ac7fc13f231096120bcd32ebbd258df25b227ab2b22bceb06cdd2cf9275a913d[.]apk[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

ac7fc13f231096120bcd32ebbd258df25b227ab2b22bceb06cdd2cf9275a913d.apk.zip
Size

55.9MB
MD5

289f145abfaa9bba99a4aa7b7b07e5a0
SHA1

fe7a96e9eb8d3893270617dd3e3ba9b7b6044856
SHA256

384409bb478be20e11699663d784770af591b15be35fe042ba58bae4de61be9e
SHA512

e98367dc643de7c3a92ac23d496449eca5eb8df23a0564a4dc45c328b6e3d2a5b51fc597b5a997e80b3024143bf159a8f37d924e9ef493fc9477619c9980bb38
SSDEEP

1572864:Cjo7+dfApgpR5k0b1mRdljjpM6u02AWf3qabxDS6k/:CUCdIpgB/YxpMjB3/bxDS6k/

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 6 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION

Files

ac7fc13f231096120bcd32ebbd258df25b227ab2b22bceb06cdd2cf9275a913d.apk.zip
.zip

Password: infected
ac7fc13f231096120bcd32ebbd258df25b227ab2b22bceb06cdd2cf9275a913d.apk
.apk android arch:arm

com.intsig.camscanner

com.intsig.camscanner.launcher.WelcomeDefaultActivity

Activities

com.intsig.camscanner.launcher.WelcomeDefaultActivity

android.intent.action.MAIN
com.intsig.camscanner.Launcher

com.intsig.camscanner.launcher.WelcomePremiumActivity

android.intent.action.MAIN
com.intsig.camscanner.Launcher

com.intsig.camscanner.launcher.WelcomePrestigeActivity

android.intent.action.MAIN
com.intsig.camscanner.Launcher

com.intsig.camscanner.MainMenuActivity

android.intent.action.SEND
android.intent.action.VIEW
MainMenuActivity.intent.folder.shortcut
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

com.intsig.camscanner.CaptureActivity

com.intsig.camscanner.NEW_DOC

com.intsig.camscanner.DocumentActivity

android.intent.action.VIEW
android.intent.action.INSERT

com.intsig.camscanner.ImageScannerActivity

com.intsig.camscanner.NEW_PAGE
com.intsig.camscanner.SCAN_IMAGE_ONECLOUD

com.intsig.camscanner.BillingHelpActivity

com.intsig.camscanner.buyvip

com.intsig.camscanner.onecloud.BoxActionCreateActivity

com.intsig.camscanner.BOX_CREATE

com.intsig.webstorage.googleaccount.RedirectUriReceiverActivity

android.intent.action.VIEW

com.intsig.tsapp.LoginActivity

com.intsig.camscanner.RELOGIN
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

com.intsig.camscanner.SonyCaptureActivity

com.sonymobile.camera.addon.action.REGISTER_MODE

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

com.intsig.camscanner.FeedbackActivity

com.intsig.camscanner.ACTION_FEEDBACK

com.intsig.camscanner.UriRedirectActivity

android.intent.action.VIEW
com.intsig.camscanner.ACTION_REGISTER
com.intsig.camscanner.ACTION_LOGIN

com.intsig.webview.WebUrlRedirectActivity

android.intent.action.VIEW

com.intsig.camscanner.openapi.OCROpenApiActivity

com.intsig.camscanner.ACTION_OCR

com.intsig.camscanner.openapi.ImageOpenApiActivity

com.intsig.camscanner.ACTION_SCAN_BACKGROUD

com.intsig.camscanner.DocumentShortCutActivity

android.intent.action.VIEW

com.intsig.purchase.PurchaseTypeActivity

android.intent.action.VIEW

com.dropbox.core.android.AuthActivity

android.intent.action.VIEW

Permissions

android.permission.ACCESS_WIFI_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.CAMERA
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.READ_PHONE_STATE
com.android.launcher.permission.INSTALL_SHORTCUT
com.intsig.camscanner.Account
com.sonymobile.permission.CAMERA_ADDON
com.intsig.camscanner.permission.C2D_MESSAGE
com.google.android.c2dm.permission.RECEIVE
com.android.vending.BILLING
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.CHANGE_NETWORK_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
com.sony.mobile.permission.SYSTEM_UI_VISIBILITY_EXTENSION
android.permission.VIBRATE
android.permission.FLASHLIGHT
android.permission.MOUNT_UNMOUNT_FILESYSTEMS

Receivers

com.intsig.camscanner.onecloud.BoxActionReceiver

com.box.android.EDIT_FILE
com.box.android.CREATE_FILE
com.box.android.VIEW_FILE
com.box.android.LAUNCH
com.android.vending.INSTALL_REFERRER

com.intsig.gcm.GCMBroadcastReceiver

com.google.android.c2dm.intent.RECEIVE
com.google.android.c2dm.intent.REGISTRATION

com.intsig.camscanner.shortcut.CaptureWidgetProvider

android.appwidget.action.APPWIDGET_UPDATE

com.appsflyer.SingleInstallBroadcastReceiver

com.android.vending.INSTALL_REFERRER

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

com.facebook.sdk.ACTION_CURRENT_ACCESS_TOKEN_CHANGED

com.microsoft.aad.adal.ApplicationReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_INSTALL

Services
arrow_down.png
.png
arrow_up.png
.png
bill_guide_zh.jpg
.jpg
capture_guide.jpg
.jpg
capture_guide_zh.jpg
.jpg
certificate_guide_zh.jpg
.jpg
com.tencent.open.config.json
common.css
crashlytics-build.properties
csice.dat
index_ar.html
.js
index_br.html
.html .js
index_de.html
.js
index_en.html
.js
index_es.html
.js
index_fr.html
.js
index_it.html
.js
index_ja.html
.js
index_ko.html
.js
index_pl.html
.js
index_pt.html
.js
index_ru.html
.js
index_tr.html
.js
index_tw.html
.js
index_zh.html
.js
iu.base.js
.js
jquery.min.js
.js
libwbsafeedit
.elf linux arm
libwbsafeedit_64
.elf linux aarch64
libwbsafeedit_x86
.elf linux x86
libwbsafeedit_x86_64
.elf linux x64
mobile.common.css
premium.feature.css
premium_10G.png
.png
premium_10G_hl.png
.png
premium_assist.png
.png
premium_assist_hl.png
.png
premium_combine.png
.png
premium_combine_hl.png
.png
premium_link.png
.png
premium_link_hl.png
.png
premium_ocr.png
.png
premium_ocr_hl.png
.png
premium_pay.png
.png
premium_pay_hl.png
.png
premium_pdf.png
.png
premium_pdf_hl.png
.png
premium_sign.png
.png
premium_sign_hl.png
.png
premium_strongbox.png
.png
premium_strongbox_hl.png
.png
premium_upload.png
.png
premium_upload_hl.png
.png
qr_code.jpg
.jpg

Sharing

General

Malware Config

Signatures

Files

Password: infected

com.intsig.camscanner

com.intsig.camscanner.launcher.WelcomeDefaultActivity

Activities

com.intsig.camscanner.launcher.WelcomeDefaultActivity

com.intsig.camscanner.launcher.WelcomePremiumActivity

com.intsig.camscanner.launcher.WelcomePrestigeActivity

com.intsig.camscanner.MainMenuActivity

com.intsig.camscanner.CaptureActivity

com.intsig.camscanner.DocumentActivity

com.intsig.camscanner.ImageScannerActivity

com.intsig.camscanner.BillingHelpActivity

com.intsig.camscanner.onecloud.BoxActionCreateActivity

com.intsig.webstorage.googleaccount.RedirectUriReceiverActivity

com.intsig.tsapp.LoginActivity

com.intsig.camscanner.SonyCaptureActivity

com.tencent.tauth.AuthActivity

com.intsig.camscanner.FeedbackActivity

com.intsig.camscanner.UriRedirectActivity

com.intsig.webview.WebUrlRedirectActivity

com.intsig.camscanner.openapi.OCROpenApiActivity

com.intsig.camscanner.openapi.ImageOpenApiActivity

com.intsig.camscanner.DocumentShortCutActivity

com.intsig.purchase.PurchaseTypeActivity

com.dropbox.core.android.AuthActivity

Permissions

Receivers

com.intsig.camscanner.onecloud.BoxActionReceiver

com.intsig.gcm.GCMBroadcastReceiver

com.intsig.camscanner.shortcut.CaptureWidgetProvider

com.appsflyer.SingleInstallBroadcastReceiver

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

com.microsoft.aad.adal.ApplicationReceiver

Services