General
-
Target
9d46e3e61ad70f0ec7dd461de142d0e06722de02d4116286962a5180c85297b0.apk.zip
-
Size
635KB
-
MD5
b13d146f284ece3a16e1fb10dfb18f8b
-
SHA1
71c07124f0f67bafc8570332190f2ba617d50e8f
-
SHA256
f357d5b7cab79fbd378345a9e826739a3978a3679037d7553dc838d1e8e35d1b
-
SHA512
4f5f30cd64046aa72a2303ef6b5b8338a8b0439d724b28205f7a46c5ff53a0922fdcb0bf65e0e2338ddd1a25f08988ba3d0234fc2d7bb2e05eee59169f45b43f
-
SSDEEP
12288:a/ICOyr6cvGd9MLstkQGxFQRtoCi4MXAiRvKCcfUQE21eCW9JR:W7OyrVGdWQ92FQXMN9KUxR
Score
1/10
Malware Config
Signatures
Files
-
9d46e3e61ad70f0ec7dd461de142d0e06722de02d4116286962a5180c85297b0.apk.zip
Password: infected
-
9d46e3e61ad70f0ec7dd461de142d0e06722de02d4116286962a5180c85297b0.apk
-
9d46e3e61ad70f0ec7dd461de142d0e06722de02d4116286962a5180c85297b0.apk
-
.PKGINFO
-
-
etc/logrotate.d/ossec-hids-agent
-
etc/ossec-agent.conf
-
var/ossec/active-response/bin/cloudflare-ban.sh
-
var/ossec/active-response/bin/disable-account.sh
-
var/ossec/active-response/bin/firewall-drop.sh
-
var/ossec/active-response/bin/firewalld-drop.sh
-
var/ossec/active-response/bin/host-deny.sh
-
var/ossec/active-response/bin/ip-customblock.sh
-
var/ossec/active-response/bin/ipfw.sh
-
var/ossec/active-response/bin/ipfw_mac.sh
-
var/ossec/active-response/bin/npf.sh
-
var/ossec/active-response/bin/ossec-pagerduty.sh
-
var/ossec/active-response/bin/ossec-slack.sh
-
var/ossec/active-response/bin/ossec-tweeter.sh
-
var/ossec/active-response/bin/pf.sh
-
var/ossec/active-response/bin/restart-ossec.sh
-
var/ossec/active-response/bin/route-null.sh
-
var/ossec/agentless/main.exp
-
var/ossec/agentless/register_host.sh
-
var/ossec/agentless/ssh.exp
-
var/ossec/agentless/ssh_asa-fwsmconfig_diff
-
var/ossec/agentless/ssh_foundry_diff
-
var/ossec/agentless/ssh_generic_diff
-
var/ossec/agentless/ssh_integrity_check_bsd
-
var/ossec/agentless/ssh_integrity_check_linux
-
var/ossec/agentless/ssh_nopass.exp
-
var/ossec/agentless/ssh_pixconfig_diff
-
var/ossec/agentless/sshlogin.exp
-
var/ossec/agentless/su.exp
-
var/ossec/bin/agent-auth
-
var/ossec/bin/manage_agents
-
var/ossec/bin/ossec-agentd
-
var/ossec/bin/ossec-control
-
var/ossec/bin/ossec-execd
-
var/ossec/bin/ossec-logcollector
-
var/ossec/bin/ossec-lua
-
var/ossec/bin/ossec-luac
-
var/ossec/bin/ossec-syscheckd
-
var/ossec/bin/util.sh
-
var/ossec/etc/internal_options.conf
-
var/ossec/etc/local_internal_options.conf
-
var/ossec/etc/ossec-init.conf
-
var/ossec/etc/ossec.conf
-
var/ossec/etc/shared/acsc_office2016_rcl.txt
-
var/ossec/etc/shared/cis_apache2224_rcl.txt
-
var/ossec/etc/shared/cis_debian_linux_rcl.txt
-
var/ossec/etc/shared/cis_debianlinux7-8_L1_rcl.txt
-
var/ossec/etc/shared/cis_debianlinux7-8_L2_rcl.txt
-
var/ossec/etc/shared/cis_mysql5-6_community_rcl.txt
-
var/ossec/etc/shared/cis_mysql5-6_enterprise_rcl.txt
-
var/ossec/etc/shared/cis_rhel5_linux_rcl.txt
-
var/ossec/etc/shared/cis_rhel6_linux_rcl.txt
-
var/ossec/etc/shared/cis_rhel7_linux_rcl.txt
-
var/ossec/etc/shared/cis_rhel_linux_rcl.txt
-
var/ossec/etc/shared/cis_sles11_linux_rcl.txt
-
var/ossec/etc/shared/cis_sles12_linux_rcl.txt
-
var/ossec/etc/shared/cis_solaris11_rcl.txt
-
var/ossec/etc/shared/cis_win10_enterprise_L1_rcl.txt
-
var/ossec/etc/shared/cis_win10_enterprise_L2_rcl.txt
-
var/ossec/etc/shared/cis_win2012r2_domainL1_rcl.txt
-
var/ossec/etc/shared/cis_win2012r2_domainL2_rcl.txt
-
var/ossec/etc/shared/cis_win2012r2_memberL1_rcl.txt
-
var/ossec/etc/shared/cis_win2012r2_memberL2_rcl.txt
-
var/ossec/etc/shared/cis_win2016_domainL1_rcl.txt
-
var/ossec/etc/shared/cis_win2016_domainL2_rcl.txt
-
var/ossec/etc/shared/cis_win2016_memberL1_rcl.txt
-
var/ossec/etc/shared/cis_win2016_memberL2_rcl.txt
-
var/ossec/etc/shared/rootkit_files.txt
-
var/ossec/etc/shared/rootkit_trojans.txt
-
var/ossec/etc/shared/system_audit_pw.txt
-
var/ossec/etc/shared/system_audit_rcl.txt
-
var/ossec/etc/shared/system_audit_ssh.txt
-
var/ossec/etc/shared/win_applications_rcl.txt
-
var/ossec/etc/shared/win_audit_rcl.txt
-
var/ossec/etc/shared/win_malware_rcl.txt