Overview

overview

8

Static

static

6

70998cf546...18.apk

android-9-x86

8

70998cf546...18.apk

android-10-x64

8

70998cf546...18.apk

android-11-x64

8

vlocker_de...me.apk

android-9-x86

7

vlocker_de...me.apk

android-10-x64

7

vlocker_de...me.apk

android-11-x64

7

Analysis

  • max time kernel
    19s
  • max time network
    151s
  • platform
    android_x64
  • resource
    android-x64-20240514-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
  • submitted
    25/05/2024, 02:39

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    70998cf5462849c3d23c6cf97f250109_JaffaCakes118.apk

  • Size

    1.6MB

  • MD5

    70998cf5462849c3d23c6cf97f250109

  • SHA1

    5f1ff393e2e4428376d06be87aae79c029b7fb39

  • SHA256

    ebd45f2c42a49f46aca69b686dfeeb13e7c1e523139ce5c1f8667da5196c4d78

  • SHA512

    a9e1b7f1feb0ffb31de6865c173079ad6f5d5676dca17622d28b5ef3ff2b344fadd1f755e227c75d0882e100f0cdb6eb323b7131955fceb1fe67c239983a3707

  • SSDEEP

    24576:AXVhH2fhEoeP4pdr84ru+/oNwWsbdMTl6t8CcHWCH2ubqU/H96h:YWfGQPrucoNHQol6yZWCWai

Score
8/10
discoveryevasionimpactpersistence

Malware Config

Signatures

  • Prevents application removal 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to prevent removal.

    evasion
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
    discovery
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.vlocker.theme5747aca11b3a4061348b90a1
    1⤵
    • Prevents application removal
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:5128

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/com.vlocker.theme5747aca11b3a4061348b90a1/cache/vlocker_default_theme.mx
          Filesize

          768KB

          MD5

          07c4fe4c0133afe38c2e6e73237c7071

          SHA1

          c4043c11ed2e28e43d637f95e9f19d763ba5d37c

          SHA256

          de74e14818f4313157aaf3544e3627ad3c76277625f64e1e0321dc445dc5afc6

          SHA512

          a61fafdea86410ed64a8e40be48e899e62c35b8f76e350f5fd5d77bd120507495c052b81833a5e357e9a5ac3651b3e325c033b21fcfbe1064752cd31ab9ed953

          Download Submit

        • /data/data/com.vlocker.theme5747aca11b3a4061348b90a1/files/mxstat/cache_1716604763492
          Filesize

          8B

          MD5

          c2cb56f4c5bf656faca0986e7eba0308

          SHA1

          be673e8a56eaa9d8c1d35064866701c11ef8e089

          SHA256

          12a3ae445661ce5dee78d0650d33362dec29c4f82af05e7e57fb595bbbacf0ca

          SHA512

          d0e784dd6dfb1a1f64da68379c349e5d7b5354d2a7312694b9d736b1410f408f5d5fd50924acef6cc6d78653917972bc0551fa11712de9ccdfbe4ef988962bf0

          Download Submit

        • /data/data/com.vlocker.theme5747aca11b3a4061348b90a1/files/mxstat/cache_1716604763492
          Filesize

          400B

          MD5

          bf4c481d000838ea73de3e3050b8643d

          SHA1

          a4dff031054f9b1b7c543a0ebf7b1017e737a83f

          SHA256

          b395b4cc570b5f89655194f214e0c8781c5dd4d3c432178e88240471ffa45883

          SHA512

          8b17ed4d73fd729acaef88a56b3751d8e1462d53569bb56b037f92abe47f41d3632d5abec9956fb978976f8c1b956e936718bb6bbae8fbae9023483b776d25ed

          Download Submit

        • /storage/emulated/0/vlocker/flags/theme.flag
          Filesize

          24B

          MD5

          17acd74608e084a4b5b2b26ed2fe235d

          SHA1

          92b35df9e502cf607fb46316b2fbd82d2341fd7d

          SHA256

          4dc85efe4f502304f586272c898512cbb23092aee4001f18148bb361b579b183

          SHA512

          d99149e8864d636c71930bb9c52aeb6eecee16c4571ed3a1bd04d5ae1817674e2427e9d17d05faa9f6f908158de4fdcf2c3f9b8721e4dfc5a708930dd3741cf1

          Download Submit