General
-
Target
6a72d4daa04a7634ee621ae13033dff4e2c00ef582034467d57688ccfab96f3f.apk.zip
-
Size
1.6MB
-
MD5
960618a7ae764ae8724f4c38aef9c3f2
-
SHA1
910244cbce7465f4b42a74a2daadfeafa330c4d3
-
SHA256
72d2f6f58f2aed9f7a655e7952a0bcba0d55c2cdb721079068adf55eb0e915a8
-
SHA512
8f59dab8c7881fb44316d2963349741eb49f81f7a8a7b1dc765a63f0ff5804dc1848c670a3347939e91627620bae1b3e100c839e875c0b1443acf4781c15718a
-
SSDEEP
24576:mU5yORdDvV2+T8XD7tRVuKFCdmSN2RZSDmvLKJ+WEDl83nB+LFZ3M1v9Vl:tBTHK7tRIKFCdmw2RZ8mvLKKqB6Sv93
Score
1/10
Malware Config
Signatures
Files
-
6a72d4daa04a7634ee621ae13033dff4e2c00ef582034467d57688ccfab96f3f.apk.zip
Password: infected
-
6a72d4daa04a7634ee621ae13033dff4e2c00ef582034467d57688ccfab96f3f.apk
-
6a72d4daa04a7634ee621ae13033dff4e2c00ef582034467d57688ccfab96f3f.apk
-
.PKGINFO
-
-
etc/logrotate.d/ossec-hids-local
-
etc/ossec-local.conf
-
var/ossec/active-response/bin/cloudflare-ban.sh
-
var/ossec/active-response/bin/disable-account.sh
-
var/ossec/active-response/bin/firewall-drop.sh
-
var/ossec/active-response/bin/firewalld-drop.sh
-
var/ossec/active-response/bin/host-deny.sh
-
var/ossec/active-response/bin/ip-customblock.sh
-
var/ossec/active-response/bin/ipfw.sh
-
var/ossec/active-response/bin/ipfw_mac.sh
-
var/ossec/active-response/bin/nftables-drop.sh
-
var/ossec/active-response/bin/npf.sh
-
var/ossec/active-response/bin/ossec-aws-waf.sh
-
var/ossec/active-response/bin/ossec-pagerduty.sh
-
var/ossec/active-response/bin/ossec-slack.sh
-
var/ossec/active-response/bin/ossec-tweeter.sh
-
var/ossec/active-response/bin/pf.sh
-
var/ossec/active-response/bin/restart-ossec.sh
-
var/ossec/active-response/bin/route-null.sh
-
var/ossec/agentless/main.exp
-
var/ossec/agentless/register_host.sh
-
var/ossec/agentless/ssh.exp
-
var/ossec/agentless/ssh_asa-fwsmconfig_diff
-
var/ossec/agentless/ssh_foundry_diff
-
var/ossec/agentless/ssh_generic_diff
-
var/ossec/agentless/ssh_integrity_check_bsd
-
var/ossec/agentless/ssh_integrity_check_linux
-
var/ossec/agentless/ssh_nopass.exp
-
var/ossec/agentless/ssh_pixconfig_diff
-
var/ossec/agentless/sshlogin.exp
-
var/ossec/agentless/su.exp
-
var/ossec/bin/agent_control
-
var/ossec/bin/clear_stats
-
var/ossec/bin/list_agents
-
var/ossec/bin/manage_agents
-
var/ossec/bin/ossec-agentlessd
-
var/ossec/bin/ossec-analysisd
-
var/ossec/bin/ossec-authd
-
var/ossec/bin/ossec-control
-
var/ossec/bin/ossec-csyslogd
-
var/ossec/bin/ossec-dbd
-
var/ossec/bin/ossec-execd
-
var/ossec/bin/ossec-logcollector
-
var/ossec/bin/ossec-logtest
-
var/ossec/bin/ossec-lua
-
var/ossec/bin/ossec-luac
-
var/ossec/bin/ossec-maild
