b387b52822498da152a9b033ead555d6ba808a0e5abbbece17fe9c948ee5fdac

Analysis

max time kernel
107s
max time network
156s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
20/09/2024, 05:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ecf9cc4375e44bef1a8a0782fa9a8394_JaffaCakes118.apk
Size

4.0MB
MD5

ecf9cc4375e44bef1a8a0782fa9a8394
SHA1

3243c3e27ca02a1fcc6c47b6929b0f220a2662e2
SHA256

b387b52822498da152a9b033ead555d6ba808a0e5abbbece17fe9c948ee5fdac
SHA512

2ed870f49197cf205426c7ff22fb723dbc1938ec6b02067e1551cf692017ec9ad8b333d9fc0c0d797e34e4d2bddbdf140b791f1c3cb6b0582719e51a48b2277c
SSDEEP

98304:myUDelGW/XW+E4e0r/5rhbK6rf9sgizuQF:myUip/WD4eA5rY6rfKruC

Score

7^/10

collection discovery evasion execution persistence

Malware Config

Signatures

Requests cell location 2 TTPs 1 IoCs

Uses Android APIs to to get current cell location.

collection discovery evasion

Location Tracking

T1430

Geofencing

T1627.001

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.galleryonline.com

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.galleryonline.com

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.galleryonline.com

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	com.galleryonline.com

com.galleryonline.com
1⤵
- Requests cell location
- Acquires the wake lock
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
PID:5063

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Execution Guardrails

T1627

Geofencing

T1627.001

Credential Access

Discovery

Location Tracking

T1430

Lateral Movement

Collection

Location Tracking

T1430

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.galleryonline.com/databases/__pushe_base_lib_db

Filesize
24KB

MD5
bbdb33b88a3c9d6d1b4feb5fc4c8fa69

SHA1
4debfae60a0d94f4e5e6a5e257bbea4a5e833fb3

SHA256
a9020648ab24e1308929e1ae264ed253e27c60465be930deac87e7f6d050df66

SHA512
bdd1c9889b015cca657fbb34573b2616070eac905798917bc9deb76ffc2c8d0e038d32cac754df4075d3657a6098252df514c4ee5afc9c21904919363568e6d2

Download Submit
/data/data/com.galleryonline.com/databases/__pushe_base_lib_db-journal

Filesize
512B

MD5
faecc1e059d6bc2db4993469eb51cdad

SHA1
168c538c7258557734ec3bcabc1f56ae0cff464e

SHA256
568678bc6efe4179e68cd58acb7936413e7d0ac60e2ca0b84944e4f266db5f00

SHA512
c5e9998bd00f77393aeb270dd13d4a0830d94bdadba71db0fb88ccb798e388559970ea59dbdbe8132ecdc51172ee7a73388de6e886be309d52a677e66110141b

Download Submit
/data/data/com.galleryonline.com/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
b028d90ecc2640fad3a722f4df1914af

SHA1
07466c778f0e124c78b2d5c53f99737c88915111

SHA256
e13273ea22d1fee71bd0336e2f0f4fac47f780cabf7c6c90869b66c819f31398

SHA512
e21fd2076fac7cd920bf1a281d043ae33388b835cb52e5209287d2b79c78a5bb62009424511d48140882da2b3a87bf66a2ca0f1627d308a094c2b4e107a1bb7b

Download Submit
/data/data/com.galleryonline.com/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
7d323b1799ae6f4fb0273e4fc8e6a181

SHA1
b65056a90eec9a45dea4d95cbe58112da7da4059

SHA256
3ba12acbe22f1f482233887ca87c30fa269f801c281026860aad5bef8ffb9b4b

SHA512
08e5f99f34721de2bf4cacf333beb6acfadfc0cd69e2d9679fe63a6a25b14e01519b856b0786e2bdfd9d6fe516c561b02f66fa3267becb68e6d8057140daa250

Download Submit
/data/data/com.galleryonline.com/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
5789f616e4786194f43be56fb253ea77

SHA1
5af77ff31ff41b682c9e2c775706314b24fdfc2c

SHA256
e25204b5a579f4b718218a2c950d0f723761befccc779dc93a8ce708ee675790

SHA512
6df5764ab7a4c7f243d14beaf53fc3e1d2a247efc4661d08c42fa252759a75c6cb92ac1eb6915ba6a78b1aa79f53968ad8391156d15a6d39a12160aaf022b480

