Overview
overview
8Static
static
6bba367a7b0...18.apk
android-9-x86
7bba367a7b0...18.apk
android-10-x64
7bba367a7b0...18.apk
android-11-x64
7bdxadsdk.apk
android-9-x86
bdxadsdk.apk
android-10-x64
bdxadsdk.apk
android-11-x64
muzhiwanapp.apk
android-9-x86
8muzhiwanapp.apk
android-13-x64
7mzw_d.apk
android-9-x86
mzw_g.apk
android-9-x86
mzw_g.apk
android-10-x64
mzw_g.apk
android-11-x64
stasdk_core.apk
android-9-x86
7stasdk_core.apk
android-10-x64
7bdxadsdk.apk
android-9-x86
bdxadsdk.apk
android-10-x64
bdxadsdk.apk
android-11-x64
gdtadv2.apk
android-9-x86
gdtadv2.apk
android-10-x64
gdtadv2.apk
android-11-x64
Analysis
-
max time kernel
175s -
max time network
192s -
platform
android_x64 -
resource
android-33-x64-arm64-20240611.1-en -
resource tags
androidarch:arm64arch:x64image:android-33-x64-arm64-20240611.1-enlocale:en-usos:android-13-x64system -
submitted
18-06-2024 11:15
Static task
static1
Behavioral task
behavioral1
Sample
bba367a7b0717a629f10afaedda34708_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
bba367a7b0717a629f10afaedda34708_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
bba367a7b0717a629f10afaedda34708_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
Behavioral task
behavioral4
Sample
bdxadsdk.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral5
Sample
bdxadsdk.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral6
Sample
bdxadsdk.apk
Resource
android-x64-arm64-20240611.1-en
Behavioral task
behavioral7
Sample
muzhiwanapp.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral8
Sample
muzhiwanapp.apk
Resource
android-33-x64-arm64-20240611.1-en
Behavioral task
behavioral9
Sample
mzw_d.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral10
Sample
mzw_g.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral11
Sample
mzw_g.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral12
Sample
mzw_g.apk
Resource
android-x64-arm64-20240611.1-en
Behavioral task
behavioral13
Sample
stasdk_core.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral14
Sample
stasdk_core.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral15
Sample
bdxadsdk.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral16
Sample
bdxadsdk.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral17
Sample
bdxadsdk.apk
Resource
android-x64-arm64-20240611.1-en
Behavioral task
behavioral18
Sample
gdtadv2.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral19
Sample
gdtadv2.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral20
Sample
gdtadv2.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
muzhiwanapp.apk
-
Size
6.8MB
-
MD5
25a12b3e3d69b621f16d6809d57e37ee
-
SHA1
7c3026ac9bef20aa6c274a0ae0b2894ed27a39c6
-
SHA256
63a4443e53422abf80dffa60c088c72921a4d839d4070613427d9165909ea7e6
-
SHA512
d04d3fd4fa2d0911f1831b29c5b3031cd45349f8b916a1400a1789751c341272edcdb37b20ba468f759962f1aa7da174a58ced8cfaab1ccefa27dba19b445b47
-
SSDEEP
196608:udfDsgl7Fo3HcMg5+knzUsd3wIm1vM4MY2oNs:eAKm3lO+kz7dg3oGs
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/data/com.muzhiwan.market/data/mzw.apk 4307 com.muzhiwan.market /data/data/com.muzhiwan.market/data/mzw.apk 4417 com.muzhiwan.market:mzwlogservice -
Queries information about running processes on the device 1 TTPs 3 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
description ioc Process Framework service call android.app.IActivityManager.getRunningAppProcesses com.muzhiwan.market Framework service call android.app.IActivityManager.getRunningAppProcesses com.muzhiwan.market:mult Framework service call android.app.IActivityManager.getRunningAppProcesses com.muzhiwan.market:mzwlogservice -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock com.muzhiwan.market -
Queries information about active data network 1 TTPs 2 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.muzhiwan.market:mult Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.muzhiwan.market -
Reads information about phone network operator. 1 TTPs
Processes
-
com.muzhiwan.market1⤵
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Acquires the wake lock
- Queries information about active data network
PID:4307
-
com.muzhiwan.market:mult1⤵
- Queries information about running processes on the device
- Queries information about active data network
PID:4356
-
com.muzhiwan.market:mzwlogservice1⤵
- Loads dropped Dex/Jar
- Queries information about running processes on the device
PID:4417
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
17KB
MD5e65188742e10046597a4c648d045699b
SHA137b2f1e3e89d3b0d8683737ccae2ee725e82a312
SHA256d0990058e5204d1a1bde2eff40893cb49d1e8972ee9b7e1b03ae35ac3cd5df8b
SHA5123859b177492c74ec9448f7c57cf37beb7c747dca9580125cbd7c2e1f3a7761a3736072b1ec2ee14fa1f844f13df4163aa167b5cb9010e7e7fd00b2724553d481
-
Filesize
59KB
MD5b2a8fd2dba92c8f75869f79c70d441da
SHA1faaf88b3c3653fc205a3a125ccb77fbc87b76215
SHA2562514431fe50d909ac1385e07341ed8878b5f2400df151df5a43a59b98a31ea02
SHA512a66893a5bb935dfefdc12ea32c2407cf9d8d040ff82852b415c599beb94d002ce77ec15bbac3f78ae6758a8c7f5e83c799ad84fb8ce2e6763da88a9bb20aa7b6
-
Filesize
42KB
MD5c04d422c5a4bf58a127bbf2bf014965c
SHA13b1f3f4ad21fe0febe567e5a56996a7e61658cf9
SHA2567a28fd857e1283e351d37931cc6e23cd6de5ad2fd4d3d23337a6f162b07f3978
SHA5126cb2768a8344e3da470472ea906b5be2e33a24384efe35cdc3c0b0c24351c3b34444a4d2d6a9e21c48927b85554aaa3904fb0361071c0711841565222253e0a8
-
Filesize
16KB
MD5cecd02eff55973896bd98843ebbb1871
SHA1da145bab244f53a7fd72d6df86ed262a391baa3a
SHA2564dc3a0a01bf2e0076f64b8e45ca34602f24fe02a59bc06cc7c6549fe4de0452a
SHA51293ad6a78931eb7478abc2940e00bd65e9c00fafaa8d042ca76ee3462b668ec4debc0e963b15c8758f390ab7bb7c155a1e986c98d16825ac421adfb7b67330ce4
-
Filesize
42KB
MD57bc525aa5cfd71cd4d2ad570fd72a906
SHA1b411e1b345b5e9e4a0e4f603b46277278981e921
SHA25614b68457395896d3ffe12b777f52fe2cc4182a6c9ba383555b12522c93657b00
SHA5125f1973360665bdeb536d8dc2a9c5d2077990fbc6fd3653747de9d54c7032a776151f39986792ab57773623a143b2d65cfbb585aa53c823197485eba9e75c8e2f
-
Filesize
8KB
MD59f7eb25011139ef9703a333bbb2143d7
SHA135dcb4e9f50a28e5f4ab18ddecab0158248b9bde
SHA25618b81030f5ff6f122e812b4f150b51609f66e812f3120c664ac0fb2caef6a1f0
SHA5127db20612eb770b92061c7c0bd1c96cbacb5480f6dadf8db5ac6dd165e6b09d7393e2026cf8b6c2cf2f4797bf8de50cc062ec357c0455f386e7aac232358848d6
-
Filesize
8KB
MD5e5cd89b2fe0832052acac5717140959b
SHA1e9f6285d3bd64b9046c9286b9cfe84717a2912f8
SHA2565e82d557dd9a324602bc9c36b1488c46cbe1e409e795d97ad3c689144564d502
SHA512040cb2bc06af4ae229ae1a23026808ee96202c04f5d3a87c5a49eaf4c8b2835aeb01a4c3f7c2846494b41edd4769b55df2bb4a242e932ad19e8273075e3d5620
-
Filesize
5KB
MD58378a9dcd1c20c2a77639fa406ffcde9
SHA11dadb7f1dfd0b3a7c3a6607e7feb44913349b59b
SHA256473e9169fdf2af40f61d45f33ce7cfb6437744b4db5799cb18e4087c91d3b7e0
SHA512bd8fa14f63647bc29086f9464f1c98d1a56a218ac9c26e8e2af5cbf300bf2a3170968c90cb84edbf11ddeb75a0802bfb28b8dacbd4a053a1fd426590b40d1676
-
Filesize
1KB
MD58e772a137206ac4d19330e25613acfac
SHA164df6147f83724f8e82ae7d5c60d49a4eb8453b9
SHA256d3250e297705d5dc7a883cab0ca36af17023d6ae7c0ab8a660f414e6a55a8bc6
SHA51296c5675ab8a681fbd1299b6a128d66ddd36dba12fa6f5cfe4b448826b115d1ea5c827c18e4c67a21bab9306fa6a269121bf1da6e4bb9df5d4f1836e53261c338
-
Filesize
2KB
MD529027c0e8dae679b978250f89a4c41a9
SHA184febdc60fb778f9a869efc4478c8cdb89905327
SHA2563139d63b43d8643d616575fc952c7003bcb24a97f33ecd2168f2947a027adede
SHA512f09503806478eba3429568e640830cf4eca24d6c878683dcb591d85733cedb91f551dcd568d69261ed506d274b2826e3b5357f39094b64fe9e36cdecbb0ae549
-
Filesize
32B
MD5225530c4c3f1b3ba8316fee217c28f9d
SHA1975268b81973ebfbbc0114f34250c1b946260065
SHA256bd586f468321f49133825d5bf5ae317e65942cc8cd8a3b1939e44c6ea55235be
SHA51286dcf562a28f1977919e792913b3a5ea87e1cc52777ded7bd87f75648a71357d6c74f9e4416d90f3c312d49cfea73bd251391853061a30c713ee86e4cbb1e9e6
-
Filesize
2KB
MD5841a896539d4c7ac7741e1d0595a6769
SHA16dcacb91228e53dfa6fd2979404bbaad0c9fec11
SHA25698cb02436d73fb6b70f7b716844517732d5aded0089909883616b31627f66db0
SHA5123d85682b278df00a8657a97300c3608aaeab7ce777a2ae3c86b54835da51273f531c692e673fa1815a92cbdd7ad461eaf94f4da6a1e6cfcfb9d936f8118fcb57
-
Filesize
17B
MD50f607264fc6318a92b9e13c65db7cd3c
SHA1c1976429369bfe063ed8b3409db7c7e7d87196d9
SHA256c248c629af1fe0a8c46b95668064c1d2952a9e91d207bc0cc3c5d584c2f7553a
SHA5129dbd40b135b46c7be31b8c7d11c75b0b179af3a6550fca52ec447583aeb50aaaedb4b1e9373cf8826615149549a2efaee04efdc9a282e3a6b387c73099c13fb1