629ac13774ea6864e9c9927b8998b563cbdb31dd5704dbed6747503a8cdd916c

Analysis

max time kernel
119s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
11-09-2024 10:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

da3173009b85442122927b50567a2b3d_JaffaCakes118.apk
Size

4.8MB
MD5

da3173009b85442122927b50567a2b3d
SHA1

986c2b653926c542c2350ea9a13e297892752b53
SHA256

629ac13774ea6864e9c9927b8998b563cbdb31dd5704dbed6747503a8cdd916c
SHA512

6544e7f007e4953b0b009127796c2bc392b73ed23f17d58d8a4b0731d4c370c7df1125dd148356edb562e76464df383b3f48b363029505105a1af882a544b70f
SSDEEP

98304:g5YqfkQM/RgHjEyJvO0pMiLeNWQ0VNn020dd0JYu7F32otPs/9apLdnmgk:SfE5gAkvjmiqNJ2N0ty9F3nmApL8L

Score

7^/10

collection discovery evasion execution persistence

Malware Config

Signatures

Requests cell location 2 TTPs 1 IoCs

Uses Android APIs to to get current cell location.

collection discovery evasion

Location Tracking

T1430

Geofencing

T1627.001

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.alirezamaku.pizza

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.alirezamaku.pizza

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.alirezamaku.pizza

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.alirezamaku.pizza

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	com.alirezamaku.pizza

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.alirezamaku.pizza

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.alirezamaku.pizza

com.alirezamaku.pizza
1⤵
- Requests cell location
- Acquires the wake lock
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Checks CPU information
- Checks memory information
PID:4250

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Execution Guardrails

T1627

Geofencing

T1627.001

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Location Tracking

T1430

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Location Tracking

T1430

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.alirezamaku.pizza/databases/__pushe_base_lib_db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.alirezamaku.pizza/databases/__pushe_base_lib_db-journal

Filesize
512B

MD5
5991afbb2e726b7dfaaf523cada5ed9d

SHA1
c2cb46318170ef7086e0c0088f739911cdc7e8b6

SHA256
d3883a963a6f1098cdb45ff55780f8cae1b333224ef06fd9598dcd5c20bd6c69

SHA512
44b024778d84b6c79fb18547811518740b275ee6bb862c0d5445cd74d5b76d57f3ff04c3c83f35dbd693e9009b45b7397bcad436f57cb252654beefb57048427

Download Submit
/data/data/com.alirezamaku.pizza/databases/__pushe_base_lib_db-wal

Filesize
64KB

MD5
bbe31d2e2bf80460d008cad484d0ad4e

SHA1
5e514d72313b28a386b9c494288e053f25961d29

SHA256
48d25b0ecd96793c27ed70b64a3c47b0704a3938f0b009c6d0cfe1b4c72bfeec

SHA512
8491c2f9c9f3878723a83e6d1e4a9ecb60657a819b64a3ea7a40090d5a180fc3e3c79009b1a233eee11ae6f1105fbf29b1bd485421c6de5e9e82b98bf665f008

Download Submit
/data/data/com.alirezamaku.pizza/databases/evernote_jobs.db

Filesize
16KB

MD5
1bd03852f15b091bc193e613647c8bf8

SHA1
7daee3b955beaae4f294300be4b24540c6cb7544

SHA256
3500c9d642f604c2b53b5c0b284e545fd8d6dd76bdff48283eee72d016b1d6ec

SHA512
388711745d882bedc7df2e1c6faeb42bed8952478fe57edd82dc2902b2fa34e58d2f3ac136fffc42939529014c045ecef52683934c0e9aa6f9a9fd92c6366031

Download Submit
/data/data/com.alirezamaku.pizza/databases/evernote_jobs.db

Filesize
16KB

MD5
acb872318644b6545c419d76013cb091

SHA1
e7e7caead6ea23d86d04dc3fdc716e99a8d3ee47

SHA256
1d1641925d8c02f398c03b490df8c7257f89ef8b693bfe2c896ee060c52e1f71

SHA512
3bbb14e3ff72f795793511d8687ce46981bb1ec15145779f454be4ad192027c7553ed9d3c42e108c480d4e58383cab6601d6e168a3ba906efeca59e96231852d

Download Submit
/data/data/com.alirezamaku.pizza/databases/evernote_jobs.db

Filesize
16KB

MD5
06dec60b82d46246462d0d00e9f7fd26

SHA1
58d31f8a843df0f903d793a59166d9ff5d2b871f

SHA256
d1e01c8fff6912a658e7d0eaa0ac3b03bbf07315d3efdbe4d14ca69c7a08e75f

SHA512
878a4ae81569812c612f135b96cc04080c65194317d05c4eb1530f2cae8e70efef21d3f3c2e0d40c50bd82923f3e632f6a5ae604ac172fbe453fb863bd83ea56

Download Submit
/data/data/com.alirezamaku.pizza/databases/evernote_jobs.db

Filesize
16KB

MD5
978fdf85b8448e3a7c9015e51477eb49

SHA1
793bb88398dc9457935a4416638d5ed3974baf19

SHA256
8f72919eebbe45ed6d33b7b763d7e45d76a880128aee9aa5c29d28ab79689a92

SHA512
852b2d3e2607c96625e9bcd454c702ccec6a0f07aba3410976d6400ecd2d48ccc92d93c8ce7fcc87a622d04357bd6805a996f11d339ca7fc3eab99c0e991fe38

Download Submit
/data/data/com.alirezamaku.pizza/databases/evernote_jobs.db

Filesize
16KB

MD5
eb4f440ca35c9c78e69317a214189247

SHA1
ea30bcc2b681a034b863d392affe53023fd10f25

SHA256
ec6a9c1efd4e8f622133c06aadbac7a77ccdc82f1a26ceaaa4e224659694b318

SHA512
f9d4a5cc2e6c7799d3479f1ec46f6a8a2c22b79c50bcb532f29aac89e1f4033d29599221f963ffb3c80751bbb86d42d6e5cb932bd456d3eefe8ca2365c54421d

Download Submit
/data/data/com.alirezamaku.pizza/databases/evernote_jobs.db

Filesize
16KB

MD5
fd4bb60439f4f59a3385b7cb75757193

SHA1
1d802252fcca005779301776d2d569306dc77f4d

SHA256
20e3378eb2b80c486e36fe4feca597939d590030dc4432c02241379115b2ab38

SHA512
2dbe693d275d69a5cbf5cd77aed3519a09f4b7842fb3783f1a176909859b08d01bf2325062e9e253fd98692a49d02aa4ccba399025dc575c68af11fda719a334

Download Submit
/data/data/com.alirezamaku.pizza/databases/evernote_jobs.db-journal

Filesize
512B

MD5
1845faa41b938f11b3b43b7ad5406d14

SHA1
a93434661e29deca817d675958e71ccac922599a

SHA256
dca726be6540a498535acb50ed3cc9dd03f3caf1f16b2f4f5a7db6ca34b6e574

SHA512
43717aad4d608197ba1bb19c67d44624bba1a4a63d7e52881d4fee86d9ed84ade9effffa407948d70d60b0173a2fa6976820e5eb295ef98f035d7e8676ad68cc

Download Submit
/data/data/com.alirezamaku.pizza/databases/evernote_jobs.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.alirezamaku.pizza/databases/evernote_jobs.db-wal

Filesize
4KB

MD5
47b0666a64fa56d5490203a94a37559a

SHA1
d0903034eebf749d6726491fd4b60de52607fd9a

SHA256
745bc897ecc173826de9dfc6bbd59b045831e2f6e0d19285b19add82f06ef161

SHA512
9e2cf6d8d8cff9ab0fc480a93d10094eb7ed0baf2cc61f6854e35033f6e0b840b733985401d1af50aadd6237c45c6172a6d9341156a2b51bbcafc28c16146852

Download Submit
/data/data/com.alirezamaku.pizza/databases/evernote_jobs.db-wal

Filesize
4KB

MD5
d1098e752ee02b19c2649ba9351a2dbc

SHA1
ad3c34d5c83997b845257319b72ffb13cc7f1b64

SHA256
d562a102f9490a60ec1bfec1905078f72bd5c7c4bb8f2a2e46883b9271aab979

SHA512
9d0e5f5b59d534c4432eecc32ea17c12248a223f0d6de00eb2152385537d898f9c37b536676ad59d72f69b51cfd3c51a3efd1dc44143f6a80f78c00182fe672c

Download Submit
/data/data/com.alirezamaku.pizza/databases/evernote_jobs.db-wal

Filesize
4KB

MD5
7fb5e6bcf951d7e2d7f69eaf0788e2ca

SHA1
753a510d108fc61fc3b70a8cfa4129ade716b466

SHA256
9ef6f870b89d7a41c0df5b6e363d6dd268f9102712dac08f000454196988c21c

SHA512
31c5efe2d8135292b94867666bf64dcb28e14e3e4fb3e8cdffa4cd631196f363d9ba9d5672671a1cee544f34579e0429393a29ab0c0592ab51feb24a4cde1486

Download Submit
/data/data/com.alirezamaku.pizza/databases/evernote_jobs.db-wal

Filesize
4KB

MD5
97f8be1dbd677b67a1d7d16b48558c0e

SHA1
888740c00f4b226f5ff0cded3b8916e85439ca73

SHA256
ebbb0fe0ff1613aa0e18d59b3a92a6a4bf4ca66a74756ac15951f740f2a3e923

SHA512
abbc139fdac876fd3e5a50562beb71bf1ad86c7ad15876a341689d49e2c1fbb11cff468caa547cea8d3d49a789aa750112373e4025e36f5bb87febddcafbf413

Download Submit
/data/data/com.alirezamaku.pizza/databases/evernote_jobs.db-wal

Filesize
28KB

MD5
881283cf290edc37cb1c79df6ab5ec27

SHA1
b944f841027bcd273e8b74390dc0aff50cf852f2

SHA256
7d22732e288e67beb99c1501fe54b36367049f55b66bb940e51de50496efad1c

SHA512
033f9a07f6db9f292f47113a1e022a81c52a5e500a03239b5a6571a6d167f092d2ef793d0c8533e6b094422ec49c5247f20d750b7f3d218ac3ba174f283adcd9

Download Submit
/data/data/com.alirezamaku.pizza/databases/evernote_jobs.db-wal

Filesize
4KB

MD5
4d4ad7f6697dc865b4f7a9b90172a8dd

SHA1
cb4416f249f361c290aebfb53b456fdc772c9d63

SHA256
ec0d69c6e690c677f4f13f85c53add8a3731dc2a62a3430ae622781cca221949

SHA512
73c15700e38ac06b77447afeeab0a5282c72b2ee572a1bf30ee7cbd7a307a3a7a4b4c9689294ec68edae5e24cbc080d114f643028c9693b2141aedad49b8fee1

Download Submit
/data/data/com.alirezamaku.pizza/files/unsent_requests

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads