Overview

overview

7

Static

static

7

09ae39b638...47.apk

android-9-x86

7

09ae39b638...47.apk

android-10-x64

7

DaemonClient.apk

android-9-x86

DaemonClient.apk

android-10-x64

DaemonClient.apk

android-11-x64

Kp.apk

android-9-x86

7

Kp.apk

android-10-x64

1

Kp.apk

android-11-x64

7

libgoldcoast.so

ubuntu-18.04-amd64

libgoldcoast.so

debian-9-armhf

libgoldcoast.so

debian-9-mips

libgoldcoast.so

debian-9-mipsel

Sharing

Copy URL Twitter E-mail

General

  • Target

    09ae39b638ea5c66d50bdabb5072db820837582682a8fefbf6f58983899f8747.apk.zip

  • Size

    23.8MB

  • MD5

    10c5e4a7108343443c7b3ffd0bb706f1

  • SHA1

    87c51594ee8b9ef2d034ab51afa9e455f2f3885c

  • SHA256

    3f8b5641a6ec299be886a7a4ffd8c913c3262ec2fb59ad75dd7b7b4c1c068587

  • SHA512

    aef72d05d7395d5f47a364c76fc88aeb4f7facf2cac92434b6bb04d5ed88d13b348000c696612bfcd2be3705be11a1603054bbba30743d8ae76acf444f72cd0d

  • SSDEEP

    393216:A94a2HcelLoU7dt02Ph7QcPUBCrLd5NoygqxDVxVKsj8dVIjKejN1Tk8kuIZ+Cdu:A9w8e6o7QcPUV7qx8xwKejN1YkdCdu

Score
7/10

Malware Config

Signatures

  • Requests dangerous framework permissions 13 IoCs

Files

  • 09ae39b638ea5c66d50bdabb5072db820837582682a8fefbf6f58983899f8747.apk.zip
    .zip

    Password: infected

  • 09ae39b638ea5c66d50bdabb5072db820837582682a8fefbf6f58983899f8747.apk
    .apk android arch:arm arch:x86

    com.xposed.pdx

    com.cyjh.elfin.activity.news.SplashActivity


  • AdDex.4.0.1.dex
    .dex
  • DaemonClient.zip
    .apk android
  • Kp.apk
    .apk android

    com.keypacker.kp

    com.e4a.runtime.android.mainActivity


  • TinyCnnModel
  • libgoldcoast.so
    .elf linux aarch64
  • litepal.xml
    .xml
  • script.atc
    .zip
  • script.info
  • script.lc
  • script.prop
  • script.uip
  • update.ini