* Fake app, so people can pass a manual inspection of their device
* Fake dataset, to feed so many false positives into their database it makes it time-cost prohibitive to investigate
* Conflicting dataset - Duplicate MD5 strings matching 'bad' and 'good' files; may corrupt internal databases or provide plausible deniability
Worst game ever. Is it just OK and Cancel? then it seems to do nothing?
Going up to http://47.93.5.238:8081/APP/ there are two other apk's [GT - "Download the security security project" "Download the public security project" ]
C2 URL: http://bxaq.landaitap.com:22222/BXAQ/servlet/front/APPS?type... (HTTP POST)
Update URL: http://47.93.5.238:8081/APP/VERSION/jingwangweishi_version/v...
Interesting features:
MainActivity.this.scan = new SdcardScan("3GP,AMR,AVI,WEBM,FLV,IVX,M4A,MP3,MP4,MPG,RMVB,RAM,WMA,WMV,TXT,HTML,CHM,PNG,JPG", MainActivity.this.sdcardCallBack, true);
String SBMC = isTRN(isNull(EssentialInformation.getSBMC()));
String IMEI = isTRN(isNull(EssentialInformation.getIMEI(this))); String MAC = isTRN(isNull(EssentialInformation.getMacAddress(this))); String CSMC = isTRN(isNull(EssentialInformation.getPhoneCsModel())); String XH = isTRN(isNull(EssentialInformation.getPhoneModel())); String SJH = isTRN(isNull(EssentialInformation.getLineNum(this)));
GA_AJ_JK_GXH_source_from_JADX\res\raw\test.txt
The md5's they are looking for you reckon?
* Fake app, so people can pass a manual inspection of their device
* Fake dataset, to feed so many false positives into their database it makes it time-cost prohibitive to investigate
* Conflicting dataset - Duplicate MD5 strings matching 'bad' and 'good' files; may corrupt internal databases or provide plausible deniability