Overview
overview
8Static
static
654b617efa1...18.apk
android-9-x86
8blue.apk
android-9-x86
1blue.apk
android-10-x64
1blue.apk
android-11-x64
1chunjie2019.apk
android-9-x86
1chunjie2019.apk
android-10-x64
1chunjie2019.apk
android-11-x64
1fifa.apk
android-9-x86
1fifa.apk
android-10-x64
1fifa.apk
android-11-x64
1gdtadv2.apk
android-9-x86
ruantang.apk
android-9-x86
1ruantang.apk
android-10-x64
1ruantang.apk
android-11-x64
1spdex.apk
android-9-x86
spdex.apk
android-10-x64
spdex.apk
android-11-x64
vip.apk
android-9-x86
1vip.apk
android-10-x64
1vip.apk
android-11-x64
1xiaoyongyuan.apk
android-9-x86
1xiaoyongyuan.apk
android-10-x64
1xiaoyongyuan.apk
android-11-x64
1xiuxian.apk
android-9-x86
1xiuxian.apk
android-10-x64
1xiuxian.apk
android-11-x64
1General
-
Target
54b617efa1fef3dca2aa9f5206281d4a_JaffaCakes118
-
Size
18.2MB
-
Sample
240518-pmgmfsbd9s
-
MD5
54b617efa1fef3dca2aa9f5206281d4a
-
SHA1
e7cff22e76520f416900709c7ff4c670c09bbf61
-
SHA256
b29353c2cb19ac41401c9e1868bd7ab2a1e501cc5983ae443e39fba368c1f5eb
-
SHA512
558fe966d71eda9d72fd10bb289c73b016deac4687201b951d6631b3b3c7bc363ba9b56732d7ebb2b5e0ebc1f9a076cae7de17f021691398f729072793a28d82
-
SSDEEP
393216:TpwBG7NhtmRno/Rb7KKqX2qgJe9iIO2c6faWZw7ECNUk:iEPt8o/RQm13N2FtZynh
Static task
static1
Behavioral task
behavioral1
Sample
54b617efa1fef3dca2aa9f5206281d4a_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
blue.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral3
Sample
blue.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral4
Sample
blue.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral5
Sample
chunjie2019.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral6
Sample
chunjie2019.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral7
Sample
chunjie2019.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral8
Sample
fifa.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral9
Sample
fifa.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral10
Sample
fifa.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral11
Sample
gdtadv2.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral12
Sample
ruantang.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral13
Sample
ruantang.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral14
Sample
ruantang.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral15
Sample
spdex.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral16
Sample
spdex.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral17
Sample
spdex.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral18
Sample
vip.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral19
Sample
vip.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral20
Sample
vip.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral21
Sample
xiaoyongyuan.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral22
Sample
xiaoyongyuan.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral23
Sample
xiaoyongyuan.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral24
Sample
xiuxian.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral25
Sample
xiuxian.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral26
Sample
xiuxian.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
54b617efa1fef3dca2aa9f5206281d4a_JaffaCakes118
-
Size
18.2MB
-
MD5
54b617efa1fef3dca2aa9f5206281d4a
-
SHA1
e7cff22e76520f416900709c7ff4c670c09bbf61
-
SHA256
b29353c2cb19ac41401c9e1868bd7ab2a1e501cc5983ae443e39fba368c1f5eb
-
SHA512
558fe966d71eda9d72fd10bb289c73b016deac4687201b951d6631b3b3c7bc363ba9b56732d7ebb2b5e0ebc1f9a076cae7de17f021691398f729072793a28d82
-
SSDEEP
393216:TpwBG7NhtmRno/Rb7KKqX2qgJe9iIO2c6faWZw7ECNUk:iEPt8o/RQm13N2FtZynh
-
Checks if the Android device is rooted.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Schedules tasks to execute at a specified time
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Listens for changes in the sensor environment (might be used to detect emulation)
-
-
-
Target
blue.skin
-
Size
132KB
-
MD5
7921fce18f8cfc5ead84c4fed43e17f4
-
SHA1
93227bc94b1aa60b8efcaab888640c38343d696f
-
SHA256
c59da9a276b9566d8bf93ed2aff420185cef481c94d537bc2f67e099c1f5a0a2
-
SHA512
24e315127bd60d5895da1edb6c9e44e01a670889d1a84beccab2a5215750094e1eaec9c320bde8cbfd30c2066142ac73fc93530d142d051f293042d8d9ca1882
-
SSDEEP
3072:aM5ecpLAhBUWUbl1nbSM/tMHC01TiFD4+9CrVfQ:asKj8b9f0c4es5Q
Score1/10 -
-
-
Target
chunjie2019.skin
-
Size
52KB
-
MD5
0008211f603ce4caed742309f8d8bee6
-
SHA1
057ae58f3af17b19a609dc562bc054aa74a86e63
-
SHA256
c98df9871162d4e1bf8acb57485d7cd870758117ddebaee56c4b4367c477d409
-
SHA512
f1872d17aed35f3ce393314705b07707c470c01da022a345af2ed5ae82b775360f2f607fe09229118556e14aed288fc17fb34288c12f04c6a06a7fc9115a8ca8
-
SSDEEP
768:KrOopLJ68b2MlBDvTukWEx4UfEfZIWugr6CbgbXyQ1I9nbLNOfFXazJV0iTO07:KrOsJXbjXLCxfZhj6CbgG7nbia1rTOu
Score1/10 -
-
-
Target
fifa.skin
-
Size
192KB
-
MD5
474f24a54a283635b513496689f6baaa
-
SHA1
03541581f779d068b406c3761000a970e8b816f2
-
SHA256
537a2f8b040a298e1839dd8defa4be7ce7d0f028e5cc8ac97c82939e5ea303ad
-
SHA512
d2202e9df964a1728153f6e00049d16944db2b9f20f0d82bdf2c01215eeed20bec7699ad5fd4008b30fd1880dde6a5ee3e37fb6aecfa89bcfa7ed457a3d5f8f7
-
SSDEEP
6144:sPKH+hJa2A/puoxoAjBF+9/5mU6PluA8Mtze3s:sP9hJWxpFCmXluAvtzH
Score1/10 -
-
-
Target
gdtadv2.jar
-
Size
639KB
-
MD5
2a790fd5de797b91ec2039008c6b5e0e
-
SHA1
5c28490eee21201bc596c1ca4c9bb546c5be7393
-
SHA256
80681ec3d7b66ba02b3baaec467c90c75fd21d4d9eed3370e3e7a1a717bb454a
-
SHA512
82b89bf7320802e26f55d6aa6b8f4056821f9159389e9ebff6ec3075daf8cda30d2a7449047310e64370be84b5cc1f9b9dc3e252582afb508129abd1c08b9c6c
-
SSDEEP
12288:Oqo1h48mUSsielxZE3OdKzoFs3rAn26iwpYGIDD5tw/wDwkG3:Oq8h4CSs9xZjwrO28YGotw4cV
Score1/10 -
-
-
Target
ruantang.skin
-
Size
63KB
-
MD5
4799305769c82bcd0eb8659fafc2c7dc
-
SHA1
7ea31e67ae1daeee9cb69ea1adf60b09450e5f05
-
SHA256
3ddf5b33d110fc4a78cc5b02bbe171e1e358ed6d9b423aa7e02e63a9d92eeff3
-
SHA512
a8768f3fd5ded67406849dfdf3761765fd15c6398aa2aa2ffbb6c20ebd02d20d90e39b356babc838dbf69f29cacdb92e8067c9ea0095f53f49f7fc295be5807a
-
SSDEEP
768:BAVDIMuiRLHX7BzAXTCSAH7nsW7WrCmYUM9SX92Y6hn1Jj6ctjSHsZ/IZuMQjM/b:BCMHi12CdbnGJM8e11vtuHsZQQ0b
Score1/10 -
-
-
Target
spdex.jar
-
Size
760B
-
MD5
bd3722096241f5f437f9db5053261d02
-
SHA1
7208e0dff844800b57ee693e9f3c3f7cb4f908a9
-
SHA256
f8bffa2787d64e284dd4aa5ceb7ee65df5c8d6610396ab21ba321fd6753eacb4
-
SHA512
c2aaa80a549284f1950718a98e3832ba38344ccd2b0eeb4500ea305daf27a5f854ff73a09d4147509785c71b7c647053f22b04b086b9d725e6a286f2b04a8ea7
Score1/10 -
-
-
Target
vip.skin
-
Size
23KB
-
MD5
02e87ded070dff31fec1ddbae19b891d
-
SHA1
f2a4e69e487a1479ffd50b61519703021bdaac0a
-
SHA256
2e22c6d2577d55a5aadcf2baddbf3840c8bec58a0baab813c517101c42c4e961
-
SHA512
3aa4ea6dc34b59f3d25933f6486e1d6a581dc699371f5949dc8cc8537ccdb9f8194a9a85cae68532002184b28cfe3c3078f4d6aafdb3c8fd2ccb62f86dd04845
-
SSDEEP
384:e9OX7W9ONXl180jDputjXO4thtsOLBu8WdtjgU3g1vgtV7I:euWI7H3psj+4dBMdxC7
Score1/10 -
-
-
Target
xiaoyongyuan.skin
-
Size
84KB
-
MD5
621c56ae2a51e990941e53cf9bd0c262
-
SHA1
ed74fd3b01e3edd2aee05bf6357b926017b5a5fa
-
SHA256
020a5abd15bd04a48d470541e4e1f87d888601bac0607780735243ccca859923
-
SHA512
f404a373e35786ffc3d8c464a115e97a35db92133e65b3e0362e302552c35a55ea8901634ce527248926bee671a6b0e47536f309ca623cf7db7cca139b035159
-
SSDEEP
1536:hpvc+EoIdeKeKeKeKeKeKeKeKWSHLAY8xreSL/VDhokKPaR+x3LVAZBf5:hpvc++deKeKeKeKeKeKeKeKWOL18p3t9
Score1/10 -
-
-
Target
xiuxian.skin
-
Size
156KB
-
MD5
9119abec9a4e1b655e8e943078d2129a
-
SHA1
18e6c54331610a01d8232dae790cdaa284b1830a
-
SHA256
2085111f93e96cd976aaa8b173a1bee0c0853cd4025e3b24c56663edf548fd89
-
SHA512
52a5f4deef48e1c71b5cf42d16d323ec05ee8be2662f95cad6ec16edbba5fef1ec8f28cedff58a6ac1952090b1ca23c6923acc67883fbde0a994b6d4175c2226
-
SSDEEP
3072:a4/Jb4IfZoJ5/ACC1kb8btQqKoaFv8s+TiSRAbiz8YPkAJ0jl:a4/JUIxiG1yYGqZsuiSRAbrYMA+Z
Score1/10 -
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Scheduled Task/Job
1Defense Evasion
Execution Guardrails
1Geofencing
1Hide Artifacts
1User Evasion
1Virtualization/Sandbox Evasion
2System Checks
2