b387b52822498da152a9b033ead555d6ba808a0e5abbbece17fe9c948ee5fdac

Analysis

max time kernel
119s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
20-09-2024 05:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ecf9cc4375e44bef1a8a0782fa9a8394_JaffaCakes118.apk
Size

4.0MB
MD5

ecf9cc4375e44bef1a8a0782fa9a8394
SHA1

3243c3e27ca02a1fcc6c47b6929b0f220a2662e2
SHA256

b387b52822498da152a9b033ead555d6ba808a0e5abbbece17fe9c948ee5fdac
SHA512

2ed870f49197cf205426c7ff22fb723dbc1938ec6b02067e1551cf692017ec9ad8b333d9fc0c0d797e34e4d2bddbdf140b791f1c3cb6b0582719e51a48b2277c
SSDEEP

98304:myUDelGW/XW+E4e0r/5rhbK6rf9sgizuQF:myUip/WD4eA5rY6rfKruC

Score

7^/10

collection discovery evasion execution persistence

Malware Config

Signatures

Requests cell location 2 TTPs 1 IoCs

Uses Android APIs to to get current cell location.

collection discovery evasion

Location Tracking

T1430

Geofencing

T1627.001

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.galleryonline.com

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.galleryonline.com

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.galleryonline.com

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	com.galleryonline.com

com.galleryonline.com
1⤵
- Requests cell location
- Acquires the wake lock
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
PID:4260

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Execution Guardrails

T1627

Geofencing

T1627.001

Credential Access

Discovery

Location Tracking

T1430

Lateral Movement

Collection

Location Tracking

T1430

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.galleryonline.com/databases/__pushe_base_lib_db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.galleryonline.com/databases/__pushe_base_lib_db-journal

Filesize
512B

MD5
20e814bbd58a341d6d9eecd92fb3a00d

SHA1
89609d9195e29b4efcaec037dc563e26145b2f8a

SHA256
fd1e617e6976a736d48f328931eab580ef96e90f4ae9c9bbd92c3ac6120592bc

SHA512
4b682cee2880a23e5b61d5212eff31a3826c4f1903a2eeae4f3bda5bedf33c41c1da963367335f3a2ea97c1606ae7511f6d14e40b27068070bba95c11d31c6ac

Download Submit
/data/data/com.galleryonline.com/databases/__pushe_base_lib_db-wal

Filesize
56KB

MD5
c7c5f609857f137e0c54ab2bb23158b6

SHA1
c6d2a56a24680d4aca116ac5148d2b6148233b32

SHA256
f321a5772a192d0acb84a4af51200bf13d21270dd40c748df8ce0cb119efea77

SHA512
578f5b3cf13223be57ae0095fd7b80a1c0c73c2237a23c295dc6ae86519c1c095c9f7a6cc8d048daae804fe410cc1061d6ae016449a282552c498f93bdcce742

Download Submit
/data/data/com.galleryonline.com/databases/evernote_jobs.db

Filesize
16KB

MD5
2c3a27342748f4c624ed2d9cdc8abecd

SHA1
3e7853c9db7e15d8a00b42d7aaf456360e45ff7c

SHA256
45daa488644c45c622058547d948bef26b8a4d27cbfe2e4b79f35e1204d66c77

SHA512
90e9cbd3a82a859ddc14e9a3fb7a2ac99c1d017241fb72cf52494ab30ef83d44a9a949830bf3092d7f0653e42b7661765504a984f922d0cb18a4417f733eed52

Download Submit
/data/data/com.galleryonline.com/databases/evernote_jobs.db

Filesize
16KB

MD5
6f841fb016c8d297810e452bbbd849c1

SHA1
b6891d0b0aad28e5dd6d2645f8b2d27bf37b248b

SHA256
0524fcf9f97c00297be8ff8d252e9e3b619b6b20eb18e1b9cb48e9122dba992e

SHA512
cb80f1579e367c8e523617bde7ee72d9f63e64cd3375a54846c47cff5dbc1542b2cc4969afcd0d477b3a50ee58a218fbcb89f976003c80e89009633bc63fd631

Download Submit
/data/data/com.galleryonline.com/databases/evernote_jobs.db

Filesize
16KB

MD5
b0c6787fc0b4e73a9cc1f97691efe6e9

SHA1
86982a9fc54203a3cb0b36cf3d6660af2b172c2c

SHA256
a94d240cc7787c8c86b1d0227ff807576987bb29b4848036da933385197d46f0

SHA512
34c392d329c9a956b6c0a0c219a67d3d5836b721847ca1ffe8e2290d5abc9a5dbd87fb152482454c2e4a0682db3411c4103fddf0b33bcab3e61f60fd41493473

Download Submit
/data/data/com.galleryonline.com/databases/evernote_jobs.db

Filesize
16KB

MD5
98f107bb89df8361347e1e20ae3c2659

SHA1
a20f053e9d92bc0208d654b159c28778ff27277b

SHA256
ad006e9480a3ce4ffc3a8cbf7e472c5e09b7dbcadf508b272bd24c5d60c85bfd

SHA512
5da4fe001167f2460ed2d5d476036e2b50fb609b490b6157cf0df185b6cab34c4486fba5417478581af25c26705fe2528bd81ba94205daed132f1ed6a21e635d

Download Submit
/data/data/com.galleryonline.com/databases/evernote_jobs.db

Filesize
16KB

MD5
978fdf85b8448e3a7c9015e51477eb49

SHA1
793bb88398dc9457935a4416638d5ed3974baf19

SHA256
8f72919eebbe45ed6d33b7b763d7e45d76a880128aee9aa5c29d28ab79689a92

SHA512
852b2d3e2607c96625e9bcd454c702ccec6a0f07aba3410976d6400ecd2d48ccc92d93c8ce7fcc87a622d04357bd6805a996f11d339ca7fc3eab99c0e991fe38

Download Submit
/data/data/com.galleryonline.com/databases/evernote_jobs.db

Filesize
16KB

MD5
1e550705aa00cfa12863a37d9191aa66

SHA1
8d66570107cffa428cfa209596ffc3aff3742a75

SHA256
9c201960664ec248c28a1b9d10541ab1b2ec002b5b2cc14ee0bb5f3314e9f2d0

SHA512
9b3d2b198267a2f7e768e466224abfe813d2cccc78207745895f02eba2e80c065bc95e7391b23210e5f9aaf25bb4ff29f1f8790b354152ecc3b186b3528746d7

Download Submit
/data/data/com.galleryonline.com/databases/evernote_jobs.db-journal

Filesize
512B

MD5
f84566cf05479551f855f9b0cd8e06ae

SHA1
91230e5e9a3145ffa85136795f166073b02c4e60

SHA256
955a07c8347ef697fa0e1c17eee81e5ff5e36ce6c7c6cf5323ad43086d621279

SHA512
3f2dc6cf5d292486d0c7bae3e8702fd4a1dd0b3eadd278b3874eb2c5cf59e95b5316d35b70b57f14fcafbfc40aeba0dbe4399090c4b8b0274a7b358cdbc35e60

Download Submit
/data/data/com.galleryonline.com/databases/evernote_jobs.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.galleryonline.com/databases/evernote_jobs.db-wal

Filesize
4KB

MD5
0cedbed58bdef4745d2847affb98127e

SHA1
8e248c378c6ea3ab6079974a7f32120c3ae807a0

SHA256
aa407c23a28927f2b293fc7cc4b14708207b4eae568f0280d6a10f354e4c6c21

SHA512
5e8c756463915c5ed2793ef10a88404db2003e0262c5294d3dd645d085bef78783102bec3c9926327dbf68947683f21da83eb82fc5e96491ad021ae5b1a43797

Download Submit
/data/data/com.galleryonline.com/databases/evernote_jobs.db-wal

Filesize
4KB

MD5
d48b46f6a26e8783fcd44d125f1c7d23

SHA1
b38438ca2ec9e69eec5d557c74091eeb2471e9cf

SHA256
5f7077c72b0ac39bb96d581538eb39176dfc7cf55717132ef194b1933e883179

SHA512
70ce2b1e98271663cf5727c8c1750e70cd8e83cd8712babe9a2e4bfe9cc7c3d22af6e554c3b8b4dea2ec27637ef0df272bade6a62c3989f4ef31759dbf41b35f

Download Submit
/data/data/com.galleryonline.com/databases/evernote_jobs.db-wal

Filesize
4KB

MD5
3e865adf4552e3face03fbbb191ac139

SHA1
a01d20a829395cb093f6a1307ef3ddb86174b61a

SHA256
01de9c9fef0620507a0b0c4cf5f6ba3352a4716ae37be7d6b85f3b8e9f49d2d3

SHA512
84b30f864d161549e2c7a4043df81ff09da9c5463918540f18c8942dc55779c14e8ec78fd9b4bcb7c33cb2464774999ac96b1130849f31ef19668ee6d0b861c3

Download Submit
/data/data/com.galleryonline.com/databases/evernote_jobs.db-wal

Filesize
4KB

MD5
c0f62a2480bf5a3c80db3048cae04300

SHA1
4b159b81bc0327b59981c4c1395e309df5b01bfa

SHA256
f6e44c38b80a4396a1b3aa40aec18830722a1b1ee0e2fd8cc20033dc627b7ea1

SHA512
7206faace0a58610eff5a086e3e923cda360693090c1e78e132bdcb668d131cc71d5718d19f5be8ed6b8fede0e648633b9296cf77de130db5fb615c3a7391d59

Download Submit
/data/data/com.galleryonline.com/databases/evernote_jobs.db-wal

Filesize
28KB

MD5
e83fdedd26778541bd701894b895106d

SHA1
4b2688b3e271daec8b6bf9f1fc8bd8027434b68f

SHA256
c9cd7011b3b16f903902d030a6657b8e4c65b0a2c85c47247c02b1f3477d7912

SHA512
b7dac2597a22eaf2639879b41358bbc925688b9a26c9f534d6ea1b2a7492f7c1ecd86f59949f718da54799a9775dd9ec5cb9daee986310e824f80f7774ea8050

Download Submit
/data/data/com.galleryonline.com/databases/evernote_jobs.db-wal

Filesize
4KB

MD5
75361a16742943ea35a29efe178fdffe

SHA1
056325fb6448ea55300772e18ecad0747eade124

SHA256
ec5b6ded30a89b4a654e54c04720acbb047f9d87bd3196c45e6863d8391b18f2

SHA512
8de31806522a5382e65c9d2c5c4e75132ae26caa2a81bc16427fab73ffcda422b37f3b7e45ebfc93e270870119748972752b2a5e5645508d0252003797609d5c

Download Submit
/data/data/com.galleryonline.com/files/likes.db

Filesize
8KB

MD5
cd318c2aad286d021b7930f9f14b2811

SHA1
933244ef0f3225c9ddb15ae2845575a5c50a1d8d

SHA256
30d9db059d9b4be7a221ba0d3d9345dcb4e46668bc6075b7456cf20ac99e379e

SHA512
15843719d5c48c0984dabc9f2cca9a3dd42afa068a71d05a9d6dc705591ec678fcc6ec3b2cbc1b3f4b86cc73cf10b54ae106b9e934c7bae0d518c83279499752

Download Submit
/data/data/com.galleryonline.com/files/likes.db

Filesize
4KB

MD5
d51cd7b37ed1b0ac304c1be44601d2db

SHA1
c30a28417bb5dbfaa7bdeb4c76c532c9179138f9

SHA256
9ae1b6553a3a38f34836b18f595f942e11762aa5a16f4dab25df60b6cd25296f

SHA512
cf36dfa55ebd48afd892073f055da1e46499219d8522bf977a9d6f50573f1beab6b71a49d010677a3df828eb21fa94e3beb184c563132de6e22a2c6321a2e63e

Download Submit
/data/data/com.galleryonline.com/files/likes.db-journal

Filesize
4KB

MD5
d3916db0afd57ab5c5e77499bcde6f7a

SHA1
478d3916dc25436b29c56b9874ba692a4b4ea1d8

SHA256
949b681376052a3aec52a55425617638790606f7461542ae05b61faa66857a6d

SHA512
0151b9c188751fdb87183e4a114352580394d3b1e2c742c44ace639026b0ff1c5da414734a9f2043e2fdafb4ce5cbd09dbe219992f495cb1efd6fce19a6481be

Download Submit
/data/data/com.galleryonline.com/files/unsent_requests

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads