHA1
dcc033793768854e06684847a0cd08baa8989f89

SHA256
1a94aa86a40117afe4f4c69cc3f3663e57fc8822d1e44e234acd6eba791d1de8

SHA512
ae0930eb6084ae93f238c2713cc1ed555200414eb4bd1396bd1e9c38e4494bea43dcf1c007c0ebc32f91d1e127f93b33631e0c0f5d34c8c00893151583a2fb5c

Download Submit
/data/data/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
380423b9b7cabfa575bd327e7fb25908

SHA1
ff0384794e2c3ee77dc9e391bfec283e9c6fd293

SHA256
72fa4b2ceb757f7777eba0e69727e295f95a6802fcdbe1da8909a73e5b9480aa

SHA512
bc7cde3da6801c62feab1b21c8519a001d823057e45100f9b819a3a8d42194fe36dfe17335122d4482fc23dcf4a08d03c64c0a74a7a1ea20f787e441495bc007

Download Submit
/data/data/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
6b4f25aaca626dea091056bd04d95aa4

SHA1
5b979277d463f13c538d48afdc9b7ab6fee4a79a

SHA256
10ca3ff408d470341bccf5eba2d3a4df8f09c27da6e4436eca4c4f629b7d3037

SHA512
8f8db24fee675207c9a2d0f79373a97e23d353b2387ae70631bfc82331a0fcd19fd025131a4b75544d884436c8ed7eec9e8a4410a087b4e623fdc29940515cfe

Download Submit
/data/data/com.br.pizzamaker/no_backup/metrica_client_data.db

Filesize
20KB

MD5
1dbcff952d120d8810e7c3dad3e42c37

SHA1
aaab8689401bc51c9f7031991cbfbc1b920b232a

SHA256
883cee066da1241cdba3e61e559a0122979976d1a913147ee14f5fbe3d96d04d

SHA512
552f6700afdfe587beeaecd08ec1a4076ae997db50d971987378d150aff7b9df9a27a273790b62215bbbc0b67598ac940de902e5a655f2754af238154a6b0e7d

Download Submit
/data/data/com.br.pizzamaker/no_backup/metrica_client_data.db

Filesize
20KB

MD5
484df068dc370197c0e37af4f433f772

SHA1
5d071329bf5182e60b2d268adca542901d492001

SHA256
3ebaaa9fc7a9245b413f62f91d9e689d468456dd4b6ce2408bcd2003cbdbfbd0

SHA512
587e7b68f2c167d39dd50744f2892a461a67cb073e8cf9f6eb2ab752e07841440dbe212af32958248d15af5d4001e7fa12f86cad62578ef31999355a86c3b0b5

Download Submit
/data/data/com.br.pizzamaker/no_backup/metrica_client_data.db

Filesize
20KB

MD5
ea9c2dc01d788f2ed7ad6a455e32335a

SHA1
3da6ee06226734e9a402c3ef2b542af3b509b6af

SHA256
ddcb0e1970efc2dcb42a4dd328ef8c10f3512b39a47277d5b075fd3b92dfc3a7

SHA512
5b834f25f6f8afea98eec78cf8e148671ceca48aee8019e09308389c1f336e47e55666fedf66e09c97e827c375ade0fad635b98686ebd2f72240108670d25e76

Download Submit
/data/data/com.br.pizzamaker/no_backup/metrica_client_data.db-journal

Filesize
8KB

MD5
ebc5f94004124ab7277ad71995ca0255

SHA1
1d2a286ecc5ddbfae73df5ac94f7c362aaf53c08

SHA256
82be9a8e1d32d05dd3e3543af425507abe27d54d7016a6c9bb1e73de01fd4cba

SHA512
2d1e6a921daae6b9daa9733393ab3a3b8f5bab688cff13a34cca82df0542a8c5300535bcdf013edb333ce35407af6876c4202e6d71445c82bca6b20b076c89ec

Download Submit
/data/data/com.br.pizzamaker/no_backup/metrica_client_data.db-journal

Filesize
8KB

MD5
12aa3c3b34cbfefaea7ab8149ed6b6eb

SHA1
451dd44bd9d4d3238c83e2c5891d750cdfb4818e

SHA256
220ec16d4ae0a3e03f1ade910e9dde678ecb91cd76f3d78ecce845744fd980d5

SHA512
6557d75238e1e2689072e28b84145ca151c59270de28b845acd18e5c58c72561abf5862143f79db9065760d2a74d73957b5e3e80bb68a0ac0682863758644314

Download Submit
/data/data/com.br.pizzamaker/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
6ffb1c503364e61cd9fd764117f2043c

SHA1
0150cdcfa3a0f7786edb5ea9aafd3f358963c9fe

SHA256
d3dd8d57a90b403c4c23e503d7fca018dfd9f431d08596a32dfbdf8776ab2e72

SHA512
a145738034f686397e7975cd0379dca977ca247e2d70bc58aad684ddfe35f6f793bfc08a72d57a7a677d4d3d43ca34429aa13e112871e4345a0ba52ab9d570b0

Download Submit
/data/data/com.br.pizzamaker/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
ed10c77f9be2847f070a49050c092927

SHA1
0cd37a42126f77e18341143db9ec3d342a746d39

SHA256
85e877a9a5e4fe898e4b4adc519cd652a91519c017649a4ba80788ac7c470587

SHA512
a81b3e9a2bc759df228b3387601a2e9946e9185cee1cfbf85084b6a52f0e9c9900690ed3d0b4bad6145fa0696d44329a5daf05990293df0f311e725a623b67c0

Download Submit
/data/data/com.br.pizzamaker/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
c7b30f3dc16450ed5eb5ccabcd9d4f79

SHA1
9ff7e9d97cafdf1534df759bdddd4c919105693f

SHA256
84aa95135c7cc49ea0c729498cbdfd8aacbef425114019f97c72d2e68da187b5

SHA512
72acb69b56be27df0b052d57c1cfc06ab875bd5241f6b52119860856458cee9e68a5c8cb33c2f6f153f14af3bb7f78255b6dde13e46a9736e888af0b91d9d518

Download Submit
/data/data/com.br.pizzamaker/no_backup/metrica_data.db

Filesize
44KB

MD5
e3e090c8defb03ed1180709f399c3f42

SHA1
48814c21d3f400efb1319c9b950559e05bb0114d

SHA256
5148cfd784cb5a6ba0729719eef550f8c728737e2361bab778be82e4b66d61d9

SHA512
1750e3768b77673eaef43353e13fd0992c3b14a5e0935fcce506e92a068b6d8644edbd495034310a607ff117ca880937be6407b751bf9974cfd5926e14967bf4

Download Submit
/data/data/com.br.pizzamaker/no_backup/metrica_data.db-journal

Filesize
20KB

MD5
8417c8e98338bda32021fd35fd5431cc

SHA1
8052bd7ca2449d1d0c33cda11e318eea4504f60b

SHA256
611541ab2849eeb963e0d0708df8381c7a9802c1218ceec3f986ab7b6a69c765

SHA512
8975657d99586771dca6e2fbbe183d1b3e789dea99e8e40274ff747eb488e261ab60b97dbfda9c1ec8bbb23191d5698bd4943203766a21c2ea9941e4d058f714

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads