ce429f54e9f5753532cad2c609dc46975d0ca5ef792c496e37e3f626a014c7bd

Analysis

max time kernel
146s
max time network
162s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
06-09-2024 19:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d041d7a3bd37103a51faa8295dbf5986_JaffaCakes118.apk
Size

5.9MB
MD5

d041d7a3bd37103a51faa8295dbf5986
SHA1

f5f4e269a29c1cd2390d0f09b41cc5b0f880dbc2
SHA256

ce429f54e9f5753532cad2c609dc46975d0ca5ef792c496e37e3f626a014c7bd
SHA512

9c0df5551a6f70399f92104e7fa1c6bcfc5bcd12f499c2ace191ed9c4579baeee4ce6e0bd34ec9808c1aea470e6f42480ebf1eb507c48b5c43615f03b6112a61
SSDEEP

98304:5fsadOybik4gpS8U90VUJyr53bgOE25JAOPArfT6+F95UHmZkgK:MLaS8U9qUJyVgORbPgT6qKx

Score

8^/10

discovery evasion execution impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 3 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	com.br.pizzamaker:Metrica
/sbin/su	com.br.pizzamaker:Metrica
/system/bin/su	com.br.pizzamaker:Metrica

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.br.pizzamaker
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.br.pizzamaker:Metrica

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.br.pizzamaker

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Schedules tasks to execute at a specified time 1 TTPs 2 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	com.br.pizzamaker
Framework service call	android.app.job.IJobScheduler.schedule	com.br.pizzamaker:Metrica

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.br.pizzamaker:Metrica

com.br.pizzamaker
1⤵
- Queries information about running processes on the device
- Queries information about active data network
- Schedules tasks to execute at a specified time
PID:4465

com.br.pizzamaker:Metrica
1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4577

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.br.pizzamaker/files/ZPkFS.log

Filesize
36KB

MD5
f4999892dd69b426ee6320f1133cc09c

SHA1
0585b7efdd35da1ddd7fef0c069db1a12e003cba

SHA256
e4c0bc0032b1a7f771fc098dfd0643f2db0b7f502242ea1a9e4d9abdcc0f785c

SHA512
c20186e1ad2ec8ee778a78bd2b35a25bb15094f0114da871092602a1f1fb2a231d8814e43582a548660ca3609b0494b7fca25f099ded946133472d59285372a4

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/credentials.dat

Filesize
233B

MD5
a4312afca9d3576b63a8c6f4fe413fbb

SHA1
86b8c49b1119f273e270ca3d7a0ead07bc4ac6cd

SHA256
d20cd34b6ac01e4be0de8c107b82bbeb0ce4993e21309424b48c7ccc20bef9db

SHA512
2ac270fa28d957117608fae15c817060a1c5fbd4597d5184549d854b7766028bb6abc24592a10e538ba19afe071ac1680eb8c963570eb06419b20365a50e77fb

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker-journal

Filesize
512B

MD5
8490e863de87707a3d198519778c8467

SHA1
3b0a5a6cb31faf94eee9834cadae77055aaff283

SHA256
92e75d321b316b2963295c6d4193f883297ff433ed637238444040381483cafa

SHA512
64a4b99d7b76302a9120e6ff87b64955c1913ddabb5999dcbe9ad4e0de8e9e0ad8676318ac3aa50923ee25f5c0a58b1cf68692e636d4f9e4227dcde6e3fc0016

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker-journal

Filesize
8KB

MD5
8f187ab69de439a60c52d9ea3885eae3

SHA1
5d002b1f9f534d48260b536136ac305a1fb16829

SHA256
c12d616c357daab2747eb6254604ae3ef87988bf635422f3c11f8faf28c7588f

SHA512
3b875657a0011929924e663be3b269d140ad6e76dce8c4dfcc215eaa7387d18480f59ae2998f16e54c970e01f963eacc2a40b6ff5a7976e4aa0d2999e54ce598

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker-journal

Filesize
20KB

MD5
f9d5445bd6efb754f9c79cf180d1fdd8

SHA1
7441d3952d6a9e96def5d20c585654ff6ea606af

SHA256
86ddeba0c22cc4d95bbf529fcd9d99a7924634cee89700ea6f7be3b41b5db138

SHA512
dc1b6cead7659c6fb59dcf679c3a1527222586e95f51dd700cfdd419defb504403b6c13533bf9a81936cdf961742c56f4aa5d0ea41edf23203d8d90b22fe6eb7

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker-journal

Filesize
20KB

MD5
552b15ffe5b0a2b2c8e7132f5cddca84

SHA1
0777bf920ce0856df327fab151d8481bb9535126

SHA256
0b935dfa8345d55f3d21f4b85f1ffd003f1869e9d01454b06f8caf0de70f3922

SHA512
58d49d18022cbb24af952aa6d0680fd7f01c5b6be47985b393e62b96bba79f5b24e6f5575ec3690839cdf3f6c27925360cb66c38c9459160492063469fedc809