Download Submit
/data/data/com.galleryonline.com/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
982bbbb62bc1a1043b724ee8ee9768f2

SHA1
15c124f514d9d78085fc9fe2c0a5ef77a448e5f1

SHA256
5a15fab4bbe764343e297aa6b3fe71dd536f0be94346709365ed414adff1acb9

SHA512
4e07602d54fd9d237feab9e187734ba399b3334c966e5c03fc15c5f91dd2fca844a2751c49c6c89e63b44fcb4980660dbf291e3c1d7338232fd7f32e904718c8

Download Submit
/data/data/com.galleryonline.com/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
572dd90fb37550b0631bda20f721f1be

SHA1
a753e57ce36585514a957c301de55b708f038b7f

SHA256
5ce036a90439aa9041cf253caf7778808b14b333d92da7b6066556e11ab21fd7

SHA512
8134b815376fcdab3d04b38e8a71e2c1025c1713c16b6d630a6f45b33afa8e77028a5bbf4301e2ef03c63e89596e5b26b7569c9ca8285818ac4fc7c8a1e8d6bb

Download Submit
/data/data/com.galleryonline.com/databases/evernote_jobs.db

Filesize
16KB

MD5
4a13d928a30d9a7c5356cea2cea287a5

SHA1
d4337b6e480233768592415cbf0b8176b32f5152

SHA256
38130acd3a2504d199f5b62e835c60baa2bdde08e34a206dd978600e60c4eee2

SHA512
065f9077f4bb111d5f7de52434533d620e163137465d528a5e69915eb6eb6440f16ccacef1b39066f6c90b31cc7e8c16042fe411b9efb49e91981a62fff70a18

Download Submit
/data/data/com.galleryonline.com/databases/evernote_jobs.db

Filesize
16KB

MD5
03746843196eefc59c7806d1d9644c9b

SHA1
607617bb8d0574ae354aec3554150f5a4706a73f

SHA256
0fdaff1b57e158e4de0ac594d2daef15bebba378f2d23ebc1ea63476eb749d93

SHA512
9cd3010c5745fa8756bbcba86b00008e2a29fb8881512b4b871643611cf775538dd93a0371e938764c3798a83537cea41c9cebbf7f7dec0dc5191051bd5b9afd

Download Submit
/data/data/com.galleryonline.com/databases/evernote_jobs.db

Filesize
16KB

MD5
a86999033712799fb5796d9885b7af31

SHA1
62b59b4376348fc99970e9f0cddef086fef97d77

SHA256
d9833f5c5b3274173d93fe3ba0e6d5476d1a92f211aeac0716ff7b81a25fb910

SHA512
dcb2f8aac3ae65ec5cb9bfad138e336ff6493b12c68a77d8fde1a30761183a2876825826c6bf09e1e7c3379d92132071721448a8f5bfd3a728c7ed0b410f3626

Download Submit
/data/data/com.galleryonline.com/databases/evernote_jobs.db

Filesize
16KB

MD5
e16ce348f8bbd88b90d39f95a3da3653

SHA1
545fcf2d2fab4cdf15325320826f8557aec1c3da

SHA256
f953a7d54f46ec2499cc21186bac8922f0392e5e5767cd49e27cd211103e1dc4

SHA512
71443f1316b6c7e505ceafdd9d70172cfb8af0bd754e3c573820f158daf9b1ded0a539cced8d804a0023cafc31c1f5d2bd303cc918e7c04b4a7fa6a074c06088

Download Submit
/data/data/com.galleryonline.com/databases/evernote_jobs.db

Filesize
16KB

MD5
00e829076f54c72b50b63fd6de296a03

SHA1
fbeb1b8be863931f98a7c29224a03b89f9616ab2

SHA256
c479f839c0bc15e9a9749cb5a5a3eef4e09c0163160073477f72fa78b2e300df

SHA512
1c6b0bfe980050072927f8d407ca86353098d03502f7194f141d43c045a3f35103261811281f023262f4823a4fd70659d6802b76e126e991120dc14cdf74bbcc

Download Submit
/data/data/com.galleryonline.com/databases/evernote_jobs.db

Filesize
16KB

MD5
a371e092526ff5549a782f63d9c62543

SHA1
609fb45b9d173ae527106b01e069b892a1ee0a5a

SHA256
41df5bbf288fbb020e680d0c8935ae67e8e936d034bd9db38a13b7300b984320

SHA512
a1c608bcb4135f5586172cedd72ca44cedf52cb37519227c9bea76ed0f949b6537700e0887210886bc29798256be516b880d1494abc3c92f603fdea3397866f0

