Overview
overview
7Static
static
68d91d7043e...18.apk
android-9-x86
78d91d7043e...18.apk
android-10-x64
7ForumPlugin.apk
android-9-x86
1ForumPlugin.apk
android-10-x64
1ForumPlugin.apk
android-11-x64
1RaidersPlugin.apk
android-9-x86
1RaidersPlugin.apk
android-10-x64
1RaidersPlugin.apk
android-11-x64
1SpeedUpPlugin.apk
android-9-x86
1SpeedUpPlugin.apk
android-10-x64
1SpeedUpPlugin.apk
android-11-x64
1TencentUnipay.apk
android-9-x86
7TencentUnipay.apk
android-10-x64
7gdtadv2.apk
android-9-x86
gdtadv2.apk
android-10-x64
gdtadv2.apk
android-11-x64
Analysis
-
max time kernel
167s -
max time network
136s -
platform
android_x64 -
resource
android-x64-20240514-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system -
submitted
02-06-2024 09:11
Static task
static1
Behavioral task
behavioral1
Sample
8d91d7043ed90a2a865051e4b0c55e75_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
8d91d7043ed90a2a865051e4b0c55e75_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
ForumPlugin.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral4
Sample
ForumPlugin.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral5
Sample
ForumPlugin.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral6
Sample
RaidersPlugin.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral7
Sample
RaidersPlugin.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral8
Sample
RaidersPlugin.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral9
Sample
SpeedUpPlugin.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral10
Sample
SpeedUpPlugin.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral11
Sample
SpeedUpPlugin.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral12
Sample
TencentUnipay.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral13
Sample
TencentUnipay.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral14
Sample
gdtadv2.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral15
Sample
gdtadv2.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral16
Sample
gdtadv2.apk
Resource
android-x64-arm64-20240514-en
General
-
Target
TencentUnipay.apk
-
Size
1.1MB
-
MD5
f0af2f08a02174637d4f394f43265268
-
SHA1
8d83734e73c3175ded16863f8713b690287baa47
-
SHA256
17a021e33ca40a2cc0667bf6faef6a85602b7beccfd46123686d00a2ba972da3
-
SHA512
b96b9026d94565d5c6a0356d11ac0ffed7111fa9192daba46589dbd5de9b23b1ab6369126847d38917c6c4c5f40b9ce44150ee404adeeb665cd8e29ff62ae918
-
SSDEEP
24576:OxXOwDyKes8X4HtiV2wngT1cI2VjsXPUQWgbSO6/8cP81no5y:OxX7DySCngJOVjsXPUVgbS/dPIl
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
Processes:
com.tencent.unipaydescription ioc process File opened for read /proc/cpuinfo com.tencent.unipay -
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
Processes:
com.tencent.unipaydescription ioc process File opened for read /proc/meminfo com.tencent.unipay -
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
com.tencent.unipaydescription ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses com.tencent.unipay -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.tencent.unipaydescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.tencent.unipay -
Checks if the internet connection is available 1 TTPs 1 IoCs
Processes:
com.tencent.unipaydescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.tencent.unipay -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.tencent.unipaydescription ioc process Framework API call javax.crypto.Cipher.doFinal com.tencent.unipay
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
20KB
MD53c718b6ee850793296421bf05d4a7ec5
SHA1be4193ec279d4e06bce835fac63c0c02db9a07ec
SHA256248c9e2b4251e15b129d129aead04f3d943ce8affd119eb9e1c412e423df4ed6
SHA512e720bf6cd7c66efe2a7d3deaf7b14c4ec256b5b1af751f08706efd3ec14f26a51c52658fae9ee9a714eec6cabcbb9f70fbce5f6fc8e7c17330fd8e422e05d6c5
-
Filesize
512B
MD50c2ed475a7c49c5a52ec3a677911c691
SHA1c3219976cf2a1f5961b0044d6f0bafcf8d248a6b
SHA2561208b4b93dd771985ac82bd25fd8b7a66565ce1c2f88207232a51c14d28f2bc7
SHA512aea75757f227c0f96e519ec19147579606839e9a6245f83b70a3d15674524cb9a7efee6f938b45bf5521fed1ec36689393303a095a5ebc73016d340543f2d5b4
-
Filesize
8KB
MD51b7029aa8f7eff7855f04769ef099dea
SHA1eef356b56633b432fbfe0b58ffd31e75d8157275
SHA256edcb33f3daabfd0d710a561930a078c3226cf514930640cd5b1331dd6bdb219c
SHA512ff639164938c0b2d9e9fc73b4f673158cfd48f9e3d01a389b0328317c5e936034acb48bf34cd7f4906d9b29a1b7e1fbde4fc0402df00b2e099a044251884af66
-
Filesize
8KB
MD5b6fd8a0de608a12372a9b3e9384522ef
SHA1b645cfb69b7e1e4b3a8ab81054b582ebce9a1f0e
SHA256c53f4c6b824956c02dbb2942fee6ebfc7bc4f8c216b3f8e398db3b4c4d600889
SHA512585376a7bfaaf4e789d770a5896ecfbb934f5830ff3e2a56cf03ca58a4be4caf0fb2bc302b4c33a83c7464af05b5ababdb15a14c9fb5647b730c40d2191b8c22
-
Filesize
8KB
MD5d247684c2c5bc574b86deeeec3356db8
SHA1cbaa969f38391239d090ef33cb658bf3297481a9
SHA2564e0068cfe3cc17d4a97d0a71df0dfb922db2f61c6a8554343dee665c4aa9470c
SHA512f4d90b3b6e7fc3b04c52c2bc4c083f6db5b27d18bf847327b0e6eee1b148a7714b34ceef93891a825809183bbac55c5c492ebc986a37da3c3b550ce224d75ad1
-
Filesize
8KB
MD5c69590ffa445bb03bbe10729d5c3eb38
SHA1cb6e14fd61f7eb69a084e08a33d7737e169dcb96
SHA2565c80025b51a538c80b3db4747249c1e2af2973639f16651991c8f9d9414e5d02
SHA5123737ca50bc943cc5614cbd8436cd85b91df88581dff53d92dcaf583b2bbdb4fe0b4e1139a5b6fc100249a22056513571e54e2f284ac8e740009f76f91a5ed19e
-
Filesize
8KB
MD5f96055092d9827353d7b3e7273dee22d
SHA122bb1b38aeb06905b4b9e347dde1ce09301206f4
SHA256254f3a61d63ac2f18f720edb1087132c18f7c775acb59bc6070936e12b5632c9
SHA512db02ada41fa9d17fc759691fb79a9f02a31fc1071cbaba8ecea258e2f37db47359923e570a82ab32bc3c9a0e7adcfca931f46943a3f88bc3763eb10a9086add1
-
Filesize
20KB
MD5ebedcb93d3d987d6f26dd7b292168b65
SHA17c3fd83c2b5c985a7f195604cea72f8d7f198f1a
SHA2568f2a98dba41d31780b74ca0cd622eb04740fa9e38f0e2c84e65c27ee30d3c583
SHA512e82f80013cd89555253a6720ee7d79d8b510058d977d077f91c1689ad87e987b5e3bb1bf1b9e3a07bacf254028f4505a62b287a78cbab9d71cdcc024bfa0f2cd
-
Filesize
20KB
MD52a560c21697aeb400d7548445d90145e
SHA192ed8fb00e3df0903097cf9ea092b0769d84962d
SHA256ba5c165ef60deac3b277884af6201bc9cba0ca87dd8c92d4c25b64ff6491250f
SHA512cffd3819577e70f005974e97289d0a13ec8d15dc146791d64d7edad64800ba4ff424d6a6190b718a91d92d063badf2dd5f3f47343bedafcf1c2dffdc200e9d46
-
Filesize
16KB
MD52841dd64015293cc8589ad8443110793
SHA179d7d5fe780af1616607dcb5800a9e2d18ea02c9
SHA256d2e17dbc1a14993d2ffd20c649f5e8c1dff6498b86a1d150fecb8ffd8245b8eb
