General

  • Target

    5017c3e59e5fbbfdc0940eb801303457_JaffaCakes118

  • Size

    30.8MB

  • MD5

    5017c3e59e5fbbfdc0940eb801303457

  • SHA1

    22602e1be0328dd2c35435ac13b4077a64878bda

  • SHA256

    09d71f4a84dce5758a3daaf3a7a8a918443b4733484edb06140923b5c276f087

  • SHA512

    133924eb42e3de747882946d78cf0309826473190eed598236e4d98537b6d47cb148704d1f2a9ef78cbb243fe442fcfda5a65828eb5832c5b849ab0b30bc4636

  • SSDEEP

    786432:POamIRO8ywY3GPDP09Aeg9o1YsxUno74aocN:WaXROF3GPDPlboCnUocN

Score
8/10
upx

Malware Config

Signatures

  • Patched UPX-packed file 5 IoCs

    Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.

  • UPX packed file 5 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Requests dangerous framework permissions 5 IoCs

Files

  • 5017c3e59e5fbbfdc0940eb801303457_JaffaCakes118
    .apk android arch:arm64 arch:arm arch:x86 arch:x64

    com.kg.konggang_customer

    com.kg.konggang_customer.activity.LogoActivity


  • amap_resource1_0_0.png
    .apk android

    com.example.amapsdkv2


Android Permissions

5017c3e59e5fbbfdc0940eb801303457_JaffaCakes118

Permissions

android.permission.READ_LOGS

android.permission.READ_CONTACTS

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.INTERNET

android.permission.READ_PHONE_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_LOCATION_EXTRA_COMMANDS

android.permission.BLUETOOTH

android.permission.BLUETOOTH_ADMIN

android.permission.WAKE_LOCK