Overview

overview

10

Static

static

7

06dbf0e0bf...fe.apk

android-9-x86

10

06dbf0e0bf...fe.apk

android-10-x64

10

06dbf0e0bf...fe.apk

android-11-x64

10

CardViewController.js

windows7-x64

1

CardViewController.js

windows10-2004-x64

1

CloudCardV...ler.js

windows7-x64

1

CloudCardV...ler.js

windows10-2004-x64

1

ImagesController.js

windows7-x64

1

ImagesController.js

windows10-2004-x64

1

ImgViewController.js

windows7-x64

1

ImgViewController.js

windows10-2004-x64

1

Template.js

windows7-x64

1

Template.js

windows10-2004-x64

1

ViewController.js

windows7-x64

1

ViewController.js

windows10-2004-x64

1

android_utils.js

windows7-x64

1

android_utils.js

windows10-2004-x64

1

aps-mraid.js

windows7-x64

1

aps-mraid.js

windows10-2004-x64

1

attachment...ory.js

windows7-x64

1

attachment...ory.js

windows10-2004-x64

1

attachment...ler.js

windows7-x64

1

attachment...ler.js

windows10-2004-x64

1

autoSaveController.js

windows7-x64

1

autoSaveController.js

windows10-2004-x64

1

ccBccFromS...ler.js

windows7-x64

1

ccBccFromS...ler.js

windows10-2004-x64

1

composeCon...ler.js

windows7-x64

1

composeCon...ler.js

windows10-2004-x64

1

composer.html

windows7-x64

1

composer.html

windows10-2004-x64

1

composer.js

windows7-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    06dbf0e0bfab9f74c0744b8fe.exe

  • Size

    3.8MB

  • MD5

    0a296c35e1d7ac2c69cd62b3de246a19

  • SHA1

    9f941ba530d50b907257f9558697cd6ba1617f80

  • SHA256

    06dbf0e0bfab9f74c0744b8fe29bec1cf48171bce9df7ff56be34a62babf15d2

  • SHA512

    44e35b961022871e634d006e575a04c1a3b0cc7d0f07ba23dbdca64435a5aec635002fc701da5f02e6755eb773c5d01699ab8a304580700c74c3a2051e5fccca

  • SSDEEP

    98304:2QJ1CPm1vI5Pzb9p9UQs6/TO41SUEsKo9xOssKR1eXl1TDr2K:2QHLIvpXRbOCJ1qs8XvD2K

Score
7/10

Malware Config

Signatures

  • Requests dangerous framework permissions 6 IoCs

Files

  • 06dbf0e0bfab9f74c0744b8fe.exe
    .apk android

    com.eg.android.AlipayGphone

    com.eg.android.AlipayGphone.p86d4e24f


  • CardViewController.js
    .js
  • CloudCardViewController.js
    .js
  • ImagesController.js
    .js
  • ImgViewController.js
    .js
  • Template.js
    .js
  • ViewController.js
    .js
  • alpha_filter.json
  • android_utils.js
    .js
  • api_key.txt
  • aps-mraid.js
    .js
  • attachmentCardFactory.js
    .js
  • attachmentsBand.css
  • attachmentsController.js
    .js
  • autoSaveController.js
    .js
  • auto_generated_feature_config.json
  • bank_customer_numbers.txt
  • bank_list.json
    .gz
  • bank_list.json
  • banner_truecaller_1200x627.webp
  • base_filter.json
  • ccBccFromSummaryFieldController.js
    .js
  • chevron_down.svg
  • cl-messages_en_us.properties
  • cls_model_medium.json
  • com.truecaller.social.SocialNetworkProvider
  • common_sender_id.json
  • composeContentFocusController.js
    .js
  • composer.css
  • composer.html
  • composer.js
    .js
  • constants.js
    .js
  • contactSearchController.js
    .js
  • contactSearchSuggestion.css
  • conversationsjavascriptinterface.js
    .js
  • default_config.json
  • default_profile_image.png
    .png
  • docspad.html
    .html
  • docspadController.js
    .js
  • documentEventBridge.js
    .js
  • dtb-m.js
    .js
  • example
    .js
  • flurryNotificationConfig.json
  • formController.js
    .js
  • house_ad_icon_144x144.webp
  • imageTapDeleteController.js
    .js
  • linkEnhancr.js
    .js
  • linkExtractor.js
    .js
  • link_seed.json
  • loadStrings.js
    .js
  • log.js
    .js
  • lottie_success_green.json
  • lozengeBand.css
  • lozengeController.js
    .js
  • map.js
    .js
  • messagebodyformatter.js
    .js
  • ml_kit_disclaimer.html
    .html
  • mock_schedule_response_200.2.json
  • mock_schedule_response_200.3.json
  • mock_schedule_response_200.json
  • mustache.js
    .js
  • nativeBridge.js
    .js
  • nba_test_five_games_first_latlong.json
  • nba_test_four_games_no_cond.json
  • nba_test_one_game_latlong.json
  • nba_test_six_games_first_latlong_4_and_6_espanol.json
  • nba_test_two_games_second_latlong.json
  • nfl_test_five_games_first_latlong.json
  • nfl_test_four_games_no_cond.json
  • nfl_test_one_game_latlong.json
  • nfl_test_six_games_first_latlong_4_and_6_espanol.json
  • nfl_test_two_games_second_latlong.json
  • npci_otp_rules.json
  • olympic-medal.json
  • polyfill.js
    .js
  • pro-monthly.json
  • pro-yearly.json
  • profileImageController.js
    .js
  • profile_image_background.png
    .png
  • prune_seed.json
  • question.svg
  • scheduled_video_mock_response_1.json
  • scheduled_video_mock_response_2.json
  • scheduled_video_mock_response_3.json
  • scheduled_video_mock_response_4.json
  • scheduled_video_mock_response_5.json
  • scheduled_video_mock_response_cid_test_0.json
  • scheduled_video_mock_response_cid_test_1.json
  • scheduled_video_mock_response_cid_test_2.json
  • scheduled_video_mock_response_cid_test_3.json
  • scheduled_video_mock_response_cid_test_4.json
  • semicard_allowed_grammars.json
  • sender_filter.json
  • stationery.css
  • stationery.js
    .js
  • stationeryThemeConfig.js
  • strings.js
  • subjectTextController.js
    .js
  • tracking.js
    .js
  • utilities_struct
  • utils.js
    .js
  • validation.properties
  • version.properties
  • video-ad-avatar-animation.json
  • xray_current_active_entity_id.js
  • xray_get_article_uuid_from_url.js
    .js
  • xray_get_related_articles_uuids.js
    .js
  • ySq3pvnl.elk
  • ym6_json_credits.json
  • ym6_notification_bell.json

Android Permissions

06dbf0e0bfab9f74c0744b8fe.exe

Permissions

android.permission.WAKE_LOCK

android.permission.REQUEST_DELETE_PACKAGES

android.permission.READ_PHONE_STATE

android.permission.READ_CONTACTS

android.permission.READ_SMS

android.permission.QUERY_ALL_PACKAGES

android.permission.VIBRATE

android.permission.INTERNET

android.permission.SEND_SMS

android.permission.CALL_PHONE

android.permission.RECEIVE_SMS

android.permission.ACCESS_NETWORK_STATE

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS

android.permission.FOREGROUND_SERVICE

android.permission.WRITE_SMS