Overview
overview
8Static
static
63f40f4c863...18.apk
android-9-x86
73f40f4c863...18.apk
android-10-x64
73f40f4c863...18.apk
android-11-x64
7Funlocker.apk
android-9-x86
8Funlocker.apk
android-10-x64
1ONEKEY.apk
android-9-x86
7ONEKEY.apk
android-10-x64
1ONEKEY.apk
android-11-x64
7gdtad.apk
android-9-x86
gdtad.apk
android-10-x64
gdtad.apk
android-11-x64
Analysis
-
max time kernel
8s -
max time network
130s -
platform
android_x86 -
resource
android-x86-arm-20240506-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240506-enlocale:en-usos:android-9-x86system -
submitted
13-05-2024 11:27
Static task
static1
Behavioral task
behavioral1
Sample
3f40f4c863620c384c3cb91ac54dce03_JaffaCakes118.apk
Resource
android-x86-arm-20240506-en
Behavioral task
behavioral2
Sample
3f40f4c863620c384c3cb91ac54dce03_JaffaCakes118.apk
Resource
android-x64-20240506-en
Behavioral task
behavioral3
Sample
3f40f4c863620c384c3cb91ac54dce03_JaffaCakes118.apk
Resource
android-x64-arm64-20240506-en
Behavioral task
behavioral4
Sample
Funlocker.apk
Resource
android-x86-arm-20240506-en
Behavioral task
behavioral5
Sample
Funlocker.apk
Resource
android-x64-20240506-en
Behavioral task
behavioral6
Sample
ONEKEY.apk
Resource
android-x86-arm-20240506-en
Behavioral task
behavioral7
Sample
ONEKEY.apk
Resource
android-x64-20240506-en
Behavioral task
behavioral8
Sample
ONEKEY.apk
Resource
android-x64-arm64-20240506-en
Behavioral task
behavioral9
Sample
gdtad.apk
Resource
android-x86-arm-20240506-en
Behavioral task
behavioral10
Sample
gdtad.apk
Resource
android-x64-20240506-en
Behavioral task
behavioral11
Sample
gdtad.apk
Resource
android-x64-arm64-20240506-en
General
-
Target
3f40f4c863620c384c3cb91ac54dce03_JaffaCakes118.apk
-
Size
15.6MB
-
MD5
3f40f4c863620c384c3cb91ac54dce03
-
SHA1
1e93aadd1dda64ed8f28bdeaa2c151eedfa0ef41
-
SHA256
d2ff920982d4a0d1383f96fc60283fcb93bdd32679bed970361684ed22e3502f
-
SHA512
876ba0a7ae910522f52dec617a1cd8b808ecae768243dfe43e96c735a7ddc0a9756f1ad39bd5084f0f7a276e60803732e1dcdde13a510f20f190ba430db335b9
-
SSDEEP
393216:0NOYXXYc/puMgi0WSx0un3n7LfuqYXXY2IrosxdDBQaXn7AeQ1:0NOYYf/RtP7fYY2IpTQg72
Malware Config
Signatures
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.tpad.change.unlock.content.chen2wei3ting2description ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.tpad.change.unlock.content.chen2wei3ting2 -
Reads information about phone network operator. 1 TTPs
-
Requests dangerous framework permissions 13 IoCs
Processes:
description ioc Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE Allows access to the list of accounts in the Accounts Service. android.permission.GET_ACCOUNTS Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE Required to be able to access the camera device. android.permission.CAMERA Allows an application to record audio. android.permission.RECORD_AUDIO Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION Allows an application to receive SMS messages. android.permission.RECEIVE_SMS Allows an application to read SMS messages. android.permission.READ_SMS Allows an application to record audio. android.permission.RECORD_AUDIO
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/storage/emulated/0/CHANGEUnlock/FUNlocker.apkFilesize
8.3MB
MD5cf4a71b23490b5a3000f552284d70ce0
SHA158622f609c40eff3d21fb14e702fb0e00cb99243
SHA25628129b642b40a53fc20f0b2d748af8856e05d6245c8f8334dbdb390915e38e06
SHA5125f106ac172095d2545b6e082ae0515bc4b72475e0992227eac3f77bd40ebb7e3bfb0dcbf977caf93901cf83ba2d7899f898150bcb6a7b557e4baa051eb0f7a22
-
/storage/emulated/0/CHANGEUnlock/FUNlocker.apk_1Filesize
1.7MB
MD5aaacb3159bde206d11825e4556ac56ab
SHA16f5b1b0f52d3217f6b02b6234166b044d246e3cf
SHA256d7b5a13f5ac131cd80b97f47b9ef3f22c60b2998bfe117efeda9fb141e448803
SHA5123614cfa1cce34eb70b557d68d0dfbe5493f3bf766fbd22bd9fc931b58c63a68bea4f43b21a39d0d6ff90a1f8fbcc402994d34dc00ab8371666f63cc80a3533fa
-
/storage/emulated/0/CHANGEUnlock/FUNlocker.apk_2Filesize
1.7MB
MD574083acdf28339c22e2a95ca4881bc40
SHA17d1714e8d4bacf7bdec5138529607178e2b7b97c
SHA256e476a83af9fbafc1dd8dc5f85102675bd99eb135539a1868a250a39200bf0fc3
SHA5124e179e36259a574772c56ac98328c24883f6923f26b72b1a4c20b60fa54145e6f2226cca773ee91c0e91f8bf45dc659e5e14d8dfb1937a2e594d493f3a8d20f1
-
/storage/emulated/0/CHANGEUnlock/FUNlocker.apk_3Filesize
1.7MB
MD5149843285f3ee7bec9ee02d29b6197a2
SHA1364d659852a96cef64430687636443a0f1036b78
SHA256f9ebc47a2fea461174d8c47af12152ec2348df0054c2d45d37f405665d4f1a2b
SHA5122c9001fc20e657db35606317d775caa006c3204fd31f8410cabb0a9a7f1ed895561d9e3402ef6c8e2c75c09d5ebda6c641dbe699a60ba321eebc2d5d0f2dba54
-
/storage/emulated/0/CHANGEUnlock/FUNlocker.apk_4Filesize
1.7MB
MD552a4fee6a8a58f02c1947a69e21c4e92
SHA10a099b00eeee3251606047a40b2c9f7bc1614341
SHA25611111cc9f3462b925840027f3d81c14bcaa3bce38f128edcdb02a0a218c415e9
SHA5125c150abcbd9f4ae822221717e3c01626023bd1dfed5c49ee2505ec13af18086b974dcba8ac9e386ad34b2b509742ac4af0fcd411f4cd5e1137da28c40548f7a0
-
/storage/emulated/0/CHANGEUnlock/FUNlocker.apk_5Filesize
1.3MB
MD522bb3bbedf62256124768687981c52e3
SHA1bee2c98e2ca295081c811f30f8ff3f9e2e1a5376
SHA2563220daf74376fdfc50066cb03e63230a065322d567cf822cf3a862fb8fbfee8f
SHA51205653291884148d495b733aa2cce0ff075a0d9a06053f7cc1c6945cf8783fbb82b0127d396ea89a4a5fdb3b8718bc2f9885f4626160ceb60def8efa92abba45a
-
/storage/emulated/0/CHANGEUnlock/config/con_list.xmlFilesize
800B
MD5badb8c0b2a9c85e35c2763874dd0630f
SHA175fe81a19d3ad17f6ab2964d43bc61899cae98aa
SHA2569e7c085af326f21c3ce5dfb0b01325baa4b7c8b1542dcda9517000721f61be64
SHA512bb18a72530b12865526a3cb46a16b5cc65cf4b52129eb52ef2bd0a25e4f2420e479eb49ffb2120332c6571db6b80cf4b2c91e8a267e0f3bdc4b8eca1f4344c46
-
/storage/emulated/0/CHANGEUnlock/config/current.xmlFilesize
133B
MD5e58518d5f35f616367972f482cdf061f
SHA16d45d3cc69ac761f7c2b6ab32ff90072567f2d3c
SHA256a20c018846301333a09de0ce24ef14d9b60a503cc706648609d5197c17984b0d
SHA512835ccc988445033eb01f97c1c45e25552ef61b3d214f82ec04192c3cf49e3a61cfc02e856611036881d822a2df6a73ba1edc16828292de1f46160db79b504f66
-
/storage/emulated/0/CHANGEUnlock/config/fm.txtFilesize
32B
MD584e5596443427f53efca4e1d48972f33
SHA127e60396742b4d4cf711c3ef51677e5e418bb97d
SHA256336afdcc558fc46614f1e04b46d874530fd478a495bc4de9e86c935c89f676ce
SHA51285641402fdb6929544095eaf21f20be66f38147a4610361c45584adb0e1d8de7c0bd68a7803f4b7e7e389a6c61ce95901cb0938692f723e9ec0bf72174898201
-
/storage/emulated/0/CHANGEUnlock/content/陈伟霆主题锁屏.uxFilesize
604KB
MD5380a1e5fc3d653b947d0f71dbfb1ca84
SHA11fecbada65963feb4c397cde1d609434032b593c
SHA2561b2e40cdd96abdd6edfb90123abc4ecbfaf65d37798289516a9d57ef90dc2098
SHA512dc1f9781d9d1fd83aaeef67e89f36cba72a6a081a99353fe9c12d7c8aabbad58d2a16f808db9b722dfa5b8c889667d8f879af48c9d798e01b318897952f18d05
-
/storage/emulated/0/CHANGEUnlock/content/陈伟霆主题锁屏/image/陈伟霆主题锁屏.jpgFilesize
16KB
MD5e05f003c3e5818deda13da40da682529
SHA17fef23337d73291f173f046b0a3004bae044d998
SHA2563cab53ff3cdbcbd309ee719a1114a599fc4617f9c8e5484ddc28cc2de4d64d9b
SHA5126e18b27047ecea215398c614c85611b077562192f30758a6e87cc6ede764d2869d00634cf6ecd0da2c1a6f0f43ce93b8185b6bab92c9b9d8a0c81e28eb7c0983
-
/storage/emulated/0/CHANGEUnlock/content/陈伟霆主题锁屏/wallpaper/wallpaper1.jpgFilesize
193KB
MD556720b8009bc61cd5f147f1cbc5d1a0f
SHA1afd58eb887452ddacf09f30a56c43ff0239189c3
SHA2560d8b528581fb568ffba91bc8ad6cbdba5e4dfeff51f83a77b0599bb245709711
SHA51277abbdc635cfd2c82b377fc08aa2048ae505ff2f5a30f968c5728306fb8e4046d43cb4ea901c15167a284b1240ed14e98e501443036719a8d3dccf15b93a0602