8f1c3308e3dea91ff6184be3b9c1cbe7c23ea43967af7976f76998487dfc2d28[.]apk[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

8f1c3308e3dea91ff6184be3b9c1cbe7c23ea43967af7976f76998487dfc2d28.apk.zip
Size

66.1MB
MD5

cb3d08cf704243f88d955b8a9e7e14a1
SHA1

21bcfc6082ff1a759c8443115c56dd21c69f3118
SHA256

8cbe8d963977a53f7c186cec6d76ee6470d0897ac827d5435a2f32fdd8dda4b2
SHA512

c3d18c04af57248ca27a8e9cb45793972d43fdced9c0b9e366d7f7db0a389d2fa2458d50c4ec4cfbad630faad0e83dde225f183524481d96603d69c1f84b6b8f
SSDEEP

1572864:SXdqwuEme5syTD/gkSQTRlD/NFYZS1n7VB/UXETiemka:SNvhp5Ffx5RlD/NCZSt7EUTiemka

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 3 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read the user's calendar data.	android.permission.READ_CALENDAR
Allows an application to write the user's calendar data.	android.permission.WRITE_CALENDAR

Unsigned PE 15 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Assembly-CSharp-firstpass.dll
unpack002/Assembly-CSharp.dll
unpack002/Assembly-UnityScript-firstpass.dll
unpack002/Assembly-UnityScript.dll
unpack002/Boo.Lang.dll
unpack002/Pain.dll
unpack002/System.Core.dll
unpack002/System.Data.dll
unpack002/System.Xml.dll
unpack002/System.dll
unpack002/UnityEngine.UI.dll
unpack002/UnityEngine.dll
unpack002/UnityScript.Lang.dll
unpack002/fastJSON.dll
unpack002/mscorlib.dll

Files

8f1c3308e3dea91ff6184be3b9c1cbe7c23ea43967af7976f76998487dfc2d28.apk.zip
.zip

Password: infected
8f1c3308e3dea91ff6184be3b9c1cbe7c23ea43967af7976f76998487dfc2d28.apk
.apk .ps1 android arch:arm

com.carzyspeed2.racingcar.turbo.free

com.omp.support.unity.OMMainActivityUnity3D

Activities

com.omp.support.unity.OMMainActivityUnity3D

android.intent.action.MAIN

Permissions

android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.INTERNET
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
com.android.vending.BILLING
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.CHANGE_WIFI_STATE
android.permission.READ_CALENDAR
android.permission.WRITE_CALENDAR
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

Receivers

com.adjust.sdk.AdjustReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.magicseven.lib.adboost.receiver.MonitorReceiver

com.android.app.START_REFERRER
android.net.conn.CONNECTIVITY_CHANGE
com.android.vending.INSTALL_REFERRER

com.magicseven.lib.data.statistics.NetChangedReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.magicseven.lib.task.service.TaskReceiver

android.intent.action.PACKAGE_ADDED

com.vungle.warren.NetworkStateReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

com.facebook.sdk.ACTION_CURRENT_ACCESS_TOKEN_CHANGED

com.appnext.base.receivers.AppnextBootReciever

android.intent.action.BOOT_COMPLETED

Services
0000000000000000f000000000000000
0116e799c8f4dc14a8a8b352845455d1
01f872cf1dcb7c14caebf9f940aca772
03ec10f2fafe48346b5a6a772b6e6676
0513560e35ad4194c92cb5bae53e1779
0532be6ad3c81446f86deda431bce6e6
0544f1f771f542e45ac5304046a374bb
065e02ce5c5ec66429de34a0eabdf3f1
065e3c3d51575284aaf41f1d967efa26
0730d89f4049c4f64bab57f35925b081
082038888a72a814594c6003409be631
0835c8708bef15946ad32f534c8e5f73
08f6cdea010405744bbc4fd81d4b5560
0927316cba451442b9ae1e6d467615b0
09aa1d8b52a5445ec84c6bdbdaaa8ea3
0acf6d8ee40604532b5f6cf3396d7778
0adef045f9d3f2e40aff679e58857f98
0b30fc44f637dfb468d28aede5522dd9
0be96ef22487cac4daf75102ef8f2681
0c232cae2361443fcabaa9315de2ce20
0c8c3e47f4cc2d544aa0c8b037158776
0dcc65cf18da53a41a64c91377b995aa
0dd1e5efca02eb642af97300ef514388
0e0e3096a135379419bf8ebe4855fcba
0f10c253ccc064db382a8870476f3c70
0f9cd6baa705f40c0bde091380fa92b6
13a661241b46d4740bfcfc0c5ec18b1f
14a4b48bb5ef040c6b7e5ab9536f2a07
14ad1d2e194edae4a832ab596261ca59
1582e764affc23746b4103ce73db9c4d
179d44edc257548349a234ee248c125e
17fdbe12b16794d8ba1b83744721734e
182695e850938314fa6675a8926ad9ee
1877c8e43ec3ede49be026a910c03b83
1880a732ad112a541100162a44295342
1b941ab5b3a4b8248b7a936c693b4e81
1b966606a5520de43a346aed6c5fc6d4
1da6f8367fbe7454ebb850836a5ed0b0
1e72d04d228a1427d8f22f81540acbec
1fa50a82521f3404fa94590f51047824
203046693e0f046808a2a1f7b8e150b5
20c97864ca09240198ba43b47427e4c3
21d9c86fe5865498abe471293367104a
2390d3371880219479ed53e8f2d04bde
24afceafcaffc9e418f7c07d58a76aaa
24d6f4e25d0886a40810decdb8c684c2
2564ad7e6aae3cb4f91922c95ea90d66
2663752dbe386cb4c9a35db74fa018c8
26ae43393dcff3842866749d0732264e
26b2d5693e4ad422faa5e79e33f17584
276a5cdbc291c4f6fb8376a19bef5e7b
292d66e29a7f14b178dc3ce34ec6429a
29ba30c4bb9708c46aa61f2fbba2c667
2adb9a58bc947b94791180df0e26a8e1
2b21364bb71d4eb4dbce6894c82cd119
2d801a0232c694afc82f4cfb5baf354b
2dbc48a7d10599c47a439c03f7b8873c
2dcb2cd77947b4e5988a11313828a129
2e7d5018da3d6470f86f27c9eae7b808
2ec6a8bed5c8140748d9770e611dae6b
2f2ecec379ae04935803dc5a8fb3be79
2f786b93a64f4914cb65fa6be360cb7e
30cc403d3beed4355a1505c0f95546fd
31240de66fc02f245af4c47663052224
312bdf152a903174581f2678f14f409e
344bf4d707adbe247b366963b720d0a2
34c238a6e8c587847ba0cd2371ed0362
35cca59f9ddff466bbf99034402aa34d
39cd6eb88966b443aa0a4bc88585c589
3a2ac72d5ce09f74ba02cead5f74b403
3a33c4f8c755f214faea61b7a41866e3
3b6fad3fe46b246928b86a8443362aa4
3bb9beb64574a28459ad6f69e2d9c520
3d7239a7ff7cb2d4cb063d9fa6deb901
3e06e703396245f43808c5748381a7d8
3f21c51d36eed214682950784e00f775
3f24cc5e3c2f82340bfab96b3a73bf74
3f34fd2b7e3c04238bf45ac29de467df
42f931f262e6a401abdfe0d53b62fe6f
43bd647b35206459b93a479436a98312
43d891b3af2d3554f8314dc928d17384
455603670f409a648885eabf696bcff6
4613bf4dd759b2f40a6f4fc01dadc649
4924694b31df55e48b8fec1c123e438f
492f5d27836d84241b50fe93f1794500
493ff7bfffa9143a6bb4dbd1e983316c
496d424ef7870c0469cb1841b1d97bf4
49ffd431c60ac4efcb39a9ad066b17ad
4a7ba6298ef9a4ebab23c3685cfdd12f
4b61ecf2ac19c4891be223d07d5b3270
4cf56acadc8dfa74ba2fbfe951e89207
4f50a9f8f5aeb4ce4a9edebfd7832b10
5018377f248c745c99706890b94f07b8
50317298db8aa624a8d37a05bd71d547
5143d2254daf8da4f801d738ac27f961
51800a21b4b1e4bc5bae44bc5e73c565
536030f2a71d44f73b0a25085e901cf0
5372725d0cafd5b428aa6bfa1000c6c8
557f104866bed49b08a2fe6a503a6ecb
56a1e4aa00966264f89514a41c7e2a10
584780e9ee52e7c44bb0e40e8fc8e6ed
58544f46a9aeb4b739abbe21733d04ad
586090259afb742d4a33114644bfc1b2
59eafc43c252247bf8144dc4bd0c11cd
5a7199b9579d348be8def718d6b7843f
5ab896f825e3eca4aa92da5670d3fb8d
5d7ebc8e3b09d46baafcf56b7174b5ff
5e3f9f3a5815cc54788efa2c8949daca
5ec26c02d912c1848902d03536b6a669
5f33205bb9af67e4b8f270d1c471250c
5f542e200cf61ed43b990772950508d9
5f9a277f1cbab4d41ac0d277db015c89
5fe1156de086f4b70922b43975d7b42c
5fe3b99d185b64f2287e0d1b4fe8410c
61b022fde22184863bd082693ef745f4
6221a15804d2742e3ba28d8bddcdf35b
642fd931ae6b34fafa00b5badf041260
6502b0eb6eb6c114983ad4ed3c713245
654d650d93fdbad4bb934349834e64b0
656ab1b35b4cbb046b41bfe31296ee47
65d4a674a48fd284a86e1f740466df12
65dee7c33b640bf4fae103ce0e44d573
66057ecda5b50414e962459398363aee
664703212167f4a2fa532f0c19433dff
6793afeb1ba524134ae93ee3038763e0
69259a8ab563043d6902ca2438552c12
6ab27e5901c1ece4490b1cf9ee3024e1
6ad549f758be4ab4eb66544cdf4b76df
6b18c4e53e34f4eb0900144c3ad7549e
6bbdf230326f3424eb2b1fb1a891b856
6c0037389844f4b78a1e874b41083ba8
6c759c4817ac64a52967237e59fce0a9
6cae3bda33d8a214480ad96f788f8a41
6d30173c744ab499ab9949e3ee085649
6d35899e8536b554a9b616fa8f9c950b
6de0d52908346954da67551c3c325401
6e3a85d652541ef40a60981b0e840bbf
6f2c4b854f9e4a74f8f8555e58339134
6f4729a2ca2bbb84c9bda82a0bb8377b
6f7b3febe8556e54c96711c0764e92d1
7012513b3ef0f40a29e8c2a112b28fd3
705e3be56bcded34a85b8cd6b21f03d0
705ea59ec667c4950954d511f5bcdebe
71ba2e7cdae194674b114c1a7525dd1e
71d106ba94dab684e9d60c3b47e3eecb
71dfc3dea6f3d9d448cbdbe97e7f76a9
71e58914c16cd8f4b9e1270555a24aeb
7247a5e6549444eeb8d86ceafc5b0040
73da9df43a67d9543a47b1b692742cb7
74b180a16a15a4603b716f77fe27d6d4
757fcca624e574ceea4034f7e3893064
75cbeea08b31f4c2eb6f9b8b52bc8c2e
773417da4aa1b46409bd1e7574dcb251
7856039a2ca3d49d6b9173e93a7305c7
78881b9c20ca3694e802745b0659fffb
78c0a732ad112a541100162a44295342
78f3f89e53e5a5345a4579d4bcede201
793c9b032bb066e4fa3aa1aeca100fb1
794f594f91010f34ab0f473703f15896
7a11c399eaf17ea4dafec6ceb3a38444
7ac952cd4576fc14ab4c349dbbce7242
7ae299686a6ee8e489020f389302efe4
7afb428158ef80349802190d0f6771d1
7d2b370e8e05b4e02ab2e8f4f1a036ed
7d3bb9ddadfa7ee49b229e2ef5c5ef14
7d4633fe6434b4449b83cca268e06de0
7e27a694029114978bb51e509b6955e0
7fc6ca08c08d447fcb4dd535dc9eab66
81731d9e61ac347b6b0a12c718ef213a
82c1f2fa4b21ccd45811a7ca1ee79bb0
83236eb23b7126d408fcbd47cef96cf9
83a17f67fdf886847a963d53b1ef828f
83e425bb3196fb24d884e58c7dbccd8f
83e51d18d73ab97419ba935c0caea4e4
8466f9e61fe794cae9bac37d61bd3581
849b9790a1ba3e145baebf90e673179c
84cfe336b3a834d458e638f7a325d535
85c40ab3b3a53484288c5f625cac70be
8705eb83ab801c74b8876f4b901d4587
885d6c99746f9db4a83145e1d01a84e2
891814d5430f8684d910b6414e4a2c5c
8934249070177a34b8d64845921e4c8b
8971edfe59b345646b9af9f2088099e3
89bb2447b85a34a428506c56b615f708
8c7dfc876fa49c545bda02547058885e
8cc37575a7684ed4881698fbe4edf7d0
8fdcd3382b3144b7fb174d6807d84582
