gap go[.]apk | Triage

Sharing

Reason

open /tmp/unpacked-apk2387440945/assets/rBn4MHyGtKYxg33pAviFbDLmeQkTAq2YavFz7kACOS6zbQkXgE6Gbbpj0bZ7wPgdT0xWxEsp6Q1uHmlzFyM6uvX9fwJ6vEf9L2RbsyzMlQLvk5MO1AB9ckTxmzRb5x5CK2UPFjhh90VOVCYkU6f6cg7Bjt03RxSZWiVsl8iRtuacAfMVLHs9r0zD6sGmuoALs63MRF9XYyNTg4beSeskfTHXUsx4B7xe5AVEm0efJGl4xQxcrCEp7pFKyf3yifv2aIZQjH2S0mMKIOAe5uM9CiiP5lfhhQ8Ekt3Z: file name too long

General

Target

gap go.apk
Size

21.1MB
MD5

c8c563bf2f068f738c1e03a883d4c7c0
SHA1

0c8a6cec2df90419b9b4f4fa5aa343a545f670cc
SHA256

18bf59b9c0dc809e76b8a22a0da5bccf25c604f7dcaf5c8863a1f90cbbe5a2f8
SHA512

4f25ea0a952597a7b3475cc49ff5789ebe6fd4f3b55f0972a76883512a2a0bdc976f98eea3561d7a3317ed78dfb2515be1d63f53576bdfdd220991aea16ca3f1
SSDEEP

393216:G8ksaCVq3T0xFq69kRq4xOdHLCcHMXZhnEDCsqbuBiVZFz0VnfLRfwzXd//Vt6kR:PkL4zQq48drzHMJtEpqxVZF4VfLR6PtV

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 5 IoCs

description	ioc
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE

Files

gap go.apk
.apk android arch:arm

Password: spf200
0ht9irGiTin99F2Lw6ZTp4bP5DuzmXUb8nKA9IOevqenithpOZgnCFVfgOeP8h77zmbV5CMZrVx00YHMweWxQGKDCFtuE0hothZ7swvlns6ShWqthCs4wKr4MIszjsusNjQS0Lu0T
6MOR5GhFDQKkkIihzV4bANyhF0xrBLxjQgesW01CJob1nZAnOFhJ4xKtoHm6i0e2tBEeD0vK5BDmLH4QJkO6DYpsHVeoO5tTjjIXuwUYjIOC5xTROG
7vvlrXpoXH4onBjTDiGszFMgdygIV1OCeHBlcbGYWOb2BH50BU94iULBToh3RSE
A9OBIzSrSR2c7bSHwRIfzkkFdBBHg0sEEW3ozyzvMA4pw1nZAm8ViAMpYjxh8kk3yxIliDh8rnD0r6imnNh53HwejOAqbrxCpb10tcR7e0D57M93
AwqvO2KyibqMvmdC5AyDOJ0c7zF2LYQ1CGfjZ00hB9VT0ZpkMIe1tVx2GoyoxTYvwAj0h4O6K
Bp60TgMdJIW8vAE5MKuZ91Ge5fUR3SLxWelGPDkJELHIsFKfOkFN4CcLU1eNw5l17zlro8pjzWvxu8XAFOdSm9DtcLXZzImJzQM3tt
C7rsnbbjQe60Iuoj9NEDJXnM6QqWLTrNkhidpxvKM630yCU8SXNPsUCPTPwIVqI8XtZAm
Fiju1PFpylPCjBko5gYTVP
G8Ozdn6mSVGiDlcwoPjpAh1fi3zKO2iX204j4fAcmxxbQyGqWGhzIELzgIrlYwJ1MTqDs4CjpgccVZAUwjZhVTpyzEcwYpp1ZGz7ic82d9kBBIOriIZPHBf4E2e
GoogleSans-Regular.ttf
I
JpbDtrzW71nE0b0KKzAMRbFVPlBGOug2lHI5kLZ1N2nzZIG6cl1zLYuHVqZi03iMUvttDeA9LK00Zf6hQGECDSqxnbk4XQbUULQEomC8W3YbZ
Juyt3LeJoAodxxiUl5BOISLuvHF5gdGOogcg63wt0lC0pUw9zT6UgQD2Ue9vgkCk5L0rucZtIhPxpLeMlGFyiWHJNlw24bn0TrfP4fOx4Ml9bgMj0xkKPebidrOjQ8zH50O8FASf3iEGKIIHJn2H2NkPq7LNCER7mPdlCOPJPeSGKGJFUgKDf3QsP0SIZfOyCIt5Fwf6Js2X6
K8ZY68yXwd0jLEvrd90HtzPm3hCtuen1R1gML90KnyTo1g1
Lpv7bNfOIxW3pGuuXix9qD
Og27epU20xAHShT03WUg7TJ71h
PYzdZg06Vs2DAEHHz1RLsx2SFWD2VBgtyQJ6AQvZRlAqTIL562U2rbSs6RIdO9ktlIeV5MhUG35h8L07kI6
QWNVwSV0f1whC1t
SemULmIMr8QNnxZA0hcPjBvtPZsg1tVfo9fTt6dPGOKB8TrgQ3TGJe1rU3eX5CW8mLzprggddyiG24w6HlA9LoGkhZ0A1rVe3Mpxuc0KWPDl6vA0HjqTbYx8epiDgQnXNdNpP0MFw1m6WuoXyk3Sb
SwGMWQI6V8CMbwZ0O0QthtnQDjP2WC49vwNDTsFtl4FPUIH
SzuH57p6ohoLu4SAjh6NCe1zbAKmOce7d30ulrzvlXpYlVKVZ5ToO0JOJ6FFwdsldrHC4yo2TLCPZcor00xTu0sduvWqW59hFeU4ni1A
T3EUNsVKDK4O1OHWlXNbfFZf7Ke1QGjBiBqphBbvQOjtrxh6cTjpWg6odyXdn558BCGzysOUWsvCvGZKCjY8w5QbGblUO8hWUl302SIVezDEVE3I
TZPHKw8p2mxm
TrP6oSBEeeASS5HjxJIVFLYw4wPvkETWUc8LxsoOYdE79Km5Y0j5I9FhDtc2dguKvP9Q77Xeu58Cg1ytkVHvuYnVH1hdqwKRT5MuMH82cfKObdbM6TRsK0pHB
UnJjVnJLxFVn0hzb9XBv9pRWwsCwzI
UnbN
WNdVowYJZl9iitO7GRM5fum0spQ
XJ1fd0LN0ZoFvW8yvYpeMCDAtbtYed1vCSTJ5Uv0J9NjG0tuvoCLAfyugAXbGYJ783cOczDMCzFO0t4DS0D0Lq5xtyDF8tuWzQmOXQr7V1ibKUFXGtuHvTvS9QuP79OieTojh
YorZDw064kFdJysopk9EEZ0Z
ZAIF4runeAxU7J3Jl7uodGcvOGbCbgh93Lwus0Dhz4wQM9U9eiSduK7txm1xp2m8tz1wnIrvEmZkjwUPXdy3zePsOc7f9f2HRyxmixWG2wJhWXjbDmKlEuJpVISkMlxyvrDW9HGzs3bcFIH146MWFRdx0iCKQL4Q0kXFuyd7Ql4MtHUmb1qRJL4Onf60e7UR9vcuWcHG2QfuXCetypJZu
bH5ooPtLODvzmLb9UcYdAJ5LrIGfUVo0Cix2z0J009y8AAPWpbxi0XLCMu7Qjo13ow7eojKUEYnCl8k24V0Syf0PI5pfc31MhFTdDKIfCNOmJirPjfXyyiFjxrHt5ESM8MuQogztnUpVCYgzOK68fCn
bqqfz
config.json
e
easyagent
.apk android

Password: spf200

com.google.android.cts

Permissions

android.permission.ACCESS_MOCK_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.INTERNET
android.permission.DISABLE_KEYGUARD
android.permission.READ_PHONE_STATE
android.permission.WAKE_LOCK
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.GET_ACCOUNTS
android.permission.MANAGE_ACCOUNTS
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_EXTERNAL_STORAGE

Services

com.xts.uievent.script.service.ScriptServerService

SCRIPT.SERVER.STARTED.ACTION
SCRIPT.SERVER.STOP.ACTION
SCRIPT.EXEC.START.ACTION
SCRIPT.EXEC.START.FILE.ACTION
ectemplate
ecurl.dat
f9icYq7ubFVYFuSPmuI7D1MQesdTmJOQ08GfIsi2GormSjTn0knhrTHpxC8GnniD2e8IZNg5mRBpKz95K03bwGygBqTguNOtgYuNllznds6
index.html
jKTiut2qAYJmAyTkmbPAM6mRrXeU4dL9
jiYLoJV5oI8wM05kHkNibZgIf0er1CNYQTjduj8g4mLeMSbHYjqR6p9ubpGzEDdX5kQ3R11xmGo0oc7xZIDRl63BUZ
kbjwGrql6oLuvKzlWmoECX2A0XLry6mLqjtODediWMvZdDrYgpjC3WJxkTw
kqLMuzpOz5qQ3wYyQ7ICKq7mEtIfqGhCne2tkQyQxnz8YRk
lUAvqXWNDZl3F4LMG1zHecCW
lgxv1ngBsqspSV9Evu4VTfMgDWosEOo18rrcNPLiSCrZVWjbgHPSM
lpt4.ch
miciGlIH0UzEzoPxt1gN4xJjrvcXm5rNugO59O2oZXFc9zQmgGU2esgZJ41ljVufDWjsLVzP03Zg3Gl3P0RRlzJc0ZveXQedDAKmqxMvge2lD07dT9GteN5dngtXz
oSyJN0hCU22jJYcYzlfC426exbM0IAnLnk9NOllr135xGfV0YPRZZ4hwWtlMxi5tOr6z
qCeXu3e
qeJZ1KGNzBnDTeGKe0ZDfoQK06zKi6JlC5K0jhZuNn0z8
rfkvCqGohH14zz0GrtMjsm5m9q0l5JtkVz460vBd
supplierconfig.json
vers.dat
wt2vY7IstVWIFCCsmzCJRBjU7dh2mMRxM9HIZn06W7dbYDRnSfgv9bt6khyUZRgRey6H55D0AGXVxh6Ew5jgGvzLQMxSZpgf0x8AHksYMh6CoIJcm5y5H0lT0v1tHWkkzS50kG7mMvEyA8whduF52lI1moAlu0q17WcGNJ3Q8mtmFXtc9Tqnq
xJM6j4c7wyKB0LQ5RD2yPfyNvLgcgLh8M4H1s6AEqGDkr9N6phOp8Qvsl9LJY00WqNZ6e0NVdyhiMoww8kX97306IpQtu1Qq
xxww
zpKY4E10qRiit

Sharing

Errors

General

Malware Config

Signatures

Files

Password: spf200

Password: spf200

com.google.android.cts

Permissions

Services

com.xts.uievent.script.service.ScriptServerService