7c2f93d72f8657626fc5f24de12e290e72efe5c4e0a864a5cb20d4bce558ce9b

Analysis

max time kernel
4s
max time network
148s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
21-09-2024 18:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f0629a5c22ac50923f1f5d3a22d72804_JaffaCakes118.apk
Size

4.2MB
MD5

f0629a5c22ac50923f1f5d3a22d72804
SHA1

d53355d036747cb2dfa7ddea55b096a400581e50
SHA256

7c2f93d72f8657626fc5f24de12e290e72efe5c4e0a864a5cb20d4bce558ce9b
SHA512

85d9671da40e8073f3b5cd4aa9d809243245253cb7e208b118100c06b0b28da0d260d828e0380095605b6c1eefcb0ea8ba9dcbf2aaaa8ef30ed5e5bcda6577d3
SSDEEP

98304:InktFRrO8Eq6V1NL6+S/v4ClngJqeRviD+UN3araUBIkF:zrCBV2/QxrUN3arXCkF

Score

6^/10

discovery execution persistence

Malware Config

Signatures

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	ir.saftfor.makaroni

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	ir.saftfor.makaroni

ir.saftfor.makaroni
1⤵
- Queries information about active data network
- Schedules tasks to execute at a specified time
PID:4512

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/ir.saftfor.makaroni/databases/__pushe_base_lib_db

Filesize
24KB

MD5
2cdf77d5c14dd3f313b60c691579a0b9

SHA1
6a74a7a3170cabead82152871c90749afdd6f310

SHA256
55ba022e5aa9eb87c256026289112e4c0531a41d0d56380fcf845de71ff99ca0

SHA512
eaf21f0acf8b98ac8bf4bce81e66a07d6a501483b141bfb7a2ef476a8dc9927ccd39971f4e0d1f7969576dbf7abb7befb3bec04e40c5a9b28fa7a2f15ae7a98c

Download Submit
/data/user/0/ir.saftfor.makaroni/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
cb84795abbb241cb9d0148d7aa5f1ad0

SHA1
5d8f36231be4faaefb5b93dda934149b2ccac08b

SHA256
5d9c740a70104c96ced3c7776d1e04265b0dcba3538764a1c16e97d187e61d43

SHA512
b44fc871ca4be9b138e3ae35cd99e6d8ef69acacbc1e032cd71cbdcc98e42d901779952adc2ca6916b7c73d9d0d670850d0bb2aa5abd86b3fb3d51c06ed1824a

Download Submit
/data/user/0/ir.saftfor.makaroni/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
5acbc919cd4988e56ca94e1d1937df23

SHA1
0e79a08fa62d3f3c2d6bff33bbfce004a5b4418d

SHA256
0911d7b93edcab80218f4f71a9200f91e90a00470c8bad7eb8c14228fc5f0c38

SHA512
eb10daf776b4d5d7a271d560e41734d3326e28b285c35b38b9854608bba88bfd0f22779268bfe935cf043b2efc605a6a771fd65bd782fcfb8c11b460cd54ae77

Download Submit
/data/user/0/ir.saftfor.makaroni/databases/__pushe_base_lib_db-journal

Filesize
512B

MD5
9f6dbaf5ed103ee5828c0e98c507c31a

SHA1
07ef5d2341c3d4f29f17e75e7ced377860988fe2

SHA256
69bc03df8df02570df75f2dd4aab4fdef20f180172e7869374760943a42950e6

SHA512
6ba8dfbce6b433544ac80a4db7b0eb9dd73c0366f0101f740981cff8eaa86c378eebc87127e65060c3b4408a432058b413c1563c92df577ca85a3076c0543ea0

Download Submit
/data/user/0/ir.saftfor.makaroni/databases/evernote_jobs.db

Filesize
16KB

MD5
47080e3bfcf2db9b8620f2faf6c5857a

SHA1
6f63c1851255e0fa99567f047382074b086d38bc

SHA256
dc4f8a73f49d2a6b41ff425fd08b85c1eba5280c438a1a1ff9832e91dfa56cbb

SHA512
e757043d82798926a5ddd716457accf6616894ad1ad79ec832293a1f662910b663239f899bf05a5c8d90fed5bcb093c5529e5bc842fe9003c1d5902f9ed84473

Download Submit
/data/user/0/ir.saftfor.makaroni/databases/evernote_jobs.db

Filesize
16KB

MD5
659b5c7248b88a950c5dfe63b4f4363b

SHA1
8649726654da703e1c28a34ce25cd8d6303bbc90

SHA256
4352cad5782bd780d5c2a5ac54672f05c0fbed39b0e2ba56f75241f658aff47f

SHA512
ae7ab86d0a056f2e8f8ee4eed3fb11cd3aa175868d4f89e3a3607d03cf2f61d23cf2c0132a7edcd4d1bd502a7e61dda3cc6f4c5ca9f3ca845a6835948fe2cee5

Download Submit
/data/user/0/ir.saftfor.makaroni/databases/evernote_jobs.db-journal

Filesize
512B

MD5
8ec5ff95b1f5a88ac2e1df3869a0c07f

SHA1
74141a4c2ed1d96b1bcdf8ad272d61069b92485b

SHA256
0ed6ae80b98cb3dd24b070dd6aeede5f0bed654da84ff76b2c6f4f7f719ce05d

SHA512
f8a6a551b95e1023d233384b6c4293e364f9f7680d780e1f8da90abcc265a5e6358016c351fff9bf0c4273fa3007d19ab340f036c713c4afe1c76099777209e3

Download Submit
/data/user/0/ir.saftfor.makaroni/databases/evernote_jobs.db-journal

Filesize
8KB

MD5
252b6b9c6d7c553b3a38ad804df6e040

SHA1
6196b56dbe601ebf3b76690f40938e9333a5404e

SHA256
e2eedca8650ae4b0b5ffcea97017fb42e513b8f68d2c748ca370a48a2ab9dcd3

SHA512
b790fadcc1aad0042311acd4e71e75f1541e8dd02bbadd3f22e1f54817789b49a432bed3b7256ac89c4a91d286910090075823c5af2cd20e2c00ee5d5b8045ab

Download Submit
/data/user/0/ir.saftfor.makaroni/databases/evernote_jobs.db-journal

Filesize
8KB

MD5
4ee1a7fbebbe0a8e76a814820211c319

SHA1
65dbf247aec23a313f819b2434c005376f9d2c98

SHA256
7179cc4c3e7b8e7a631884d968cc43f690d44e26c5fd2b3e3dcf018200b679bc

SHA512
0fd335e0132b9510087fd473850863fd1c0b1164ff43c7e6140677265ec4122fb8a1f66eca8a9e840a4693e49b1506bb8f1c2c7fc48c24621dc91f562c64827d

Download Submit
/data/user/0/ir.saftfor.makaroni/databases/evernote_jobs.db-journal

Filesize
8KB

MD5
38aaa991e0ef410b40d6c1000babf689

SHA1
d5f8a434e5d07dac1da444c98356f11d3aba4d47

SHA256
79a02b0a3e67d03d49e6059db51169ebfd53cf8e3e37da4230ff47500944b504

SHA512
3155552c27c45f7d1cf2072648b602494f7fe217749bd85c48c1585cde02264bf20bb47a78cb1edcf853af3f6774eaa60e7c1ab012ffbe1a6f20c43d279eefef

Download Submit
/data/user/0/ir.saftfor.makaroni/files/makaroni.db

Filesize
242KB

MD5
916d299656606d7e351b0d1e2f000667

SHA1
a9bd3673abbe99ccdaa9dfe0de5be99fe6fe9584

SHA256
760f467d78ce82070a38e737a4a17d5bd8d08a399fbaac1e726052f2b00ca5a6

SHA512
27178fa2a68eae28ec18e19abe0e03fceb1b35fcdd9a77ade265912e8fe2eda9f3df075abf041fd0cd3034bc8d36849e042119c2f5f8b0e21e8830a1cb9a872c

Download Submit
/data/user/0/ir.saftfor.makaroni/files/unsent_requests

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads