629ac13774ea6864e9c9927b8998b563cbdb31dd5704dbed6747503a8cdd916c

Analysis

max time kernel
133s
max time network
141s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
11-09-2024 10:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

da3173009b85442122927b50567a2b3d_JaffaCakes118.apk
Size

4.8MB
MD5

da3173009b85442122927b50567a2b3d
SHA1

986c2b653926c542c2350ea9a13e297892752b53
SHA256

629ac13774ea6864e9c9927b8998b563cbdb31dd5704dbed6747503a8cdd916c
SHA512

6544e7f007e4953b0b009127796c2bc392b73ed23f17d58d8a4b0731d4c370c7df1125dd148356edb562e76464df383b3f48b363029505105a1af882a544b70f
SSDEEP

98304:g5YqfkQM/RgHjEyJvO0pMiLeNWQ0VNn020dd0JYu7F32otPs/9apLdnmgk:SfE5gAkvjmiqNJ2N0ty9F3nmApL8L

Score

7^/10

collection credential_access discovery evasion execution impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.alirezamaku.pizza

Requests cell location 2 TTPs 1 IoCs

Uses Android APIs to to get current cell location.

collection discovery evasion

Location Tracking

T1430

Geofencing

T1627.001

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.alirezamaku.pizza

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.alirezamaku.pizza

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	com.alirezamaku.pizza

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.alirezamaku.pizza

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.alirezamaku.pizza

com.alirezamaku.pizza
1⤵
- Obtains sensitive information copied to the device clipboard
- Requests cell location
- Acquires the wake lock
- Schedules tasks to execute at a specified time
- Checks CPU information
- Checks memory information
PID:4497

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Execution Guardrails

T1627

Geofencing

T1627.001

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

Location Tracking

T1430

System Information Discovery

T1426

Lateral Movement

Collection

Clipboard Data

T1414

Location Tracking

T1430

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.alirezamaku.pizza/databases/__pushe_base_lib_db

Filesize
24KB

MD5
362bc161e99341e069de34ce8bb7b945

SHA1
9c3e173a3e40440bac2f3dbee87628f4b0fab5fa

SHA256
9d7d9d0399c23482f5c304f044ac2c63124e85442765f6cd2a054679b69ecd6d

SHA512
0c4840aafe8f084c3c0ba94ab8934b1b2b15e31b7275cd237aeb3438d1929ac9a79f9a4422c5b8639ddb159876d40d950a27fc2e71be6266d6e921782d5ed706

Download Submit
/data/user/0/com.alirezamaku.pizza/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
0b6d2b4a0e3734583db8609eb4ffe6e7

SHA1
18d1e6aa41563b3e88b7822a27178e85e900ae6d

SHA256
7bd42647b1dec9c09f3af3ae88d3b698e362076dd11b42da0029bd62f0523ad5

SHA512
e5239e1f1feb62c750452ad39406be7fb519bec5f89433337861502c28c5ca86121bedb6e26bf493d45779dd85424acf6c792e13a394f6aed163e73574999b7d

Download Submit
/data/user/0/com.alirezamaku.pizza/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
962452b1085d78f8706bc6359584518f

SHA1
a655a1af675503f8141f5ffbb0550ddf69fc15b4

SHA256
bafacc2715f337f8a3b83aa97917f1b34bad4e547ca8e00a182b01a16d0bf36a

SHA512
176d3441faa27b327cc4b3cb4e6ceb8a244f15e50ef5fa3fdf465c76c02400c0dca272a4f3cc2c0958ca0d909b4b822c62cf4294f790d5eb039f3177ccafe9ca

Download Submit
/data/user/0/com.alirezamaku.pizza/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
90216e923df7ed2abab138e3bfde0c3b

SHA1
7b42ea698a5246c33787a116d745f8b1705eaa0e

SHA256
ad27157ac35a95607c8573fd7e988e51046020b9c000348e5e5919b0e0e2fff3

SHA512
f166c1f40a1810a03d6f1eaa267ff6027fda99f0d6b13c7dfe562ca404d9713c76e15c08bdf5ac3ac930d263b88062dbf4000e8385809f58c646126aa0f635f6

Download Submit
/data/user/0/com.alirezamaku.pizza/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
5b38563bb02c52ac4ed5dd1521e40262

SHA1
c05421b580a52ca1355ed4d8d8edc4ab77ab583b

SHA256
a803ccf64469543fc41437897663dbdd3d4d05305352a3019079e23d5d45046c

SHA512
da8f0a52c48504a2c9a99cc30d8204be866619fc22540254ee888fd805839a1205c9547d822ba0eab2fbfb58370be2f2fda8b6490975cf0ecb08903280ff62e8

Download Submit
/data/user/0/com.alirezamaku.pizza/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
7a11939ecbb0956dd50a2fc164a2f83b

SHA1
8e1569d2f36d260a56ecf23c0484bba302abc299

SHA256
6254efb438aa9bddb1da296175cf674088f11cc0bc879d2f846153295208ea55

SHA512
09a5c727ac35be59fe359c518e901c912767aa919ca78c73025f0d5d4463ffd0098f777a68f47fdbfa6063c76aac097e20337d15381636d2e8ebe28aca6ade41

Download Submit
/data/user/0/com.alirezamaku.pizza/databases/__pushe_base_lib_db-journal

Filesize
512B

MD5
395fecf7305f241909579e6a02fe09cb

SHA1
fa3c118db5a3331e15f825b7f44f9048708c8117

SHA256
920e8cab6a9215291e85a5571e661d9829ac1605728ce43a7bac514d2ad3d285

SHA512
d247b6f8c735f94af9e16a4f41af7ae5d3cfa7fabd81c4962b4deb95fa7bc2908bb02719a157096f7491bc3158450c943eb01feab0fe19d5e4f65a20b636f51f

Download Submit
/data/user/0/com.alirezamaku.pizza/databases/evernote_jobs.db

Filesize
16KB

MD5
ba8d1523c9b47a44049845a8796d8c10

SHA1
28415b982c5855155fcabb1e0ac9a5c0a04681d5

SHA256
4febf8db34dc389c512fdac9db5c706b0447d7a3d7c09e987882bc8c682d0a4e

SHA512
c4ea7fe477f6677af2307b5bff7c8f40708e8b7997ece6202e3567eb21c977a15021e99332c6f9010cf51deddd6407701c9d7ddfe9f2b2f36ce24282c8989bc7

Download Submit
/data/user/0/com.alirezamaku.pizza/databases/evernote_jobs.db

Filesize
16KB

MD5
c32aed4d320807cb2479df63dfc7cef9

SHA1
4210fab2e766e2c83f03bf92b9649129d2f23457

SHA256
ed1de05a50d55c3aa953d62d4fbf0361b657ce3d79ac60778d7c91a2ed476bd6

SHA512
bac44768c8292f06bf70536bfbfcd02ab6ce8ae413c78fe624842e5a4ac8d4d80c5c4756b93392ef174f7657d59231e1794965e6e279fc69dac194a10ba3d063

Download Submit
/data/user/0/com.alirezamaku.pizza/databases/evernote_jobs.db

Filesize
16KB

MD5
753f5bcd17fd7484fd180663bc1fe8de

SHA1
222d4460356496e563088760d761c2ff91b0ec0c

SHA256
a333929ae5dee2eca3baa152f6c2226d33a0d7992062f4eb4392f5f2fb52ab64

SHA512
7572013589648a83a2c3c747c9f763e6fe7bb42a88b2a72928ff475b332ecb32c203c7c0558fd7a45de5488046f56977954020199b11b2cd64029790a9580dab

Download Submit
/data/user/0/com.alirezamaku.pizza/databases/evernote_jobs.db

Filesize
16KB

MD5
7ebecd00006f1cdfee71aba5db946a8d

SHA1
e336abc447ce61097f7d41ff08729e875d05c976

SHA256
cf668c594b02042c154c404d71c2ebd3fa68dc4a74cfd5d92c2c01d1d7dd3d30

SHA512
0f8b8df93576996eb7d88c09699fc0c8fd99637004d511d7ea8cd8249103b13458033f5162f13b031a9e4ed2e90a823146277097e9ed4260a7024a120af30643

Download Submit
/data/user/0/com.alirezamaku.pizza/databases/evernote_jobs.db

Filesize
16KB

MD5
47080e3bfcf2db9b8620f2faf6c5857a

SHA1
6f63c1851255e0fa99567f047382074b086d38bc

SHA256
dc4f8a73f49d2a6b41ff425fd08b85c1eba5280c438a1a1ff9832e91dfa56cbb

SHA512
e757043d82798926a5ddd716457accf6616894ad1ad79ec832293a1f662910b663239f899bf05a5c8d90fed5bcb093c5529e5bc842fe9003c1d5902f9ed84473

Download Submit
/data/user/0/com.alirezamaku.pizza/databases/evernote_jobs.db

Filesize
16KB

MD5
0829d1113028f715c9d23e5d0729a6ee

SHA1
c62ea95d9b1d1dd389185019c9bb9c65179964e0

SHA256
24f1562419c9de64de07d51d3c82aa2c90aec0e7e3417fdb70970250c462f155

SHA512
226a2a481d4bc2bb83329401ae5f51205c1fc6ec9a3c451429889debda9302de1a87219621ff03b244dd6f2a24d1abd6dec8eaffe24b45effdb6ad298e7a9e73

Download Submit
/data/user/0/com.alirezamaku.pizza/databases/evernote_jobs.db-journal

Filesize
8KB

MD5
9143cd76c59a2ca7672ce518151ecd91

SHA1
302717c752e5995eaa8b4df92e342af5927a0ad1

SHA256
223fc436ffa063b050d8186192416e684d8b025aceaad2d4cd17a3cbc24a6ea3

SHA512
0c9d01456eae6e473df5e3eaef67a3416c06bbea430c22cbbbd0549750bf16d9b96591e7b0f61a2996949221d12e19919e50c507769658048509b613ad0444f4

Download Submit
/data/user/0/com.alirezamaku.pizza/databases/evernote_jobs.db-journal

Filesize
8KB

MD5
2f651d6bea6af62901890ebc9e49d81d

SHA1
f5ee2e76cd9d6d24ad222270f207d10883aaed8d

SHA256
7ceb2ef22c67d3a76e4f4718eaafb9266c07898e6baec452ac47c5a59ae9fe22

SHA512
1b6805568fa149689ba61f585561455b9b9c8624a8aba90fa6a4204ee49e318c2bbc2a5dbdf3dbec73e75ec8e477ff765603e917f148caab9a8ca85592f20205

Download Submit
/data/user/0/com.alirezamaku.pizza/databases/evernote_jobs.db-journal

Filesize
512B

MD5
ecf2c3560ee4d323a4ef003132ec5b56

SHA1
489666d0f9200d81f38701ae5690b28d20c31900

SHA256
3ad8d4611fae4b43d2dac83a3449ce8afecdff4f6cc367da38e1a119e1b65fed

SHA512
316afe070d0c3c9090d679bbaaf0c0a1623565608c600f18a49c311c6d67484cd5f30f2bfa9a467c7dd4540df02beaa97d16f2cca4d94dbe359e6f1878e51d4c

Download Submit
/data/user/0/com.alirezamaku.pizza/databases/evernote_jobs.db-journal

Filesize
8KB

MD5
9092b69d2e121b6ef62c358efd679b17

SHA1
b81f0126a8280d6751fc381924a1b0172b483244

SHA256
22916abf6259beb2582354e5d3211a2bab10110694e9d50c40b756a9f46220f7

SHA512
d3e8450285dd14884a39aa63d8465a409dca76e1875cf5e4628f56fa54e441613baab65fe147c0701ac358dedd001a0337d3febc2c8891b8da8c4f90ae28e9f6

Download Submit
/data/user/0/com.alirezamaku.pizza/databases/evernote_jobs.db-journal

Filesize
8KB

MD5
cef8e9932e3af8e7ea9af89ca2c43a61

SHA1
61013f0a6c162b9f00cfa6ebafac97d260f64499

SHA256
bf7467540cc2b08aef2878f0e2656c4be0523f48ee39f1d641bcf5d447c524b1

SHA512
dab97be777ef2c4c26031e098559ac6328521a6f399409a2a036aae217f27abeda5a20af8349e64cdfc022d1c7287a5bcad490a205a7f34883efb1c262f0c0f0

Download Submit
/data/user/0/com.alirezamaku.pizza/databases/evernote_jobs.db-journal

Filesize
8KB

MD5
05ef95ee8fff951faa3a19d6a486fd8c

SHA1
7e0e69bde1fd78709bc723a86f9465034a0fb364

SHA256
2963aa8ae52ebfbd17ca6e4019f5a19304a82ed3d9039b78fbbdd225c3322ded

SHA512
12f7ba8306014be37fb1061a13b57ce907d6e5dde992ee1170d02d0469676b3197f1105e1e67eec2ab43eec3885f7c82b56a6852cadf1be09fb67f26c1bd11e0

Download Submit
/data/user/0/com.alirezamaku.pizza/files/unsent_requests

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads