Overview
overview
8Static
static
66d1090475d...18.apk
android-9-x86
8lbmust.apk
android-9-x86
1lbmust.apk
android-10-x64
1lbmust.apk
android-11-x64
1lbsdk.apk
android-9-x86
1lbsdk.apk
android-13-x64
1lbui.apk
android-9-x86
1lbui.apk
android-10-x64
1lbui.apk
android-11-x64
1lbvmrt.apk
android-9-x86
1lbvmrt.apk
android-13-x64
1vivouniona...ed.apk
android-9-x86
7vivounionsdk.apk
android-9-x86
1vivounionsdk.apk
android-10-x64
1vivounionsdk.apk
android-11-x64
1General
-
Target
6d1090475dfafb583e9906e39e2bdac1_JaffaCakes118
-
Size
31.2MB
-
Sample
240524-cze8yaab52
-
MD5
6d1090475dfafb583e9906e39e2bdac1
-
SHA1
e7653db3659220ae12faf35d9787ba42b23ff2ca
-
SHA256
816aa0e670012ff7a9e91fbdd65c56754c32ca54ea1793b9bb6921fc19ad98fc
-
SHA512
a7b9c63e6acd7c983aebb111890d4c648ad4452d551b12c4e8a53450fbbc0a95b68d75516b97edaede4a0acf9c7c91bd47f950573230baf942e8592f47a80108
-
SSDEEP
786432:e99WT2BhtlANLzRGMHnS2a6oczh1Bvhsfs75JV:e99WT2sJtHvHockfslJV
Static task
static1
Behavioral task
behavioral1
Sample
6d1090475dfafb583e9906e39e2bdac1_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
lbmust.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral3
Sample
lbmust.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral4
Sample
lbmust.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral5
Sample
lbsdk.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral6
Sample
lbsdk.apk
Resource
android-33-x64-arm64-20240514-en
Behavioral task
behavioral7
Sample
lbui.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral8
Sample
lbui.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral9
Sample
lbui.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral10
Sample
lbvmrt.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral11
Sample
lbvmrt.apk
Resource
android-33-x64-arm64-20240514-en
Behavioral task
behavioral12
Sample
vivounionapk_v4.2.4.0_d74cb3a_201808271150_signed_aligned.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral13
Sample
vivounionsdk.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral14
Sample
vivounionsdk.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral15
Sample
vivounionsdk.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
6d1090475dfafb583e9906e39e2bdac1_JaffaCakes118
-
Size
31.2MB
-
MD5
6d1090475dfafb583e9906e39e2bdac1
-
SHA1
e7653db3659220ae12faf35d9787ba42b23ff2ca
-
SHA256
816aa0e670012ff7a9e91fbdd65c56754c32ca54ea1793b9bb6921fc19ad98fc
-
SHA512
a7b9c63e6acd7c983aebb111890d4c648ad4452d551b12c4e8a53450fbbc0a95b68d75516b97edaede4a0acf9c7c91bd47f950573230baf942e8592f47a80108
-
SSDEEP
786432:e99WT2BhtlANLzRGMHnS2a6oczh1Bvhsfs75JV:e99WT2sJtHvHockfslJV
-
Checks if the Android device is rooted.
-
Checks Android system properties for emulator presence.
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
Schedules tasks to execute at a specified time
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Listens for changes in the sensor environment (might be used to detect emulation)
-
-
-
Target
lbmust.jar
-
Size
69KB
-
MD5
993b627501769474ddf9105ce850fd27
-
SHA1
1a99da904131ae38cc30230bd7a6b775e9f3de90
-
SHA256
bc5a1168b0ff68c224878929d0c552900597980c36352bb095afa17af25ff687
-
SHA512
1906c545ec165fc99d980bec54ea172499a0994ed6deea6454a19b3151ed162b914dd3d61a24e216f67454d0e3f7cd51020a646cc0f1a0988bd7d1690d2fd4d3
-
SSDEEP
768:l6Z+QyixHFL/C+MbGDPkpC/JqEf2UMoFqcLCyzlx1Ow3/RVd0A9nRYHFZAXQiyJ7:l69FHEGQpdQxzlx7VukAKXQl7LHJT
Score1/10 -
-
-
Target
lbsdk.jar
-
Size
729KB
-
MD5
435029cc1bec498d4030400cde2bbcaf
-
SHA1
8b2967c9ebb1d803f03358e34fb1502bd6327616
-
SHA256
19b220d1c69ea670ddbf624ee29fb7392288c265913fa3f2b6e2d1528975b060
-
SHA512
56bdc9caa65d6789d9e281dcb7d4f06a07a3830332d44c499f123386cded43f61ff8b642a4b78b638a57906dfc362b63db9349cc23366ce8367775392e5e009f
-
SSDEEP
12288:TO9/T4/K+ygs1MmnpQEe2RAI/n70qNSfpG+Brzng2jKA7o8QMbbjhLaDZR0WUHr4:TO9/T4/sfxQARAI/wqNOBPg2W2PQMb/4
Score1/10 -
-
-
Target
lbui.jar
-
Size
218KB
-
MD5
fc73bbf7389b46bd39d7e3c17526fc0f
-
SHA1
85a09b5f89f28f880c54a6c2647cab8a6183dd25
-
SHA256
48a52a5e9db4691d9e2168e0c05a41d34e0cff117ba3c5d482776204695f2b60
-
SHA512
8ab4fd027944e8a4af32c843048b4d74bce02d664fbc36a9771631281bc40064551e00c8d02d75142d821eae284a229eaa4fa52e098d62b7966c30d74ae0ed02
-
SSDEEP
3072:0upJH92XedxmdxZSNI715vetsVkIlKcrDad0VQeStwsvSRK/Uq:uUxmdxEU/hVkIlVDad0V0twsvqK/Uq
Score1/10 -
-
-
Target
lbvmrt.jar
-
Size
1.4MB
-
MD5
e2c0819fb259b76665058d1e9a647e24
-
SHA1
4f8ef969456a0eb7b53bad8e09ca05dc4529e479
-
SHA256
a80e8411e6e7fce31b5ba9305cf6db1ca84c59f4941fa141939a325327e925cb
-
SHA512
38d9567c698d6af50286b398045c487a9d413fc30ebfbe3faaddaf50c73e1a11e6b60f284626dc5afb1cff9977f3790b54c737d376cd74087d0763e40f63ab22
-
SSDEEP
24576:KQqVEIzr8ai1/Jszc6i2wnzDjkte4QndGjWAsIK/F2Q3gFPj7EdOW3k4gskAgF:KQuzrzYJg9szDjkte4oGjWDF2Q3yjoFU
Score1/10 -
-
-
Target
vivounionapk_v4.2.4.0_d74cb3a_201808271150_signed_aligned.vua
-
Size
4.2MB
-
MD5
3200674229ed57cf762fc3d8c5137b55
-
SHA1
0896d5f138545dc9ddbf0003518880d745c8fe0e
-
SHA256
333ee74803ab4b114d6217250623869c751a00f4748c826c19ffcd7b29476195
-
SHA512
31c96314a2b0d80ef3d6c04c0a6894b6a8ebff7e501fd48499ea0e12969ba4ac00cdd844caf839a16cdcffa5b51ee2f33af36a578dfd450c79c7e2bbc0c521ff
-
SSDEEP
98304:aQn4W5hESDzkY18DTTcDPPIKGPBhFI+sqFkSOO:aQ4W5hEIkg8DTTcDPPIK+HFknO
Score7/10-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
-
-
Target
vivounionsdk.res
-
Size
29KB
-
MD5
7a92466708fa1ae45c5585a5b986f5aa
-
SHA1
e9e8e0dc60208b7a8b64a65550442a73f1166c30
-
SHA256
cc8416f87003538f2c8ea5280a7eaebfb40597b6ebdcc33c4fa64b0cf08d3b73
-
SHA512
026dec17ed60d89257c8cb7873a0ccc0de910aad6706f1bbb7936229d7074b9542b7b80a2040f466c64e6cf8896e8531ee01ed7acbfa6a7ed90637a5fe2d477d
-
SSDEEP
384:RAhiLwh2JKStCYi7PSSDq41bVjDIcRy3ftLYHiLaBsKFj+C:RAV2wYnSDqojDIcsfiHiG3l
Score1/10 -