Overview

overview

7

Static

static

7

9e6281dc20...ad.apk

android-9-x86

7

frag.sh

windows7-x64

3

frag.sh

windows10-2004-x64

3

index.umd.js

windows7-x64

1

index.umd.js

windows10-2004-x64

1

libwbsafeedit

debian-9-armhf

1

libwbsafeedit_64

ubuntu-18.04-amd64

libwbsafeedit_64

debian-9-armhf

libwbsafeedit_64

debian-9-mips

libwbsafeedit_64

debian-9-mipsel

libwbsafeedit_x86

ubuntu-18.04-amd64

1

libwbsafeedit_x86_64

ubuntu-18.04-amd64

1

platformProtocol.html

windows7-x64

1

platformProtocol.html

windows10-2004-x64

1

userProtocol.html

windows7-x64

1

userProtocol.html

windows10-2004-x64

1

vertex.sh

windows7-x64

3

vertex.sh

windows10-2004-x64

3

windmill.worker.js

windows7-x64

1

windmill.worker.js

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    9e6281dc20fa760307e781ea1d185908abb3505f6783801df098b3e60055c6ad.apk.zip

  • Size

    38.9MB

  • MD5

    8685f5903f833fc869469e57389b888d

  • SHA1

    2da0a597b5229343ad10447eb0dbf9b5586a9bc5

  • SHA256

    9d46bec3a825df98246aa8fcb9edc270f990f9dc770007fd6f898b0ac8980096

  • SHA512

    72322a699be8560d4177396cce5c88b4c0876b8962e6fe007c3d1896402b44cf69d5f33651e67f9bff6f24b461cf447b5a6d24c569146c4d0a8756d844eaa05d

  • SSDEEP

    786432:B+EqAzbdiYvFyQR2520FYwO6dgzRpfaFjJxhKpAMTHadguDUiT9mwRi+QGF3:Adabdis4QeFIUwf0bhIAMLi5ZRi+d3

Score
7/10

Malware Config

Signatures

  • Requests dangerous framework permissions 7 IoCs

Files

  • 9e6281dc20fa760307e781ea1d185908abb3505f6783801df098b3e60055c6ad.apk.zip
    .zip

    Password: infected

  • 9e6281dc20fa760307e781ea1d185908abb3505f6783801df098b3e60055c6ad.apk
    .apk android arch:arm64 arch:arm

    cn.ninegame.gamemanager

    cn.ninegame.gamemanager.business.common.activity.LaunchActivity


  • AlibabaSans102-Bd.ttf
  • MFQiHei_score.ttf
  • NumberBold.ttf
  • acceleration_entrance.json
  • ag_sdk_cbg_root.cer
  • base.app.cpu.abilist.properties
  • btn_speeding.json
  • com.tencent.open.config.json
  • danmu_like.json
  • diam1.png
    .png
  • diam2.png
    .png
  • faceContinuity.bin
  • fdmodel.bin
  • fish.png
    .png
  • frag.sh
  • geo_global_ca.cer
  • grs_sdk_global_route_config_apptouchupdatesdk.json
  • grs_sdk_global_route_config_opendevicesdk.json
  • grs_sdk_global_route_config_opensdkService.json
  • grs_sdk_global_route_config_updatesdk.json
  • grs_sdk_server_config.json
  • grs_sp.bks
  • h5_qr_back.png
    .png
  • hianalytics_njjn
  • hmsincas.bks
  • hmsrootcas.bks
  • img_0.png
    .png
  • img_1.png
    .png
  • img_2.png
    .png
  • img_3.png
    .png
  • img_4.png
    .png
  • img_5.png
    .png
  • index.umd.js
    .js
  • index_new_default_data.json
  • industrytest-demi-webfont.ttf
  • ldClassifier.bin
  • ldmodel.bin
  • libwbsafeedit
    .elf linux arm
  • libwbsafeedit_64
    .elf linux aarch64
  • libwbsafeedit_x86
    .elf linux x86
  • libwbsafeedit_x86_64
    .elf linux x64
  • like_sel.png
    .png
  • like_text_img.png
    .png
  • liked_text_img.png
    .png
  • live_stream_fans_badge_anim.json
  • live_stream_goods_popup_anim.json
  • live_stream_goods_popup_img_0.png
    .png
  • live_stream_goods_shop_anim.json
  • live_stream_goods_shop_img_0.png
    .png
  • live_stream_goods_shop_img_1.png
    .png
  • live_stream_goods_shop_img_2.png
    .png
  • live_stream_goods_shop_img_3.png
    .png
  • live_stream_goods_shop_img_4.png
    .png
  • live_stream_goods_shop_img_5.png
    .png
  • live_stream_goods_shop_img_6.png
    .png
  • live_stream_guide_vod_flip_anim.json
  • live_stream_guide_vod_like_anim.json
  • live_stream_live_state_orange.json
  • live_stream_live_state_white.json
  • live_stream_pic_live_mic_talking_orange.json
  • live_stream_pic_live_mic_talking_purple.json
  • live_stream_video_loading.json
  • live_stream_video_mic_icon.json
  • live_stream_vod_follow.json
  • live_stream_vod_like.json
  • live_stream_vod_like_img_0.png
    .png
  • live_stream_vod_user_head_living.json
  • loading.json
  • loading_refresh_color.json
  • lucky.png
    .png
  • main.dx
  • middleware_7.9.9.2_7.9.9.2.json
  • ng_bar_community_icon.json
  • ng_bar_findgame_icon.json
  • ng_bar_findgame_icon_guide.json
  • ng_bar_home_icon.json
  • ng_bar_live_icon.json
  • ng_bar_live_icon_guide.json
  • ng_bar_mine_icon.json
  • ng_bar_speed_icon.json
  • ng_bar_speed_icon_guide.json
  • ng_comment_grade_full.json
  • ng_community_zan_animation.json
  • ng_community_zanjson_bang_img.png
    .png
  • ng_community_zanjson_bg_img.png.png
    .png
  • ng_community_zanjson_tan1_img.png
    .png
  • ng_community_zanjson_tan2_img.png
    .png
  • ng_community_zanjson_xian_img.png.png
    .png
  • ng_community_zanjson_zhen_img.png
    .png
  • ng_draw_down_refresh.json
  • ng_draw_up_refresh.json
  • ng_followpage_follow_btn.json
  • ng_game_video_loading.json
  • ng_guide_slidetoleft.json
  • ng_guide_slidetoleft_bg.png
    .png
  • ng_like_discovery_like.png
    .png
  • ng_like_guide_icon.json
  • ng_like_mascot.json
  • ng_like_text.png
    .png
  • ng_list_til_icon_live.json
  • ng_live_emoji.json
  • ng_live_lucky_draw.json
  • ng_live_video_label_orange.json
  • ng_live_video_label_orange_forindex.json
  • ng_live_video_label_white.json
  • ng_loading_grey_s.json
  • ng_navbar_download_icon.json
  • ng_navbar_download_icon_white.json
  • ng_page_loading.json
  • ng_res_splash_guide_breath_light.json
  • ng_res_splash_guide_click_bg.json
  • ng_res_splash_guide_click_finger.json
  • ng_res_splash_guide_grow.json
  • ng_screenflash_btn_arrow.json
  • ng_shortvideo_like_yx.json
  • ng_shortvideo_lottie_comment_emoji_fly.json
  • ng_shortvideo_playloading.json
  • ng_video_guild_finger_img.png
    .png
  • ng_video_guild_text_img.png
    .png
  • ng_video_like_icon_bg.png
    .png
  • ng_video_page_follow_btn.json
  • ng_video_share_icon_bg.png
    .png
  • ng_video_share_icon_wechat.json
  • oneprivacy.json
  • pkgcache_basic.db
  • platformProtocol.html
    .html
  • presetTemplateInfos.json
  • publish_list_article.png
    .png
  • publish_list_post.png
    .png
  • publish_list_video.png
    .png
  • recommend_selected_content_more.json
  • redbag.png
    .png
  • speedup_accelerator.json
  • sysconfig
  • template_list.json
  • updatesdkcas.bks
  • userProtocol.html
    .html
  • vertex.sh
  • windmill.worker.js
    .js