Download Submit
/data/data/com.galleryonline.com/databases/evernote_jobs.db-journal

Filesize
8KB

MD5
3b4d929f5b022610a3810f64ba26f30b

SHA1
8096f1e55db8876cc3dfc9b5c2753b32eed60fd0

SHA256
25180cb3af5c1c3a99d07e222378f9dc79a4ae7f4a9790cddfe62bc9a209fd55

SHA512
d7bb9746b8014a769245f208fc0092c8e6ad5611a9787de8aba145ec3df31e4244a5a17e49ec4c980cf56f872e56891bd4b89712c145a360833d07bb99516d0c

Download Submit
/data/data/com.galleryonline.com/databases/evernote_jobs.db-journal

Filesize
8KB

MD5
81252d64a1f053da17c130274d910dc1

SHA1
93e0a6610b97573c92720a34891c5feeee44a2d6

SHA256
f1b1d6888cd6155a27fa7e90b60eefa8f4c4e07018e45207dc62343e92f89100

SHA512
cffb6ee81117d050c5722aad81054c3a36e6ec039d91610665b16d2c21d4c54df7a91b01b3c3aafbc59fd1bdccc187b2353a9731e98e1552b03fb84ab34051b6

Download Submit
/data/data/com.galleryonline.com/databases/evernote_jobs.db-journal

Filesize
512B

MD5
6d85d902e303c8070a48588727e9a00d

SHA1
b562bd2f553da33b54cfb7602dd3f0f9e19325a9

SHA256
2ff8f075cd8b63d5501434594b036d90ad286586b0c771ab27a13e5139fc68d1

SHA512
aea0fa5c9a8fa9743f5c14843c4f4e670520891907d4a7e7e1f85d3c543bd55623b4df7e43ff9bdaa4f51789dbda2fa5d976f3e88d42ccdd20bc316ee3a1fbcd

Download Submit
/data/data/com.galleryonline.com/databases/evernote_jobs.db-journal

Filesize
8KB

MD5
bce7a8f5801d9c57ec0250e4f3a003df

SHA1
7449f6e834fe4e3dfd78566a05d90bce367b6e31

SHA256
466fe8625ac322e17020028f44fb5876b64b414b88f9031e5b6e1f49ba7a26da

SHA512
71d050823ae67e813612b766785df89498916286a0e1be9948770cf362de9c37d0398c4329f22249001d0e59dae1427d3773c6f2cc18cf32fef47fd5c6727013

Download Submit
/data/data/com.galleryonline.com/databases/evernote_jobs.db-journal

Filesize
8KB

MD5
733440adda39926095c9ea6a471e7e8a

SHA1
7342d719d6d182fd292f30b7353e52e6c12a7be8

SHA256
e11f37dc641504c220abf87c1856327fa05e5a61dfe1302169a902968a4a75d0

SHA512
cd3b942bb183709767a0ee64e4e994984bfcbf37885f7cd74487bb752080e742c1d24af22eef1de8f9c8c650486b8b727ae6174d3d35567014245b25b2c7dc28

Download Submit
/data/data/com.galleryonline.com/databases/evernote_jobs.db-journal

Filesize
8KB

MD5
768230e581826a77ebaf192b40824d9b

SHA1
57e5ef52c1f70c0fe94b372cdb1c9403d83fe93b

SHA256
77041bb569ab3ed96baaa2462664b314da47381828e2feb484baa38396c2862d

SHA512
1d4a73ff6d0d35f82a2d909c8da12994f0190bb057c97ce8e78b6fddc158a7dde17c9c3d544e291206e43015106c2feca20bdb9a1420ead044551dd81eee4777

Download Submit
/data/data/com.galleryonline.com/files/likes.db

Filesize
8KB

MD5
cd318c2aad286d021b7930f9f14b2811

SHA1
933244ef0f3225c9ddb15ae2845575a5c50a1d8d

SHA256
30d9db059d9b4be7a221ba0d3d9345dcb4e46668bc6075b7456cf20ac99e379e

SHA512
15843719d5c48c0984dabc9f2cca9a3dd42afa068a71d05a9d6dc705591ec678fcc6ec3b2cbc1b3f4b86cc73cf10b54ae106b9e934c7bae0d518c83279499752

Download Submit
/data/data/com.galleryonline.com/files/unsent_requests

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads