9bb91953c14d66fd3de4d2a7b17bd28e208adb84d1c08106b33b237d15ec27c6

Sharing

Copy URL Twitter E-mail

General

Target

9bb91953c14d66fd3de4d2a7b17bd28e208adb84d1c08106b33b237d15ec27c6
Size

8.5MB
MD5

a744496d4bb840ef50680dd125a6afd5
SHA1

fb96633a8cc8824a07caecb85945e3ec3ba17038
SHA256

9bb91953c14d66fd3de4d2a7b17bd28e208adb84d1c08106b33b237d15ec27c6
SHA512

239db467a331f51624824dbced240553f139408ab3fc892a98a1f1dc177a9946bd769be75c5cfff250b8f4342c02de650655d342323015e57c9979333f471572
SSDEEP

196608:DQjDahWZHNHO4XgeRCoYE72RvPzspEPXRJK/sxubddFHzizl+6:EVxNu4XgeRCoXyR3zsWP2yuDs86

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 5 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE

Files

9bb91953c14d66fd3de4d2a7b17bd28e208adb84d1c08106b33b237d15ec27c6
.rar
ApWiFi.dat
ApWiFiInit.dll
.dll windows x86

7c91a66eeece08a2a3d5943696979b20

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32 user32

GetSystemDefaultLangID R

user32

MessageBoxA

kernel32

TerminateProcess
GetCurrentProcess
GetSystemDefaultLangID
LoadLibraryA
GetVersion

shell32

ShellExecuteA

Exports

Exports

ApWiFiInit

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ApWiFi
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.ApWiFi
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Styles/Codejock.cjstyles
.dll windows x86

Code Sign

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

29/01/1996, 00:00

Not After

01/08/2028, 23:59

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

05:e6:68:a2:4e:36:9e:cc:bc:a9:53:1d:11:83:64:bf
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

20/10/2008, 00:00

Not After

20/10/2010, 23:59

Subject

CN=Codejock Technologies\, LLC,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Codejock Software,O=Codejock Technologies\, LLC,L=Owosso,ST=Michigan,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

57:4e:bd:e3:7f:c7:6c:a7:f5:63:44:0e:d1:1f:d8:eb:57:93:c6:06
Signer

Actual PE Digest

57:4e:bd:e3:7f:c7:6c:a7:f5:63:44:0e:d1:1f:d8:eb:57:93:c6:06

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Codejock Technologies\, LLC,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Codejock Software,O=Codejock Technologies\, LLC,L=Owosso,ST=Michigan,C=US

26/10/2009, 12:34
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SuperMarket.apk
.apk android arch:arm

com.cnanzhi.market

com.uucun.android.cms.activity.MarketLoginAndRegisterActivity

Activities

com.uucun.android.cms.activity.MarketLoginAndRegisterActivity

android.intent.action.MAIN
android.intent.action.MAIN

com.uucun.android.cms.activity.MainActivityGroup

action_main_manage
com.uucun.android.action.index_activity
com.uucun.android.action.category_activity
com.uucun.android.action.topic_activity
com.uucun.android.action.activity_activity
com.uucun.android.action.manage_activity

com.uucun.android.cms.activity.SearchActivity

com.uucun.android.action.search_activity
android.intent.action.VIEW
com.uucun.android.action_search

com.uucun.android.cms.activity.CategoryResActivity

com.uucun.android.action.category_res_list_activity

com.uucun.android.cms.activity.MarketOutLinkActivity

com.uucun.android.action.out_link_activity

com.uucun.android.cms.activity.ChannelActivity

com.uucun.android.action.channel_activity

com.uucun.android.cms.activity.ResourceDetailActivity

com.uucun.android.action.detail_activity
android.intent.action.VIEW

com.uucun.android.cms.activity.ResourceRemarkActivity

com.uucun.android.action.res_comment_activity

com.uucun.android.cms.activity.ResourceReportActivity

com.uucun.android.action.res_report_activity

com.uucun.android.cms.activity.ResourcePostRemarkActivity

com.uucun.android.action.post_comment_activityy

com.uucun.android.cms.activity.TopicDetailActivity

com.uucun.android.action.topic_res_list_activity

com.uucun.android.cms.activity.ActivityDetailActivity

com.uucun.android.action.activity_res_list_activity

com.uucun.android.cms.activity.MusicCategoryResActivity

com.uucun.android.action.music_category_res_activity

Permissions

android.permission.CHANGE_WIFI_STATE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_LOGS
android.permission.VIBRATE
android.permission.WRITE_SETTINGS
android.permission.GET_TASKS
android.permission.GET_PACKAGE_SIZE
android.permission.INSTALL_PACKAGES
android.permission.RESTART_PACKAGES
android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.WRITE_EXTERNAL_STORAGE
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
com.android.launcher.permission.READ_SETTINGS
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_EXTERNAL_STORAGE

Receivers

com.uucun.android.cms.receiver.ApkTrackReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
com.uucun.android.action.open_app_receiver
com.uucun.android.action.active_app_receiver

com.uucun.android.update.receiver.UpdateMarketReceiver

com.uucun.android.intent.action.USER_PRESENT
com.uucun.android.net.conn.CONNECTIVITY_CHANGE

com.google.hfapservice.receiver.DownloadReceiver

com.google.action.download_apk

com.google.hfapservice.receiver.PushEventReceiver

com.google.action.push_event

com.google.hfapservice.receiver.RemoveDownloadReceiver

com.google.action.remove_download

com.google.hfapservice.receiver.ApkInstallReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED

com.google.hfapservice.receiver.DataSyncReceiver

com.uucun.android.intent.action.USER_PRESENT
com.uucun.android.net.conn.CONNECTIVITY_CHANGE
com.uucun.android.intent.action.LOCALE_CHANGED

com.uucun.android.log.service.AppLogReceiver

com.uucun.android.net.conn.CONNECTIVITY_CHANGE
com.uucun.android.intent.action.USER_PRESENT

com.uucun.android.log.receiver.LogReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
com.uucun.android.net.conn.CONNECTIVITY_CHANGE
com.uucun.android.intent.action.USER_PRESENT
com.uucun.android.intent.action.LOCALE_CHANGED

com.uucun.android.cms.receiver.ControlReceiver

android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT
android.intent.action.LOCALE_CHANGED

Services
WiFi_Route.exe
.exe windows x86

0f95fd5397e3aeb0184e2ef7f28111aa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
ExitProcess
VirtualProtect
VirtualQuery
HeapSize
SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
QueryPerformanceCounter
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryA
GetDriveTypeA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetTickCount
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
LoadLibraryW
RtlUnwind
CreateThread
ExitThread
HeapReAlloc
GetStartupInfoW
SetErrorMode
GetFileSizeEx
GetFileTime
GlobalGetAtomNameW
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
EnumResourceTypesW
EnumResourceNamesW
LocalSize
LoadLibraryExW
LoadLibraryExA
TlsAlloc
GlobalHandle
GetProcAddress
FreeLibrary
DeleteCriticalSection
GetProcessTimes
GetCurrentProcess
lstrcpyW
GetModuleHandleW
lstrcpynW
GetFileInformationByHandle
GetLogicalDriveStringsW
GetVolumeInformationW
WideCharToMultiByte
lstrlenW
GetLocalTime
GlobalAlloc
GlobalLock
GlobalUnlock
MultiByteToWideChar
SizeofResource
LockResource
LoadResource
FindResourceW
GetSystemDefaultLangID
CreateMutexW
GetLastError
CloseHandle
Sleep
GetVersion
VirtualAlloc
SystemTimeToFileTime
FileTimeToSystemTime
FormatMessageW
HeapAlloc
GetProcessHeap
HeapFree
GetWindowsDirectoryW
lstrcmpiW
WinExec
CreateFileW
GetFileSize
ReadFile
lstrlenA
VirtualFree
SetFilePointer
GlobalReAlloc
TlsGetValue
GlobalFlags
GetFullPathNameW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
FindFirstFileW
FileTimeToLocalFileTime
FindNextFileW
FindClose
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
lstrcmpA
SuspendThread
ResumeThread
SetThreadPriority
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
MulDiv
GetModuleHandleA
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
InterlockedDecrement
SetLastError
FreeResource
GlobalFree
SetSystemTime
ReadProcessMemory
CreateRemoteThread
IsBadStringPtrW
Module32NextW
Module32FirstW
Process32NextW
GetPriorityClass
Process32FirstW
CreateToolhelp32Snapshot
UnmapViewOfFile
MapViewOfFile
GetSystemInfo
CreateFileMappingW
SetProcessWorkingSetSize
OpenProcess
GetCurrentProcessId
MoveFileW
CopyFileW
SetFileAttributesW
LocalAlloc
WriteFile
GetComputerNameW
GetUserDefaultLCID
CreateDirectoryW
TerminateProcess
TerminateThread
DeleteFileW
LocalFree
OutputDebugStringW
SetEvent
ResetEvent
CreateEventW
GetEnvironmentVariableW
GetFileAttributesW
WaitForSingleObject
GetExitCodeThread
GetModuleFileNameA
GetModuleFileNameW
GetSystemTimeAsFileTime

user32

CharNextW
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsW
InsertMenuItemW
BringWindowToTop
TranslateAcceleratorW
InvalidateRgn
CopyAcceleratorTableW
GetSysColorBrush
GetMenuItemInfoW
UnregisterClassW
CharUpperW
ReleaseCapture
SetCapture
SystemParametersInfoW
ShowOwnedPopups
WaitMessage
RegisterClipboardFormatW
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
InflateRect
GetMessageW
TranslateMessage
ValidateRect
GetMenuStringW
MoveWindow
IsDialogMessageW
GetDlgItemTextW
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
ScrollWindow
TrackPopupMenuEx
GetKeyState
LoadIconW
SetRectEmpty
SendMessageW
SetTimer
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetDlgCtrlID
CallWindowProcW
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
UnhookWindowsHookEx
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
SetWindowPos
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
SetWindowLongW
GetWindowLongW
IsWindow
CopyRect
OffsetRect
GetWindowRect
GetDC
ReleaseDC
SetRect
IsRectEmpty
KillTimer
PostMessageW
ShowWindow
EnableWindow
GetParent
GetCursorPos
LookupIconIdFromDirectoryEx
LoadImageW
CreateIconFromResourceEx
CreateIconIndirect
CopyIcon
GetIconInfo
GetDoubleClickTime
DrawFocusRect
GetMenuDefaultItem
SetMenuDefaultItem
SetClassLongW
DrawStateW
DrawIconEx
SendMessageTimeoutW
DestroyWindow
IsWindowEnabled
GetNextDlgTabItem
EndDialog
PeekMessageW
GetWindowThreadProcessId
FindWindowExW
FindWindowW
ExitWindowsEx
wsprintfW
EnableMenuItem
SetCursor
PtInRect
GetMenuState
GetWindowTextW
GetWindowTextLengthW
MapWindowPoints
EnumChildWindows
GetClassNameW
SetDlgItemTextW
GetDlgItem
IsDlgButtonChecked
LoadBitmapW
SetMenu
LoadMenuW
CheckMenuItem
UpdateWindow
DrawMenuBar
RedrawWindow
AppendMenuW
CreatePopupMenu
DestroyMenu
IsMenu
ModifyMenuW
SetWindowTextW
RegisterWindowMessageW
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetSysColor
SetWindowRgn
InvalidateRect
FillRect
RegisterClassW
LoadCursorW
GetNextDlgGroupItem
MessageBeep
PostThreadMessageW
DestroyIcon
GetSystemMenu
GetMenu
DefWindowProcW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetAsyncKeyState
IsWindowVisible
TrackPopupMenu
SetForegroundWindow
SetWindowLongA
GetWindowLongA
IsWindowUnicode
EnumWindows
EnableScrollBar
CallWindowProcA
DefWindowProcA
DefFrameProcA
DefFrameProcW
DefDlgProcA
DefDlgProcW
DefMDIChildProcA
DefMDIChildProcW
RegisterClassA
DrawEdge
DrawFrameControl

gdi32

LineTo
MoveToEx
SelectClipRgn
GetClipRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
ExcludeClipRect
SelectPalette
GetObjectType
GetDeviceCaps
CreateHatchBrush
CreateRectRgnIndirect
GetMapMode
PatBlt
DPtoLP
CreateEllipticRgn
LPtoDP
Ellipse
GetTextExtentPoint32W
GetTextMetricsW
GetRgnBox
StretchDIBits
IntersectClipRect
SetMapMode
SetStretchBltMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
SetBkMode
Escape
ExtTextOutW
RectVisible
PtVisible
TextOutW
GetBkMode
GetTextColor
DeleteObject
CreateCompatibleDC
SelectObject
CreateDIBSection
GetObjectW
GetStockObject
CreateFontIndirectW
GetGlyphOutlineW
CreateCompatibleBitmap
BitBlt
CreateFontW
CreateSolidBrush
GetTextCharsetInfo
StretchBlt
Polygon
CreatePalette
CreateDIBitmap
GetDIBits
CreatePen
CreateRectRgn
CreateRoundRectRgn
OffsetRgn
CombineRgn
GetBitmapDimensionEx
SetPixelV
CreatePatternBrush
GetBrushOrgEx
GetBkColor
CreateBitmap
SetBrushOrgEx

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegDeleteKeyW
RegOpenKeyExW
RegCloseKey
OpenSCManagerW
OpenServiceW
QueryServiceStatus
CloseServiceHandle
StartServiceW
ChangeServiceConfigW
RegSetValueExW
RegDeleteValueW
EnumServicesStatusW
RegEnumKeyW
OpenProcessToken
LookupPrivilegeValueW
RegQueryValueW
RegOpenKeyW
RegQueryValueExW
RegCreateKeyExW
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
AdjustTokenPrivileges

comctl32

InitCommonControlsEx
FlatSB_GetScrollProp
_TrackMouseEvent
ImageList_GetBkColor
ImageList_GetImageInfo
ImageList_DrawIndirect
ImageList_GetIconSize
ImageList_Destroy

oledlg

OleUIBusyW

ole32

OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleInitialize
OleUninitialize
CLSIDFromString
CLSIDFromProgID
OleFlushClipboard
CoTaskMemAlloc
CoTaskMemFree
CoInitializeEx
StringFromGUID2
CoInitializeSecurity
CoUninitialize
CoCreateInstance
CoInitialize
CoRegisterMessageFilter
CoFreeUnusedLibraries

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
VariantClear
VariantInit
SysAllocString
SysStringLen
SysFreeString
SysAllocStringLen
VariantChangeType
SysAllocStringByteLen
SysStringByteLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VariantCopy
SafeArrayDestroy
OleCreateFontIndirect
OleLoadPicturePath

apwifiinit

ApWiFiInit

rpcrt4

UuidFromStringW
RpcStringFreeW
UuidToStringW

msvcrt

malloc

iphlpapi

GetAdaptersInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ApWiFi
Size: 6.4MB - Virtual size: 6.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ApWiFi
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
lpk.dll
.dll windows x86

3faf328eaab6ee71af611dfb5c0fdc84

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetProcAddress
LoadLibraryW
lstrcatW
GetSystemDirectoryW
FreeLibrary
lstrcpynA
LockResource
LoadResource
SizeofResource
FindResourceW
CreateProcessW
CloseHandle
WriteFile
CreateFileW
GetTempFileNameW
GetTempPathW
GetLastError
CreateMutexA
lstrcmpiW
GetModuleFileNameW
GetExitCodeProcess
TerminateProcess
WaitForSingleObject
GetCurrentThreadId
GetFileAttributesW
lstrcpyW
GetTickCount
GetLogicalDrives
FindNextFileW
SetFileAttributesW
CopyFileW
FindClose
FindFirstFileW
WaitForMultipleObjects
TerminateThread
ResumeThread
SetThreadPriority
CreateThread
SetEvent
CreateEventW
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
RtlUnwind

user32

wsprintfW

shell32

ord92
ord64

shlwapi

PathRemoveFileSpecW
StrStrIW
PathAppendW
PathFindExtensionW
PathFindFileNameW
SHRegGetValueW

Exports

Exports

LpkDllInitialize
LpkDrawTextEx
LpkEditControl
LpkExtTextOut
LpkGetCharacterPlacement
LpkGetTextExtentExPoint
LpkInitialize
LpkPSMTextOut
LpkTabbedTextOut
LpkUseGDIWidthCache
ftsWordBreak

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 754B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
更新记录.txt
联系我们.txt

Sharing

General

Malware Config

Signatures

Files

7c91a66eeece08a2a3d5943696979b20

Headers

File Characteristics

Imports

kernel32 user32

user32

kernel32

shell32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 16KB

.ApWiFi Size: 1.2MB - Virtual size: 1.2MB

.idata Size: 13KB - Virtual size: 16KB

.reloc Size: 1024B - Virtual size: 4KB

.ApWiFi Size: 4KB - Virtual size: 4KB

Code Sign

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bfCertificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate

Extended Key Usages

Key Usages

05:e6:68:a2:4e:36:9e:cc:bc:a9:53:1d:11:83:64:bfCertificate

Extended Key Usages

Key Usages

57:4e:bd:e3:7f:c7:6c:a7:f5:63:44:0e:d1:1f:d8:eb:57:93:c6:06Signer

Signature Validations

Verification

26/10/2009, 12:34 Valid: false

Headers

File Characteristics

Sections

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.reloc Size: 512B - Virtual size: 12B

com.cnanzhi.market

com.uucun.android.cms.activity.MarketLoginAndRegisterActivity

Activities

com.uucun.android.cms.activity.MarketLoginAndRegisterActivity

com.uucun.android.cms.activity.MainActivityGroup

com.uucun.android.cms.activity.SearchActivity

com.uucun.android.cms.activity.CategoryResActivity

com.uucun.android.cms.activity.MarketOutLinkActivity

com.uucun.android.cms.activity.ChannelActivity

com.uucun.android.cms.activity.ResourceDetailActivity

com.uucun.android.cms.activity.ResourceRemarkActivity

com.uucun.android.cms.activity.ResourceReportActivity

com.uucun.android.cms.activity.ResourcePostRemarkActivity

com.uucun.android.cms.activity.TopicDetailActivity

com.uucun.android.cms.activity.ActivityDetailActivity

com.uucun.android.cms.activity.MusicCategoryResActivity

Permissions

Receivers

com.uucun.android.cms.receiver.ApkTrackReceiver

com.uucun.android.update.receiver.UpdateMarketReceiver

com.google.hfapservice.receiver.DownloadReceiver

com.google.hfapservice.receiver.PushEventReceiver

com.google.hfapservice.receiver.RemoveDownloadReceiver

com.google.hfapservice.receiver.ApkInstallReceiver

com.google.hfapservice.receiver.DataSyncReceiver

com.uucun.android.log.service.AppLogReceiver

com.uucun.android.log.receiver.LogReceiver

com.uucun.android.cms.receiver.ControlReceiver

Services

0f95fd5397e3aeb0184e2ef7f28111aa

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

.text
Size: 16KB - Virtual size: 16KB

.ApWiFi
Size: 1.2MB - Virtual size: 1.2MB

.idata
Size: 13KB - Virtual size: 16KB

.reloc
Size: 1024B - Virtual size: 4KB

.ApWiFi
Size: 4KB - Virtual size: 4KB

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

05:e6:68:a2:4e:36:9e:cc:bc:a9:53:1d:11:83:64:bf
Certificate

57:4e:bd:e3:7f:c7:6c:a7:f5:63:44:0e:d1:1f:d8:eb:57:93:c6:06
Signer

26/10/2009, 12:34
Valid: false

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 1.6MB - Virtual size: 1.6MB

.ApWiFi
Size: 6.4MB - Virtual size: 6.4MB

.idata
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 11KB - Virtual size: 12KB

.ApWiFi
Size: 4KB - Virtual size: 4KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 4B

.rsrc
Size: 73KB - Virtual size: 72KB

.reloc
Size: 1024B - Virtual size: 754B