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker-journal

Filesize
12KB

MD5
21b9ca0d51ba3eab11ced2f678cb65a7

SHA1
b47f3abb66942262f090f2997285c7f4df02e9c2

SHA256
5f58d1e45984169042d321a61191c4a456f0b74ceb59041600f4cafb69ffa0d4

SHA512
1ecbc03a2f5967e9c60b727dfd21df12424c4b27296934db5a7ad8e0497d6679ee28de2ee89d589ac475cfb0ac610ef9f200bb60c4d2a21ca89b8f7921e56011

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker-journal

Filesize
12KB

MD5
47fcc5b2ee94855f199f418410222ba4

SHA1
e9c35416b4e26008e8c6b767426c102a6830dd86

SHA256
36dbb14e0aed57ed8ee536f6543214d164d4959e110d69b00ba3cc33998bc652

SHA512
6f9abe1b4e19760d7fc9f006c9652e4471de4afca94957eff24bb97456c07d5c86a352bd2ff1ee29fe6262bb5a88a6849ed6e0e8113ce1a3b783ce545ae713f2

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180

Filesize
36KB

MD5
ad579e7c48d6fe9f91ee05fedde84672

SHA1
277638b85abf0c09474678a95fc51203ad20c183

SHA256
d1479149d040b9513ccd0308fa08aabba0bbbaabb6dc3cb5af48691fa3b06979

SHA512
aefc5e037f9e80242c54ac84988744745f3c45c5e5aeacc61f356d6e0f492926f026e02f234ee6d6bfb656436ad38e4a37a869bcae719308003d7c3138f2f275

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
512B

MD5
686bb08f62806cb1d8fa85e125d344f0

SHA1
7844d0da58de1e9bbd66a3a590b6552e014b7512

SHA256
a94452cc72ab2af8f6762a3128307fe21caf286e91c7feff87296380ad4d5f89

SHA512
16fcd2b885d04169485f6a4795aa543454fba192bb380d41eaeea2a2a96465811ce1581e7fc16e02b2db67f5c488dc6cf2602618e32378f7d7a261a668803824

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
8KB

MD5
d18725887614a6d50fa570daa740e38a

SHA1
9365834a8b957feea7d6f9ed3917e45d1e771338

SHA256
8bdf6d02f47e150a5494c87af77f2d0e0677514665d95eef9063a63189918f89

SHA512
aa877cbe8c11d0b224d4316b11a646de801b3b9e753775e3acd554dd3b944b35baf25941bd40318d2ea277fcbd7769f5115fe8f43fcf368dc9825eb3bc066254

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
8KB

MD5
9aa73018faf77971c04d67f860a9143b

SHA1
0b0cc5463273020a988f2b862a4e648efbb8b0d2

SHA256
9e62c9e519773d5540571642a871a8330c613ebdc5e064de378921483780c2e9

SHA512
a2b2e813972f0f8f912a296104d810dcf15f6c10090dd6f6cb84b5442e2aca5db3fe2b496dc47c3f5a48c3360b9307e8fabc95cb223af2993baef8eaa020fba0

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
d3409dbceb6ca2313708aa465596388b

SHA1
c31abdaed14ac2856bb171f0bb7ebf3eb8c69d3e

SHA256
898d244a521b0f8078b3491d65ea330d55d16067f87185c82d9efc84eebd6dff

SHA512
c23b76869d1d523c4d103299a0a2bc70c247154e1752917628e1f714b2ca86b32b8ec16b64df7caa1667d081385fbfd2e831a70f333e250fb16ef0a213e2dd62

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
8KB

MD5
682ad02e51c3962cc81aa256c8786777

SHA1
7830c88982839c43677efcb01fe2eced6e7ca458

SHA256
f5a8790e721f562c7cc01bc6053cb36e53c7edbb6cd94a9dff8d1a38416350e8

SHA512
0c92b630ab003bbbf8c609e5801c0c92817ecd5f6de9a71c4d3951d3918b47fca4f1a3b3d671c2dc70db0bdcd79bf89bddb53c67dd3a0df7de207582c746d59e

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
01d3f111af4264abfb6213c1ce0df327

SHA1
ef22e3a56a38dc07455598604b6179d3be2dd3b6

SHA256
62c16737d0712c6fb33525e8523962e265c8938a7bb74c8105c95c42dcc5c583

SHA512
05ebe894207cd3e68d85bb34604b3727d6bb53dab11bb22bc458947f13d79bbf05f26820123e24218d61e66d79bfb8b783371ec4241f79911a81cdff2db3a231

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/metrica_client_data.db

Filesize
20KB

MD5
fccde4b4b2482302dc0c78ef9f5ec414

SHA1
9d235c82f23389d77598d126cd998eb56962778c

SHA256
82084062fb69d6eb2e6eb6108dba5db58a335d2cb465283071bad1ca3b888352

SHA512
7e87e97956e0e0c5a66d7641cc6bfceb801330c02d204f00da6f0809010e2f96629e3d6718911df70f1dab858ae559dc077bca2a7a64dfa6e7c2d5653dda607c

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/metrica_client_data.db

Filesize
20KB

MD5
157b6aa826f96b8754ce298ecabb85d5

SHA1
9e60044eb7f764ce7aa2badc67ca4ebc0adf89f7

SHA256
a82fdc9d74d2784d6bdb18d9e99f5bd67223fc6546e884d1f9ef5947728b60fa

SHA512
70261af2de4426d279669ec633e09eec0e0a418121a12cffd4ed1e5c78a6f148074dbaaab5d448e364c916213e22f6e8cdb00cb7f5766c4de2a15d48c9dfa9e4

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/metrica_client_data.db

Filesize
20KB

MD5
e5639b469346d3d19c79ae3bdc2f4a9a

SHA1
b4d9041b94176f65417e63e77f0f324b81e8dded

SHA256
cf283c9f2c282ef339f1ac0c4eae7d6f44f86bc1744cbf8a9b5703edc7368aaf

SHA512
273aa09cf7f4de26661bbedf2ecd180b5adb537022cd824d2185beaf7eb1784bd1ea1f1f22c01e4762729bdefeb81964f1a47f13e90b883beb27ce7c8d1f03b4

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/metrica_client_data.db

Filesize
20KB

MD5
7f1222c08008df7a4a6435eb136618e7

SHA1
39cd1599e90ab3e9edae6a46629476ad15b35cf7

SHA256
87b4d14db94b26f87a45eadf8a585bbb2e8e6fb1aba11a93e35cfec1f1c39575

SHA512
5771e6814d5270580b9bbe80ba2188b0d51f79a8b6086e92792115801c1d6add440d327578044a175a452cd519d63fa5420f1b7203849a174941b61c730fc6bb

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
5368d994ae21981092823d8590872fbd

SHA1
45034ec5a5790353d07cf4686bfe9b526520a2a1

SHA256
1c40d3312be637badf3d38b2e9249bdad3811eac3dddb4e4c2da75c4b731ff56

SHA512
7c698aa2e8df545511376cb118b76c2cb9ba6d52a3ce38914d1d5325956ba29f44a69ada6a1ae08a3118f719e3c2c333cbb6f40e149fa2928dd47d4282c7bc24

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/metrica_client_data.db-journal

Filesize
8KB

MD5
b1729fd84bcc4eee8aace433dd7ac9b1

SHA1
f819b14c20c5c809c89a29c5bf1bfd19b0c0e0f0

SHA256
378f8561e5db093ad818d77654d6c61a438c37181e6b278993f6163b9d4d0c55

SHA512
2c027cf316a3a6ccc83a0de5f22445f138ff71b5fec9b8e883834c65bf3aa10f27e9551378166efb68c5c5de734bfb9288e956464e6b244d932e6aa2a5b2b4cb

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/metrica_client_data.db-journal

Filesize
8KB

MD5
e2118fb484298e8aaa5d96ac62cecc4f

SHA1
9ca09084c8ca1f7fb113f1f51f4dbc6204566480

SHA256
83383d8a129b7d0e70f3c3503305f6487b83c4d3a268e599dd41b80525b4e032

SHA512
82baec8a35dcf4c6dd6e1d91c112efdf7df372c1c43150c5c15b8d802b89e89ddd38f44663f5af946a24dd0c2a0474bcdb64ac0d79e6fff6c98620c9cf607393

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
a28994d67a5b47c297ac9da01eb8c93f

SHA1
a7738a052963a3636163f1e02af68a3dc50298bd

SHA256
03910b94ae369e63cc9da2cf35111ee7d05d16af9ebff0f84769f4546433718e

SHA512
0bcab70acbda77cb21fa656d1a64b2e56592e769cc457296b1a3157b2ff3f175c3394af44812ac6fddaf0a2d8a10e687f0a39816f06ed2a9b684f4123c5e7401

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
d21de9175c8de6c226332d51978fc04b

SHA1
62af7df9e943511893be0fe48e44ecc02c8ebe31

SHA256
90cc95fcd54e36491fdae05226cd19cc644d63d66bf00898a05aeab2387c6265

SHA512
2d89197003cff273b4f78498c31688a59c0130a682fc85b267e1364f1f5019c87e8fd6908e660b854cbb4e49a4f282bbc226c9c5ca6101beebb4a9172e75146b

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
d63fe7ff8763f8b2bad80a0b7941cc0d

SHA1
516ef729f056a4f848693dc107493d4e5a6cf58a

SHA256
ab402dbc9bcfa82c58f7ffc16ebd0dbc66702641762b54b3220eb7c418a5208f

SHA512
fdc814dc4fbd0be6013af5d3ee8d883036e27efc9fe5d6e735a6cc4f2b302470cdc05b0ca9c67c2ab77a1c5f1b9dcde985a200751a9306c44d86a46b2e61c596

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/metrica_data.db

Filesize
44KB

MD5
3adcb1f18a67c0b244cf4df62781392d

SHA1
2b2b1bfd7193fd20bb70fef07f263cc40b83ec85

SHA256
d7d729ba986ecde1a2410e61b4845b9c3800432b7683532028e19f86934099ef

SHA512
21979b5d46755e98ee3a4dff6cb0de5acbbc01fd3880f2eef66ff0a7290684fb582d66694c6f4220ef34890e11c29ed3e732c64bcd978908ce5b25d415003d64

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads