General
-
Target
ec153262da2439c9c7f3d5bccba7b69d4dd365351650a9fbf5a8187a24ea9b36.apk.zip
-
Size
636KB
-
MD5
89af55e3ce746e8c6ecf10d1c4ff2a84
-
SHA1
3a03a460aa8c3bcd6fff713f3af4d6fbe5061719
-
SHA256
0eaa8c5f4d52362ac082781621d0ae4a2e8573241fe46ef1aeb84a7e06926b09
-
SHA512
d83692499b8e0676c0596baa8407c2a6e27fa1dc77df63f7255782aaa921a5ab1b2b2faea876e9746fd9c94b55b88e4881e3d9970734c6ee366608da085343b8
-
SSDEEP
12288:9/7OPe/E0db3g4eolcdL4ERC4Goiz/ejdbUt9UVQUalDtgOnfs:17OPe/EGLTk1RVDM2Q/3lDtgOfs
Score
1/10
Malware Config
Signatures
Files
-
ec153262da2439c9c7f3d5bccba7b69d4dd365351650a9fbf5a8187a24ea9b36.apk.zip
Password: infected
-
ec153262da2439c9c7f3d5bccba7b69d4dd365351650a9fbf5a8187a24ea9b36.apk
-
ec153262da2439c9c7f3d5bccba7b69d4dd365351650a9fbf5a8187a24ea9b36.apk
-
.PKGINFO
-
-
etc/logrotate.d/ossec-hids-agent
-
etc/ossec-agent.conf
-
var/ossec/active-response/bin/cloudflare-ban.sh
-
var/ossec/active-response/bin/disable-account.sh
-
var/ossec/active-response/bin/firewall-drop.sh
-
var/ossec/active-response/bin/firewalld-drop.sh
-
var/ossec/active-response/bin/host-deny.sh
-
var/ossec/active-response/bin/ip-customblock.sh
-
var/ossec/active-response/bin/ipfw.sh
-
var/ossec/active-response/bin/ipfw_mac.sh
-
var/ossec/active-response/bin/nftables-drop.sh
-
var/ossec/active-response/bin/npf.sh
-
var/ossec/active-response/bin/ossec-aws-waf.sh
-
var/ossec/active-response/bin/ossec-pagerduty.sh
-
var/ossec/active-response/bin/ossec-slack.sh
-
var/ossec/active-response/bin/ossec-tweeter.sh
-
var/ossec/active-response/bin/pf.sh
-
var/ossec/active-response/bin/restart-ossec.sh
-
var/ossec/active-response/bin/route-null.sh
-
var/ossec/agentless/main.exp
-
var/ossec/agentless/register_host.sh
-
var/ossec/agentless/ssh.exp
-
var/ossec/agentless/ssh_asa-fwsmconfig_diff
-
var/ossec/agentless/ssh_foundry_diff
-
var/ossec/agentless/ssh_generic_diff
-
var/ossec/agentless/ssh_integrity_check_bsd
-
var/ossec/agentless/ssh_integrity_check_linux
-
var/ossec/agentless/ssh_nopass.exp
-
var/ossec/agentless/ssh_pixconfig_diff
-
var/ossec/agentless/sshlogin.exp
-
var/ossec/agentless/su.exp
-
var/ossec/bin/agent-auth
-
var/ossec/bin/manage_agents
-
var/ossec/bin/ossec-agentd
-
var/ossec/bin/ossec-control
-
var/ossec/bin/ossec-execd
-
var/ossec/bin/ossec-logcollector
-
var/ossec/bin/ossec-lua
-
var/ossec/bin/ossec-luac
-
var/ossec/bin/ossec-syscheckd
-
var/ossec/bin/util.sh
-
var/ossec/etc/internal_options.conf
-
var/ossec/etc/local_internal_options.conf
-
var/ossec/etc/ossec-init.conf
-
var/ossec/etc/ossec.conf
-
var/ossec/etc/shared/acsc_office2016_rcl.txt
-
var/ossec/etc/shared/cis_apache2224_rcl.txt
-
var/ossec/etc/shared/cis_debian_linux_rcl.txt
-
var/ossec/etc/shared/cis_debianlinux7-8_L1_rcl.txt
-
var/ossec/etc/shared/cis_debianlinux7-8_L2_rcl.txt
-
var/ossec/etc/shared/cis_mysql5-6_community_rcl.txt
-
var/ossec/etc/shared/cis_mysql5-6_enterprise_rcl.txt
-
var/ossec/etc/shared/cis_rhel5_linux_rcl.txt
-
var/ossec/etc/shared/cis_rhel6_linux_rcl.txt
-
var/ossec/etc/shared/cis_rhel7_linux_rcl.txt
-
var/ossec/etc/shared/cis_rhel_linux_rcl.txt
-
var/ossec/etc/shared/cis_sles11_linux_rcl.txt
-
var/ossec/etc/shared/cis_sles12_linux_rcl.txt
-
var/ossec/etc/shared/cis_solaris11_rcl.txt
-
var/ossec/etc/shared/cis_win10_enterprise_L1_rcl.txt
-
var/ossec/etc/shared/cis_win10_enterprise_L2_rcl.txt
-
var/ossec/etc/shared/cis_win2012r2_domainL1_rcl.txt
-
var/ossec/etc/shared/cis_win2012r2_domainL2_rcl.txt
-
var/ossec/etc/shared/cis_win2012r2_memberL1_rcl.txt
-
var/ossec/etc/shared/cis_win2012r2_memberL2_rcl.txt
-
var/ossec/etc/shared/cis_win2016_domainL1_rcl.txt
-
var/ossec/etc/shared/cis_win2016_domainL2_rcl.txt
-
var/ossec/etc/shared/cis_win2016_memberL1_rcl.txt
-
var/ossec/etc/shared/cis_win2016_memberL2_rcl.txt
-
var/ossec/etc/shared/rootkit_files.txt
-
var/ossec/etc/shared/rootkit_trojans.txt
-
var/ossec/etc/shared/system_audit_pw.txt
-
var/ossec/etc/shared/system_audit_rcl.txt
-
var/ossec/etc/shared/system_audit_ssh.txt
-
var/ossec/etc/shared/win_applications_rcl.txt
-
var/ossec/etc/shared/win_audit_rcl.txt
-
var/ossec/etc/shared/win_malware_rcl.txt