477cd839d0d9726d6db93d2d7df86e1bd61ad5ff278ba4ff8820774aba4fce6b

Sharing

Copy URL Twitter E-mail

General

Target

477cd839d0d9726d6db93d2d7df86e1bd61ad5ff278ba4ff8820774aba4fce6b
Size

3.6MB
MD5

0aceca0840a81f1865bdc7019f969ce0
SHA1

445a4a78294c05e5a9045566bf87508fec7e48fe
SHA256

477cd839d0d9726d6db93d2d7df86e1bd61ad5ff278ba4ff8820774aba4fce6b
SHA512

7df055ce42580a6ddd2d1b0045f912850f6aa986ed188869dfb7ce3e653d7d00205c66a12c4e87688eefe79ae29d2528b7ebf22f1f8293cd59616d8a0d2c4790
SSDEEP

98304:+rVwnZdy+5lgtYkMWbok7i1wlYrdG3Up2Ae3Ayy:gVwntlx5Wbok74we0Upg3G

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/AppleHelper/AppleHelper.exe	upx

Requests dangerous framework permissions 5 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to monitor incoming MMS messages.	android.permission.RECEIVE_MMS
Allows an application to read SMS messages.	android.permission.READ_SMS

Files

477cd839d0d9726d6db93d2d7df86e1bd61ad5ff278ba4ff8820774aba4fce6b
.rar
AppleHelper/AppleHelper.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 132KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 49KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
AppleHelper/AppleSms/AppleSms2.13.apk
.apk android

com.bhdata.bhdrobot

.ModeSelect

Activities

.ModeSelect

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.VIBRATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.FLASHLIGHT
android.permission.SEND_SMS
android.permission.RECEIVE_SMS
android.permission.RECEIVE_MMS
android.permission.READ_SMS
android.permission.WRITE_SMS

Receivers

.MySmsReceiver

android.provider.Telephony.SMS_RECEIVED
AppleHelper/AppleSms/applesms说明.txt
AppleHelper/AppleSms/更新说明.url
.url
AppleHelper/V128版本14日0点5分更新.txt
AppleHelper/下载说明.txt
AppleHelper/新云软件.url
.url
AppleHelper/更新说明.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 132KB

UPX1 Size: 49KB - Virtual size: 52KB

.rsrc Size: 36KB - Virtual size: 36KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 59KB - Virtual size: 58KB

.rdata Size: 31KB - Virtual size: 31KB

.data Size: 4KB - Virtual size: 16KB

.rsrc Size: 36KB - Virtual size: 36KB

.reloc Size: 17KB - Virtual size: 16KB

com.bhdata.bhdrobot

.ModeSelect

Activities

.ModeSelect

Permissions

Receivers

.MySmsReceiver

UPX0
Size: - Virtual size: 132KB

UPX1
Size: 49KB - Virtual size: 52KB

.rsrc
Size: 36KB - Virtual size: 36KB

.text
Size: 59KB - Virtual size: 58KB

.rdata
Size: 31KB - Virtual size: 31KB

.data
Size: 4KB - Virtual size: 16KB

.rsrc
Size: 36KB - Virtual size: 36KB

.reloc
Size: 17KB - Virtual size: 16KB