SHA512ed56d60cee231584fde881b9a4fb4ff08333c6a775ebdd32e5899bdd3b4e9cb29e5ea73f3299724d12fc1ae85572a2e5a9837e1dc00682ebe70c828c9ae1d529
-
Filesize
20KB
MD5681b90fec0ac00f18562b00364946b1a
SHA139596ff05d730401d9c0a0638805639ea9da24e6
SHA2567051d74ceb6bc94027afaeabf28707920b5fb85c2b5d85f818b629a9d4f16f0b
SHA5123aac9104d0d039bd692ea225dac79299c3d8e1a249e9a32fa13988f3b762bd2e06a8b193e72f7b6a170c1a2c8dba284584255e818ee3edf52f8d51e43803d862
-
Filesize
20KB
MD5abcb84bf02456b53a678f16aa195919f
SHA137c8ed2e588a5a1e34a89e1e93adfbdb7f1aa7a7
SHA2564ec14143259631a233872b2979c8a3a2f5bb11246edecae91136cd13c31f7262
SHA512143cf085b6aeaaf7826be29972ab246a247508cc807635f9b0b4b676cb13a7640c238da7503b66417414aabd70e42fcc53995aa4ee2eab980e3ced5e6356e544
-
Filesize
40KB
MD5e2793559b5254534a28c0924290789e7
SHA1ef0e1f55a0637c668c592d09da52966ca54f2b2b
SHA2560d05bf85979d09cff9937d659803ccea038c6e82863d82a3eeb51bcbcfb07471
SHA512c629cfe887e5a183d82a891f997b7a6df69402297909e7f99a59b6d17fff46512e065cdcd82939b3d19d30d8fd36bbc659bec9cce5f81953f43342dc5f4d1e4e
-
Filesize
12KB
MD5e4c9e773f23cc014220eaba326f63f70
SHA12cb17846f92db5a6be00aa65816903b9f994b2ba
SHA256ee0187db788594f83dac4edbae21c875419fec663ea67180b8cf4d75ce25c670
SHA512fa2c59928b6f2a681b89698831c3245c6486fc56fbf4fd59514027cc7d8354d6b2108cf836f9be7905bac714c86e5d6c1b2f9aaa1eebfc3bdaf44ee741f066ed
-
Filesize
12KB
MD5bd50c4d93903175f7f0a3d6dfae6e142
SHA1f897b75ecfac8a360c5795e99df486da1fa91ce1
SHA256649711d915543bb627d7eacd4d1651970add4873519751a6510aa09feafea3b8
SHA512e7550be048d333b5702ef11f834ffb80f4dc2e553cdf20c8b77b09eeb412ab69acade260683e91be7447e622e9b9f4d605f41b5ac1a7b39090aa5b8fd30b5950
-
Filesize
12KB
MD5fabded2628f2c8eb5907c9ddc05ccf84
SHA1d1c5f6ed792b8fa33d258148e1341800504f8ef6
SHA2564e86bd6de1b027a59208ec4eebbdb3b3a69438c8b8435c59b40aa78b73eaa7fe
SHA512c8a251938b55eeb3fffc71accd7f8c050677a9f9c6f27830abcfca3b3b03ef5c63bb3b14d57806b6c8d9f6ecb8a45bbb3cb0392ac3e1f7cd265b7c8997eb19f3
-
Filesize
512B
MD537985507a254a0de3c22dbaca36633b5
SHA1ea5e01d44354589bf84f9769b965a12a0d66ef5f
SHA256a9a5f06ff5e9c0fe96d5206f6846fb850c3fc057dcaf8f6cd5aea4f1738227f6
SHA512c9fc68d9ad718b0c4dbdaa912df701bd4205c40daa8b3f8bd120e4383befd43bbb70a9dadad4c0e66805ee7e46b2650918f4a24b5c86596c4c21efe054cbc541
-
Filesize
8KB
MD5eb8269ca2270ef86435b936c79258ac5
SHA17b48e2bb08e618904d90e8e55e3c2374716e90d0
SHA256f88cadc26d8d68caefef7d9b0972588722ea2f9c9b95aca2a52c501b29f30ea7
SHA51274e0a235d5dceac802409dc11a65a8073003e92951a14ce33a5abc050481ea3962ee35089691b90ad083159122c1dfc7eef8dcc4f845a7610ddb5c62b6ddf535
-
Filesize
8KB
MD50e0abf4484733f109453a2af7ffbaeea
SHA12ee2a168d7e0eedc52ad22c6557898ff1a766e55
SHA256b2ef0e82999a63d346b02fd5585df9b396ad7a5144d1e1f13eb9fc53b5beb0f4
SHA5129819a26dcac69c65d333ad9022321ec28e1d4149004f21c235dd9e299133cdfbfbfb2bb3c76e6bd9ad97af72a17748b26cf50b7e14009278eb555eca78737236
-
Filesize
44KB
MD5e1ab7cbed3fb53c12f309deb97988d2e
SHA1bf26f7301643ca198721d10017ea63de94718084
SHA256e4d36cbc27ce2fe1e354ac6a145cdecb096b55e6cc5cb6d1f00eca2a2cf05e0f
SHA5129b162cad2eaa83ad93952b8a8ebedab0a32f014b6c74c357965f073c2cddad90582de7ce012d6fa012aba60bb2abe9f39fc159fce358a68a6422a4557e72acc2
-
Filesize
36KB
MD577862e5a988bcacffb5f3f4b56bcfd13
SHA1224c79a18684cfdd66abaa9c3dec47cdf9533c8f
SHA25627c65cf2634944ed63443c863c0081e694c7b2888361909b0764734093ab4687
SHA51237f888d3b3ec0d087fd0f7eb5658b2cbd84b6ceae9511b9ed5acef22e31b2dbfee3a6aff27ca2596cd98c5449f897f4ca158b5e51d8d3731e707db40feac0e81
-
Filesize
16KB
MD500097a66c7496f869a0384cf1d27102e
SHA1dc10a654d3e4ba25521aa14f04e1cd8d8b2ecc5a
SHA256cc14c4c43b03169a4fdd6305c1ec966984cd85747b58e7cb0b0e4832456b84ab
SHA5125ec1ccd4bb37a263cd8c668e458940555b68c391aae64e1314a646412f76fe66f39ec3099a390932db39946654d33917bf0beb19059405ef1130465bf23aaac8
-
Filesize
16KB
MD5a358d4627fbe772cef698de3ae8bb2ae
SHA1dab2a528cc0827a8b9cb7e8a3be451d332dc155d
SHA2567f75ebc9e6e6cc8a273edb3a23ed187bed3b608d786c7aadb407100d995846b6
SHA5127790340fc4e4654debc0498e4246ee72f9b17eb2ee26835cfe80b5d90aafa725d195b76aa2277bdf4ba1e466ceb0ec03bff5f220d6f3e6b425b1a1c0d16cc4fd
-
Filesize
16KB
MD59334a760ea7639bad7a9c8351ba2e3d5
SHA18a4b44f86308948ca5a78af3c0b7e4645b8b96b2
SHA256b8bd93f0aeabe32eb77a5b091c563d0fa1bd0a53f754cefd57c4e96f5a22074b
SHA5125204d8882d43b8b1dbc41429008272a9bf0ad2ac8749a03229ff0486a52134a962d32e45cbbefdd8902b7091d8ec66497332379e097b11efba8f3996c58204e3
-
Filesize
16KB
MD5b52b87c5b9ba748e1081bcc0179048ee
SHA169b737fa4f0526b08a409dbc05f1fe7a75068d3d
SHA256a75350caec8441806ca429ebc0488cc30bd44ecd5545f1041d22edb5788a3e98
SHA5123d43049b33385cf805e2d7c4b4c3f24dd7823f70ccee13df26a29d05b1b85ba3fb6d7481078ebf1b9b9a4beb428491c1d04aa691b5ae994185c9d04dc0cccaac
-
Filesize
8KB
MD5f2e23db46cc6919431eb95694a5d2698
SHA1f6b6baa37728f529b9d2c5c57f4ef48865d3b468
SHA256e825d91c88a9bd8a312129a3d79bae9dbd1d3737dcf88c7f72a5abfc638da6cf
SHA5128b3d86ea3fbf728feed606b1e32e7d620123179f9c5a71c42159490d503d6aef0f295dafd2b21d97f60e395cf1f17384b827cd78c138aa4a6e09efe4f2980cce
-
Filesize
8KB
MD56eb44b44e8ac61297882dd19bb7fb31f
SHA11939d3eb2e1368b6dbe96eca316c888fd2cc6dc9
SHA256b481538312e0ec501ccdda7ae95bb463595ae7869d00494d0b78061b8258e9eb
SHA512626f3a7bfa32dfeecc369c451f2c4fa4ea971b54ec2a963493512c2657b46d408db130234fb1eab50f9e1a6015d4c0d584c306e870e0610200eb67a33938b33b
-
Filesize
512B
MD50119e5c688abe4aa445f6934d1dbf589
SHA1d5aa204ebe69be2b715ad5443de66f714cc231d3
SHA2567e97bffa05e0a57f7dc5ce7d1aa2976180487972db8767b1b8bd05798dce6895
SHA51204e510a763052a8f4db7314819a95ee542816fd4e1b8e2933551b2850e07e17839b68a179e0e325b54feceee6e95358f32d4f9db38d951a93a9d2828ffb7e2a9
-
Filesize
8KB
MD58d10f63378ec988b807e3fbf48af2d2d
SHA15c11ab324e7d4e1be4c6fd064ade4c5bef9ab9f8
SHA2566033f585d7fff3a4b4727d23941585cbfd2a2b874849b4849d65a459107d76a0
SHA51267292ce36d9901fabad5cf2490c710ad22e9bf4a9ca9cf85779c0888136fe0a467830a86946354adb26ed72cfe1816c3d079aa1ec43e65c2aa6bbb96e3141d21
-
Filesize
8KB
MD5c800fc82b31250a93a2095da9df1f428
SHA17cbbe82dc15068ee826b341d2e70fe3c6139eea2
SHA256435255c44ff08967698357e51d481b6433ffcbd739676ba35322d18fa68d90e3
SHA512fc5ee26a92779dada6265c8073145772339966c25b95cffdab12c3488445eb3399408798d5a5e696d54582a2853f0f0d620e8e04e4d3be772b03c40c929c924f
-
Filesize
8KB
MD55c5b7c5c2accc983f7cca96147f0c86b
SHA1811d7b1d86ca08dfec0d83bbd5d15a4b31b6f8b4
SHA2568b62fda2f51c23b5e02681a3151f726c01003f346fa44d69f2e4b2c176b967ce
SHA51227d19c349b4ccd48b2808a998fae68683051a9b02ae0d6f8a8c225d588291d9e33a0eafc2ef169e0edfd03630638125b3260efe421845a593ff9fd8526fd39af