General
-
Target
36b96ad62534c6622d68731627db591588eea1ea81d6b1f447e0c9414a2aa17d.apk.zip
-
Size
1.7MB
-
MD5
75b8f2605cfdea6e299f08cf639bed93
-
SHA1
b947e845cd141a44ff94d3a734da68e63f0f699e
-
SHA256
0789e989e22023133f45d367379d60ae7fe691c65ee390b3219de48b535d60ff
-
SHA512
e00b3442397138f3759b54d46c2e8e64e14d4748ec69e8a55055c7650d3484087145d7dbc68c2539af3fcbd226d5fcad9acfd13b981b7277ad56836a87e9fa5a
-
SSDEEP
49152:du1iGEahIF0x5xfbU60fsVS69M5wT0DIc97LET+rNE0kMe6:QNEaKexPU6k69nTtc97Z1
Score
1/10
Malware Config
Signatures
Files
-
36b96ad62534c6622d68731627db591588eea1ea81d6b1f447e0c9414a2aa17d.apk.zip
Password: infected
-
36b96ad62534c6622d68731627db591588eea1ea81d6b1f447e0c9414a2aa17d.apk
-
36b96ad62534c6622d68731627db591588eea1ea81d6b1f447e0c9414a2aa17d.apk
-
.PKGINFO
-
-
etc/logrotate.d/ossec-hids-local
-
etc/ossec-local.conf
-
var/ossec/active-response/bin/cloudflare-ban.sh
-
var/ossec/active-response/bin/disable-account.sh
-
var/ossec/active-response/bin/firewall-drop.sh
-
var/ossec/active-response/bin/firewalld-drop.sh
-
var/ossec/active-response/bin/host-deny.sh
-
var/ossec/active-response/bin/ip-customblock.sh
-
var/ossec/active-response/bin/ipfw.sh
-
var/ossec/active-response/bin/ipfw_mac.sh
-
var/ossec/active-response/bin/nftables-drop.sh
-
var/ossec/active-response/bin/npf.sh
-
var/ossec/active-response/bin/ossec-aws-waf.sh
-
var/ossec/active-response/bin/ossec-pagerduty.sh
-
var/ossec/active-response/bin/ossec-slack.sh
-
var/ossec/active-response/bin/ossec-tweeter.sh
-
var/ossec/active-response/bin/pf.sh
-
var/ossec/active-response/bin/restart-ossec.sh
-
var/ossec/active-response/bin/route-null.sh
-
var/ossec/agentless/main.exp
-
var/ossec/agentless/register_host.sh
-
var/ossec/agentless/ssh.exp
-
var/ossec/agentless/ssh_asa-fwsmconfig_diff
-
var/ossec/agentless/ssh_foundry_diff
-
var/ossec/agentless/ssh_generic_diff
-
var/ossec/agentless/ssh_integrity_check_bsd
-
var/ossec/agentless/ssh_integrity_check_linux
-
var/ossec/agentless/ssh_nopass.exp
-
var/ossec/agentless/ssh_pixconfig_diff
-
var/ossec/agentless/sshlogin.exp
-
var/ossec/agentless/su.exp
-
var/ossec/bin/agent_control
-
var/ossec/bin/clear_stats
-
var/ossec/bin/list_agents
-
var/ossec/bin/manage_agents
-
var/ossec/bin/ossec-agentlessd
-
var/ossec/bin/ossec-analysisd
-
var/ossec/bin/ossec-authd
-
var/ossec/bin/ossec-control
-
var/ossec/bin/ossec-csyslogd
-
var/ossec/bin/ossec-dbd
-
var/ossec/bin/ossec-execd
-
var/ossec/bin/ossec-logcollector
-
var/ossec/bin/ossec-logtest
-
var/ossec/bin/ossec-lua
-
var/ossec/bin/ossec-luac
-
var/ossec/bin/ossec-maild
-
var/ossec/bin/ossec-makelists
-
var/ossec/bin/ossec-monitord
-
var/ossec/bin/ossec-regex
-
var/ossec/bin/ossec-remoted
-
var/ossec/bin/ossec-reportd
-
var/ossec/bin/ossec-syscheckd
-
var/ossec/bin/rootcheck_control
-
var/ossec/bin/syscheck_control
-
var/ossec/bin/syscheck_update
-
var/ossec/bin/util.sh
-
var/ossec/bin/verify-agent-conf
-
var/ossec/etc/decoder.xml
-
var/ossec/etc/internal_options.conf
-
var/ossec/etc/local_internal_options.conf
-
var/ossec/etc/ossec-init.conf
-
var/ossec/etc/ossec.conf
-
var/ossec/etc/shared/acsc_office2016_rcl.txt
-
var/ossec/etc/shared/cis_apache2224_rcl.txt
-
var/ossec/etc/shared/cis_debian_linux_rcl.txt
-
var/ossec/etc/shared/cis_debianlinux7-8_L1_rcl.txt
-
var/ossec/etc/shared/cis_debianlinux7-8_L2_rcl.txt
-
var/ossec/etc/shared/cis_mysql5-6_community_rcl.txt
-
var/ossec/etc/shared/cis_mysql5-6_enterprise_rcl.txt
-
var/ossec/etc/shared/cis_rhel5_linux_rcl.txt
-
var/ossec/etc/shared/cis_rhel6_linux_rcl.txt
-
var/ossec/etc/shared/cis_rhel7_linux_rcl.txt
-
var/ossec/etc/shared/cis_rhel_linux_rcl.txt
-
var/ossec/etc/shared/cis_sles11_linux_rcl.txt
-
var/ossec/etc/shared/cis_sles12_linux_rcl.txt
-
var/ossec/etc/shared/cis_solaris11_rcl.txt
-
var/ossec/etc/shared/cis_win10_enterprise_L1_rcl.txt
-
var/ossec/etc/shared/cis_win10_enterprise_L2_rcl.txt
-
var/ossec/etc/shared/cis_win2012r2_domainL1_rcl.txt
-
var/ossec/etc/shared/cis_win2012r2_domainL2_rcl.txt
-
var/ossec/etc/shared/cis_win2012r2_memberL1_rcl.txt
-
var/ossec/etc/shared/cis_win2012r2_memberL2_rcl.txt
-
var/ossec/etc/shared/cis_win2016_domainL1_rcl.txt
-
var/ossec/etc/shared/cis_win2016_domainL2_rcl.txt
-
var/ossec/etc/shared/cis_win2016_memberL1_rcl.txt
-
var/ossec/etc/shared/cis_win2016_memberL2_rcl.txt
-
var/ossec/etc/shared/rootkit_files.txt
-
var/ossec/etc/shared/rootkit_trojans.txt
-
var/ossec/etc/shared/system_audit_pw.txt
-
var/ossec/etc/shared/system_audit_rcl.txt
-
var/ossec/etc/shared/system_audit_ssh.txt
-
var/ossec/etc/shared/win_applications_rcl.txt
-
var/ossec/etc/shared/win_audit_rcl.txt
-
var/ossec/etc/shared/win_malware_rcl.txt
-
var/ossec/rules/apache_rules.xml
-
var/ossec/rules/apparmor_rules.xml
-
var/ossec/rules/arpwatch_rules.xml
-
var/ossec/rules/asterisk_rules.xml
-
var/ossec/rules/attack_rules.xml
-
var/ossec/rules/cimserver_rules.xml
-
var/ossec/rules/cisco-ios_rules.xml
-
var/ossec/rules/clam_av_rules.xml
-
var/ossec/rules/courier_rules.xml
-
var/ossec/rules/dnsmasq_rules.xml
-
var/ossec/rules/dovecot_rules.xml
-
var/ossec/rules/dropbear_rules.xml
-
var/ossec/rules/exim_rules.xml
-
var/ossec/rules/firewall_rules.xml
-
var/ossec/rules/firewalld_rules.xml
-
var/ossec/rules/ftpd_rules.xml
-
var/ossec/rules/hordeimp_rules.xml
-
var/ossec/rules/ids_rules.xml
-
var/ossec/rules/imapd_rules.xml
-
var/ossec/rules/kesl_rules.xml
-
var/ossec/rules/last_rootlogin_rules.xml
-
var/ossec/rules/lighttpd_rules.xml
-
var/ossec/rules/linux_usbdetect_rules.xml
-
var/ossec/rules/local_rules.xml
-
var/ossec/rules/mailscanner_rules.xml
-
var/ossec/rules/mcafee_av_rules.xml
-
var/ossec/rules/mhn_cowrie_rules.xml
-
var/ossec/rules/mhn_dionaea_rules.xml
-
var/ossec/rules/ms-exchange_rules.xml
-
var/ossec/rules/ms-se_rules.xml
-
var/ossec/rules/ms1016_usbdetect_rules.xml
-
var/ossec/rules/ms_dhcp_rules.xml
-
var/ossec/rules/ms_firewall_rules.xml
-
var/ossec/rules/ms_ftpd_rules.xml
-
var/ossec/rules/ms_ipsec_rules.xml
-
var/ossec/rules/ms_powershell_rules.xml
-
var/ossec/rules/msauth_rules.xml
-
var/ossec/rules/mysql_rules.xml
-
var/ossec/rules/named_rules.xml
-
var/ossec/rules/netscreenfw_rules.xml
-
var/ossec/rules/nginx_rules.xml
-
var/ossec/rules/nsd_rules.xml
-
var/ossec/rules/openbsd-dhcpd_rules.xml
-
var/ossec/rules/openbsd_rules.xml
-
var/ossec/rules/opensmtpd_rules.xml
-
var/ossec/rules/ossec_rules.xml
-
var/ossec/rules/owncloud_rules.xml
-
var/ossec/rules/pam_rules.xml
-
var/ossec/rules/php_rules.xml
-
var/ossec/rules/pix_rules.xml
-
var/ossec/rules/policy_rules.xml
-
var/ossec/rules/postfix_rules.xml
-
var/ossec/rules/postgresql_rules.xml
-
var/ossec/rules/proftpd_rules.xml
-
var/ossec/rules/proxmox-ve_rules.xml
-
var/ossec/rules/psad_rules.xml
-
var/ossec/rules/pure-ftpd_rules.xml
-
var/ossec/rules/racoon_rules.xml
-
var/ossec/rules/roundcube_rules.xml
-
var/ossec/rules/rules_config.xml
-
var/ossec/rules/sendmail_rules.xml
-
var/ossec/rules/smbd_rules.xml
-
var/ossec/rules/solaris_bsm_rules.xml
-
var/ossec/rules/sonicwall_rules.xml
-
var/ossec/rules/spamd_rules.xml
-
var/ossec/rules/squid_rules.xml
-
var/ossec/rules/sshd_rules.xml
-
var/ossec/rules/symantec-av_rules.xml
-
var/ossec/rules/symantec-ws_rules.xml
-
var/ossec/rules/syslog_rules.xml
-
var/ossec/rules/sysmon_rules.xml
-
var/ossec/rules/systemd_rules.xml
-
var/ossec/rules/telnetd_rules.xml
-
var/ossec/rules/topleveldomain_rules.xml
-
var/ossec/rules/trend-osce_rules.xml
-
var/ossec/rules/unbound_rules.xml
-
var/ossec/rules/vmpop3d_rules.xml
-
var/ossec/rules/vmware_rules.xml
-
var/ossec/rules/vpn_concentrator_rules.xml
-
var/ossec/rules/vpopmail_rules.xml
-
var/ossec/rules/vsftpd_rules.xml
-
var/ossec/rules/web_appsec_rules.xml
-
var/ossec/rules/web_rules.xml
-
var/ossec/rules/wordpress_rules.xml
-
var/ossec/rules/zeus_rules.xml