8fdfff5cb20294f8e94013d938480cb6
909b20cf156524806ac4e16832a91e63
928bfc4c6eaaa4e3bacd632f7dd903e3
930e010b644622340bf80198508a0a84
9319ce92bbe5f492ea1571355e7cfd6f
937ef90259c7043d6aaf967c245b7a1d
93c84009f8f004b4f84697c8cb12dd63
942a855fb9eae8c4982ad227d29401ff
96ddaa3ebceaaa240a40366a8e59db8e
9733806916b4cb54d87bac270b362922
97c10f34911bed84a86f20336d73e20b
983aaf17b09f59f49891c68b34892754
983fb627bcf81400ea2de538c02e8ba1
99969bce25e28624399c74e77b285a16
99c6f00a6e6edc54697116643017d15d
99f6d4e9edcc2294d8326eb35f802746
9b44befc4492bd941afae0756e136112
9be8c47d5370a94469c6f72b6fc8f323
9c02810802c99b141a34efd081c55cbf
9c278b772ee0e4800b1e1f7257ad1bff
9c436d67fac37854ba0477a76f2b2489
9c52b40277d6a4db9acb5115727f7eee
9d388d44565134bc9b9e72aaf5cde604
9d99461f7be39314ba7b714ad8f8e6be
9e33b291e347f454e9f18ece36e1b7fd
9f39f1d1f2f3ee04bb793082eee05819
9f8daec8e4f08e346bd326cb49b027b9
9fc354b134e00bc46b9dc37190285c1b
9fec0622bfd2d482d93c032d3876c52f
Assembly-CSharp-firstpass.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Assembly-CSharp.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Assembly-UnityScript-firstpass.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Assembly-UnityScript.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Boo.Lang.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Pain.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PlayerConnectionConfigFile
System.Core.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
System.Data.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 290KB - Virtual size: 289KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
System.Xml.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 414KB - Virtual size: 414KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
System.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
UnityEngine.UI.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
UnityEngine.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 331KB - Virtual size: 331KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 772B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
UnityScript.Lang.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
a1a0bffb3d73c4d7295cb1f85d2ed237
a1bf23ab21a50664f8cb63505d5bcab6
a23a8b69495804cb6915e0089a353971
a23b1a8efeafc204ca95bc815dc383fc
a251dd46fcdb6aa44b96e3f403f0ba63
a2b1d6ea4d6c94ec280494c032cef49b
a2e33ec3c1cfe4b218dc34935fe52f9c
a33cb394358c5814ab9a2a098384df3b
a4bc2154069938c478d966ac7e427109
a4f5a0131140d0a49a683dc2bbe18d61
a74ba3cac4664d646a6cbac45b8f4ac6
a810a78725a9b45c3b02356ef233a4f6
a955fad5cf4686644a72b755bf282fed
a96ea26fa57584c8e95dac1c4a9a9863
a9ada003d45d24354ac6ca076cc90613
aadbacf36c9404526a0edfe278b275fe
aae81630a3101ab47acc5e985d8bfb0b
ac96f5c0b697340a887ac2bd77a0bddc
ac9a30e78b666b84caeb31d673123a77
ad1313185107c1b4b9c1567df5f66b8e
ad132cd2581e101439617c3e98a39dfe
ad79dae9d2935674ab7c7dd8b81b90b4
ad9f1c443590b65499f9c65af19c7180
b08fedcea9ca1144b8343397b95e8c04
b0c74684ab2136d4789e074c8c0a70ee
b1160712a80d90d4b8adf9f18e230134
b14b122065f585742a96f1c25b3a5d20
b1bd60bfef9167e4ca4453121d5641e2
b1f4b562d0ebea24299650435eec3efb
b20284a993c0c724d926d975e7a0d516
b24facad8b0552f4d9f6225802d415a9
b2a6e0fc69fc4af4babc737c29764577
b3e5d3b7b059441c2bff490bf551735c
b899a9bf70dd84f0ea765619404c0706
b9c1ed8af4d324041bc6d39015ad9b7f
ba2ec43c06fd94c4c9e72564ff0683b2
bb57bf4fe37b04af8b1631fb06ca3cd9
bc3d72064a5123244aba3d7a234be6b5
bcdf43234077e884aa084910e9a889fe
bd3f2e3c3c13f41fcbd56f888482e4ca
bdef0fb2130d57d4197116676051273a
be1e4481038c6b14e8f81a0c7d05904b
be94ff2550b0d43098943f28f439c206
bec5af03846e6ba40a89053f4efdd638
c0991a1286ec98c45a2782b4fbb48845
c0dd7c1261fdd4c71bfce454f39d3ea0
c1dcdbf9629fb3947be1eac16a18339f
c2906a7d6cdd91844b77bca5d0690180
c4783c0036ff64d5080c1bc6696d1720
c4d9481e720164fceaec82b8141e6276
c4df6c2b7c14e4f789823631c728b315
c64ffd44cc4f00342889efbd0469a4ed
c692a8e6b5e5642fa871cd1d85c5ae38
c7b1ad80772bc624db84e31d74bdac3d
c85dce5b4959d5948a3e4b9ecf4b1760
c864b81bfda114e49b6a9ad6eb9d75a9
c8798ac2fb720d64a9ede2424d132ebc
c8bfdf5a002a946969b992337672e8a6
c9744403bb9d4714abf7707b4c08c181
c9fb34c21f1359c4ebc8fcf94d4f0e44
cc4cf2f716936c34bba565ca91343a60
cc71b10eec65a21478bb6d5e2383ee3a
cc90a732ad112a541100162a44295342
ccbd9e18bde7a4360ab98712a71427b5
ccd70e9fb2e671e4e99f25434f3d1c60
cd18a9a2b6cc04046af33a8b4681d6fd
cd76d1ef8a52e4d20ba28562c71825be
cdfe9406775db5a409192bb36cc4f607
ceae2b67241ba134c9fe4d67e1e6d9f9
cf123ce564a97e343a7693b0a46aa466
d0006d68b9b359a4e8b72ccec285a5c7
d010f11924fa045c8a0faeb559671bad
d0464723539db40479d1c71715934dda
d15a2b66c47585c469f9afd9481bf021
d1754bd84909fdc449f2f1b763e42adb
d1ebcd00c1d17d441abe69a60007327e
d3cadb75177f7974f83c9a33f16c0d01
d7761d7b861da9f4cbcd8059f296c778
d78cd9c604f191b43979fc588774f696
dabb75dce0f40455fa660dadb4e2c580
dcdfe94b955184491a799dd81c69daf6
e14ac89b7ecdf724d946dc3cfa2e574f
e2bd55902f047fd4cb0a0d850cde556e
e36fd0c9a4c1c3d408f0ccdc79cb168c
e387f662afce60c4cbf4689043469d34
e4116d53664c14672b9afedcc745a46a
e53697e4ebe3f4dbc89c4475f1affa8a
e646fb67899495044b2aae65eb0cf104
e78c404d6b868c344bd2317f21503a01
e7f7d38b7656dca4a9575d398d3b4790
ea53f94ddc3064ceab733bdf3fd16009
ea71fe23a24dc35409986707a5e86955
eb9fbeb7beb034c849acc64e3315d6e6
ed15eda64ead8ed47bd068a8c95c7523
ee87cb9d403ab794587c6d39cb999f9f
eeaf8f6b5aa2a79488bf8b7f9f985c82
f0be4b388368f4ac48b4d228c17ccca4
f1dbb3442d60c45f4b4889f0099b73a0
f1dec54815c7e6a4b80dc964fe9c26f0
f276874663a5354448d052d81c5c23ac
f2fd9f20b5025ae4aad6dcdda8039b99
f3b9d1962aeee4e688aba182d20a9052
f3ef16f092a6ad648a11be97416668ac
f3fd145b191cf4040ac6b55cda352a53
f4982cb00b9b243c0be3bc8074b14b6d
f4c7a84480fe74dc08bc05a8f34d181e
f527bbfe0c8aefa4bbd05097138a932a
f5a6a41934fe3ba429e79668190b0c6f
f671045bda6a94d55b75e33784e39183
f82c7287bf802b24aa359e82e89f3560
f9585a629f3ca7a41863121f0b99af20
f98ecc94d8f8aca4a82be7797e76b7aa
fa15eafadb4a12f4f907992144d98003
fabbeeb615b119842b0d70f7ec137531
fastJSON.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 676B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
fb4675cf89c5a4e0aa7b632390e0f2c9
fcdadae3bfcc84adb8019cafa8f009a1
fda95473667b4e94796d84a8e2ea0296
fdf825eb3a5464a43896eb003acabe52
fe201cc36582249aca3bdc8d8f0d2185
ff472d0e5d4b54509baf22a78e840c79
level0
level1
level10
.ps1
level2
level3
