General

  • Target

    3ee444da4504fd43b2ac9c33a2806c6782714d04150a7df280fee1b49cdecdcf.apk.zip

  • Size

    29.8MB

  • MD5

    88f7ecd5c67d4160a1e0ef67a08cce39

  • SHA1

    74a9f073e9341913e4b663b5513d309930bd81bb

  • SHA256

    d295301005a004060ebdb80e785ad3bbccaaa242d6924ec1a12d32bcdb12d6d3

  • SHA512

    487a6547d5e5ddcd714e188202eef8e3db203cf4489840106ad8ab9956a2a21a2f5d859a1a07398bcf8c1334b87bf12c1884994b967730fc936d8cab7aaaee71

  • SSDEEP

    786432:xJn6xwZmDRohWVCnDlQzA1geHSEEk7AlnFdG3SZppUT:36xwmohW4aE1nSExAlDGKpUT

Score
7/10

Malware Config

Signatures

  • Requests dangerous framework permissions 4 IoCs

Files

  • 3ee444da4504fd43b2ac9c33a2806c6782714d04150a7df280fee1b49cdecdcf.apk.zip
    .zip

    Password: infected

  • 3ee444da4504fd43b2ac9c33a2806c6782714d04150a7df280fee1b49cdecdcf.apk
    .apk android arch:arm64 arch:arm arch:x86 arch:x64

    com.estrongs.android.pop

    com.estrongs.android.pop.app.openscreenad.NewSplashActivity


  • MANIFEST.MF
  • ace.js
    .js
  • adjunk.txt
  • animation.css
  • app_config.js
    .js
  • app_permissions_cn.txt
  • app_permissions_en.txt
  • app_permissions_zh-Hant.txt
  • app_whitelist.txt
  • bridge.js
    .js
  • c_cpp.js
  • csharp.js
  • css.js
  • device_icon.png
    .png
  • dom.js
    .js
  • dt_template_ad_one_big_img.xml
  • dt_template_ad_one_small_img.xml
  • editor.html
    .html .js
  • editor.js
    .js
  • es5-shim.js
    .js
  • es_privacy_content.html
    .html
  • es_privacy_content_en.html
    .html
  • es_privacy_content_zh.html
    .html
  • event.js
    .js
  • event_emitter.js
    .js
  • event_emitter_test.js
    .js
  • ext-beautify.js
    .js
  • ext-elastic_tabstops_lite.js
    .js
  • ext-emmet.js
    .js
  • ext-error_marker.js
    .js
  • ext-keybinding_menu.js
    .js
  • ext-language_tools.js
    .js
  • ext-linking.js
    .js
  • ext-modelist.js
    .js
  • ext-old_ie.js
    .js
  • ext-searchbox.js
    .js
  • ext-settings_menu.js
    .js
  • ext-spellcheck.js
    .js
  • ext-split.js
    .js
  • ext-static_highlight.js
    .js
  • ext-statusbar.js
    .js
  • ext-textarea.js
    .js
  • ext-themelist.js
    .js
  • ext-whitespace.js
    .js
  • fixoldbrowsers.js
    .js .vbs
  • folder_app.zip
    .zip
  • folder_app.db
  • fontello-codes.css
  • fontello-embedded.css
  • fontello-ie7-codes.css
  • fontello-ie7.css
  • fontello.css
  • fontello.eot
  • fontello.svg
    .xml
  • fontello.ttf
  • fontello.woff
  • fontello.woff2
  • gdtadv2.jar
    .apk android arch:arm64 arch:arm
  • yaq.sec
  • yaq2.sec
  • yaq3_0.sec
    .dex
  • yaqsdkcookie
  • golang.js
  • groovy.js
  • grs_sdk_server_config.json
  • grs_sp.bks
  • haxe.js
  • hianalytics_njjn
  • html.js
  • html_elixir.js
  • html_ruby.js
  • ini.js
  • java.js
    .js
  • javascript.js
    .js
  • json.js
  • jsp.js
    .js .vbs
  • keybinding-emacs.js
    .js
  • keybinding-vim.js
    .js
  • keys.js
    .js
  • kotlin.js
  • ksad_common_encrypt_image.png
    .png
  • ksad_idc.json
  • lang.js
    .js
  • makefile.js
  • mama.js
    .js
  • markdown.js
  • media_store_monitor_paths.txt
  • mode-applescript.js
    .js
  • mode-c_cpp.js
    .js
  • mode-csharp.js
    .js
  • mode-css.js
    .js
  • mode-golang.js
    .js
  • mode-groovy.js
    .js
  • mode-haxe.js
    .js
  • mode-html.js
    .js
  • mode-html_elixir.js
    .js
  • mode-html_ruby.js
    .js
  • mode-ini.js
    .js
  • mode-java.js
    .js
  • mode-javascript.js
    .js
  • mode-json.js
    .js
  • mode-jsp.js
    .js
  • mode-kotlin.js
    .js
  • mode-makefile.js
    .js
  • mode-markdown.js
    .js
  • mode-mysql.js
    .js
  • mode-objectivec.js
    .js
  • mode-pascal.js
    .js
  • mode-perl.js
    .js
  • mode-php.js
    .js
  • mode-python.js
    .js
  • mode-ruby.js
    .js
  • mode-shellscript.js
    .js
  • mode-smali.js
    .js
  • mode-sql.js
    .js
  • mode-svg.js
    .js
  • mode-swift.js
    .js
  • mode-text.js
  • mode-vbscript.js
    .js
  • mode-xml.js
    .js
  • mysql.js
  • net.js
    .js
  • objectivec.js
  • omsdk-v1.js
    .js
  • oop.js
    .js
  • orange.json
  • pascal.js
  • perl.js
  • php.js
    .js .ps1
  • python.js
  • reaper_lottie_banner_w300_h200.json
  • reaper_lottie_splash_jiantou.json
  • reaper_lottie_splash_jiantou12.json
  • reaper_lottie_splash_jiantou15.json
  • reaper_lottie_splash_sanjiaoxing.json
  • reaper_lottie_splash_sanjiaoxing12.json
  • reaper_lottie_splash_sanjiaoxing15.json
  • reaper_lottie_splash_shouzhi.json
  • reaper_lottie_splash_shouzhi12.json
  • reaper_lottie_splash_shouzhi15.json
  • reaper_lottie_splash_yaoyiyao.json
  • regexp.js
    .js
  • ruby.js
  • scrollbar_handle_accelerated.png
    .png
  • search_engines_property.json
  • search_float_property.json
  • search_hotwords_property.json
  • sevenzipjbinding-lib.properties
  • sevenzipjbinding-platforms.properties
  • shellscript.js
  • smali.js
  • sql.js
  • supplierconfig.json
  • svg.js
  • swift.js
  • template.docx
    .docx office2007
  • template.pptx
    .pptx office2007
  • template.xlsx
    .xlsx office2007
  • test.html
    .html
  • text.js
  • text_select_handle_left.png
    .png
  • text_select_handle_middle.png
    .png
  • text_select_handle_right.png
    .png
  • theme-chrome.js
    .js
  • theme-github.js
    .js
  • theme-tomorrow_night.js
    .js
  • theme-xcode.js
    .js
  • updatesdkcas.bks
  • useragent.js
    .js
  • vbscript.js
  • vconsole.min.js
    .js
  • worker-json.js
    .js
  • xml.js
  • zlsioh.dat