level4.split0
level4.split1
level5.split0
.ps1
level5.split1
level5.split2
level6.split0
level6.split1
level7
level8.split0
.ps1
level8.split1
level9.split0
level9.split1
mainData
mscorlib.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
settings.xml
.xml
sharedassets0.assets.split0
sharedassets0.assets.split1
sharedassets0.assets.split2
sharedassets1.assets
sharedassets10.assets.split0
sharedassets10.assets.split1
sharedassets10.assets.split2
sharedassets10.assets.split3
sharedassets10.assets.split4
sharedassets10.assets.split5
sharedassets10.assets.split6
sharedassets10.assets.split7
.ps1
sharedassets10.assets.split8
sharedassets10.assets.split9
sharedassets11.assets.split0
sharedassets11.assets.split1
sharedassets11.assets.split2
sharedassets11.assets.split3
sharedassets11.assets.split4
sharedassets11.assets.split5
sharedassets2.assets.split0
sharedassets2.assets.split1
sharedassets2.assets.split2
sharedassets2.assets.split3
sharedassets2.assets.split4
sharedassets2.assets.split5
sharedassets3.assets.split0
sharedassets3.assets.split1
sharedassets3.assets.split10
sharedassets3.assets.split11
sharedassets3.assets.split12
sharedassets3.assets.split2
sharedassets3.assets.split3
sharedassets3.assets.split4
sharedassets3.assets.split5
sharedassets3.assets.split6
sharedassets3.assets.split7
sharedassets3.assets.split8
sharedassets3.assets.split9
sharedassets4.assets.split0
sharedassets4.assets.split1
sharedassets4.assets.split2
sharedassets4.assets.split3
sharedassets5.assets.split0
sharedassets5.assets.split1
sharedassets5.assets.split10
sharedassets5.assets.split11
sharedassets5.assets.split12
sharedassets5.assets.split13
sharedassets5.assets.split14
sharedassets5.assets.split15
sharedassets5.assets.split16
sharedassets5.assets.split17
sharedassets5.assets.split18
sharedassets5.assets.split19
sharedassets5.assets.split2
sharedassets5.assets.split3
sharedassets5.assets.split4
sharedassets5.assets.split5
sharedassets5.assets.split6
sharedassets5.assets.split7
sharedassets5.assets.split8
sharedassets5.assets.split9
sharedassets6.assets.split0
sharedassets6.assets.split1
sharedassets6.assets.split2
sharedassets6.assets.split3
sharedassets6.assets.split4
sharedassets6.assets.split5
sharedassets6.assets.split6
sharedassets7.assets.split0
sharedassets7.assets.split1
sharedassets7.assets.split10
sharedassets7.assets.split11
sharedassets7.assets.split12
sharedassets7.assets.split2
sharedassets7.assets.split3
sharedassets7.assets.split4
sharedassets7.assets.split5
sharedassets7.assets.split6
sharedassets7.assets.split7
sharedassets7.assets.split8
sharedassets7.assets.split9
sharedassets8.assets.split0
sharedassets8.assets.split1
sharedassets8.assets.split2
sharedassets8.assets.split3
sharedassets8.assets.split4
sharedassets8.assets.split5
sharedassets8.assets.split6
sharedassets8.assets.split7
sharedassets8.assets.split8
sharedassets9.assets.split0
sharedassets9.assets.split1
sharedassets9.assets.split2
sharedassets9.assets.split3
sharedassets9.assets.split4
sharedassets9.assets.split5
sharedassets9.assets.split6
sharedassets9.assets.split7
splash.png
.png
unity default resources
unity_builtin_extra

Sharing

General

Malware Config

Signatures

Files

Password: infected

com.carzyspeed2.racingcar.turbo.free

com.omp.support.unity.OMMainActivityUnity3D

Activities

com.omp.support.unity.OMMainActivityUnity3D

Permissions

Receivers

com.adjust.sdk.AdjustReferrerReceiver

com.magicseven.lib.adboost.receiver.MonitorReceiver

com.magicseven.lib.data.statistics.NetChangedReceiver

com.magicseven.lib.task.service.TaskReceiver

com.vungle.warren.NetworkStateReceiver

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

com.appnext.base.receivers.AppnextBootReciever

Services

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

Imports

mscoree

Sections

.text Size: 28KB - Virtual size: 28KB

.rsrc Size: 1024B - Virtual size: 828B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

Imports

mscoree

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rsrc Size: 1024B - Virtual size: 928B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

Imports

mscoree

Sections

.text Size: 77KB - Virtual size: 77KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

Imports

mscoree

Sections

.text Size: 12KB - Virtual size: 12KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 18KB - Virtual size: 17KB

.reloc Size: 512B - Virtual size: 12B

.rsrc Size: 1KB - Virtual size: 1KB

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 42KB - Virtual size: 42KB

.reloc Size: 512B - Virtual size: 12B

.rsrc Size: 1024B - Virtual size: 816B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

.text
Size: 28KB - Virtual size: 28KB

.rsrc
Size: 1024B - Virtual size: 828B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 1.1MB - Virtual size: 1.1MB

.rsrc
Size: 1024B - Virtual size: 928B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 77KB - Virtual size: 77KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 12KB - Virtual size: 12KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 18KB - Virtual size: 17KB

.reloc
Size: 512B - Virtual size: 12B

.rsrc
Size: 1KB - Virtual size: 1KB

.text
Size: 42KB - Virtual size: 42KB

.reloc
Size: 512B - Virtual size: 12B

.rsrc
Size: 1024B - Virtual size: 816B

.text
Size: 9KB - Virtual size: 8KB

.reloc
Size: 512B - Virtual size: 12B

.rsrc
Size: 1024B - Virtual size: 1000B

.text
Size: 290KB - Virtual size: 289KB

.reloc
Size: 512B - Virtual size: 12B

.rsrc
Size: 1024B - Virtual size: 1000B

.text
Size: 414KB - Virtual size: 414KB

.reloc
Size: 512B - Virtual size: 12B

.rsrc
Size: 1024B - Virtual size: 1000B

.text
Size: 126KB - Virtual size: 125KB

.reloc
Size: 512B - Virtual size: 12B

.rsrc
Size: 1024B - Virtual size: 968B

.text
Size: 165KB - Virtual size: 165KB

.reloc
Size: 512B - Virtual size: 12B

.rsrc
Size: 1024B - Virtual size: 888B

.text
Size: 331KB - Virtual size: 331KB

.reloc
Size: 512B - Virtual size: 12B

.rsrc
Size: 1024B - Virtual size: 772B

.text
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 12B