-
var/ossec/bin/ossec-makelists
-
var/ossec/bin/ossec-monitord
-
var/ossec/bin/ossec-regex
-
var/ossec/bin/ossec-remoted
-
var/ossec/bin/ossec-reportd
-
var/ossec/bin/ossec-syscheckd
-
var/ossec/bin/rootcheck_control
-
var/ossec/bin/syscheck_control
-
var/ossec/bin/syscheck_update
-
var/ossec/bin/util.sh
-
var/ossec/bin/verify-agent-conf
-
var/ossec/etc/decoder.xml
-
var/ossec/etc/internal_options.conf
-
var/ossec/etc/local_internal_options.conf
-
var/ossec/etc/ossec-init.conf
-
var/ossec/etc/ossec.conf
-
var/ossec/etc/shared/acsc_office2016_rcl.txt
-
var/ossec/etc/shared/cis_apache2224_rcl.txt
-
var/ossec/etc/shared/cis_debian_linux_rcl.txt
-
var/ossec/etc/shared/cis_debianlinux7-8_L1_rcl.txt
-
var/ossec/etc/shared/cis_debianlinux7-8_L2_rcl.txt
-
var/ossec/etc/shared/cis_mysql5-6_community_rcl.txt
-
var/ossec/etc/shared/cis_mysql5-6_enterprise_rcl.txt
-
var/ossec/etc/shared/cis_rhel5_linux_rcl.txt
-
var/ossec/etc/shared/cis_rhel6_linux_rcl.txt
-
var/ossec/etc/shared/cis_rhel7_linux_rcl.txt
-
var/ossec/etc/shared/cis_rhel_linux_rcl.txt
-
var/ossec/etc/shared/cis_sles11_linux_rcl.txt
-
var/ossec/etc/shared/cis_sles12_linux_rcl.txt
-
var/ossec/etc/shared/cis_solaris11_rcl.txt
-
var/ossec/etc/shared/cis_win10_enterprise_L1_rcl.txt
-
var/ossec/etc/shared/cis_win10_enterprise_L2_rcl.txt
-
var/ossec/etc/shared/cis_win2012r2_domainL1_rcl.txt
-
var/ossec/etc/shared/cis_win2012r2_domainL2_rcl.txt
-
var/ossec/etc/shared/cis_win2012r2_memberL1_rcl.txt
-
var/ossec/etc/shared/cis_win2012r2_memberL2_rcl.txt
-
var/ossec/etc/shared/cis_win2016_domainL1_rcl.txt
-
var/ossec/etc/shared/cis_win2016_domainL2_rcl.txt
-
var/ossec/etc/shared/cis_win2016_memberL1_rcl.txt
-
var/ossec/etc/shared/cis_win2016_memberL2_rcl.txt
-
var/ossec/etc/shared/rootkit_files.txt
-
var/ossec/etc/shared/rootkit_trojans.txt
-
var/ossec/etc/shared/system_audit_pw.txt
-
var/ossec/etc/shared/system_audit_rcl.txt
-
var/ossec/etc/shared/system_audit_ssh.txt
-
var/ossec/etc/shared/win_applications_rcl.txt
-
var/ossec/etc/shared/win_audit_rcl.txt
-
var/ossec/etc/shared/win_malware_rcl.txt
-
var/ossec/rules/apache_rules.xml
-
var/ossec/rules/apparmor_rules.xml
-
var/ossec/rules/arpwatch_rules.xml
-
var/ossec/rules/asterisk_rules.xml
-
var/ossec/rules/attack_rules.xml
-
var/ossec/rules/cimserver_rules.xml
-
var/ossec/rules/cisco-ios_rules.xml
-
var/ossec/rules/clam_av_rules.xml
-
var/ossec/rules/courier_rules.xml
-
var/ossec/rules/dnsmasq_rules.xml
-
var/ossec/rules/dovecot_rules.xml
-
var/ossec/rules/dropbear_rules.xml
-
var/ossec/rules/exim_rules.xml
-
var/ossec/rules/firewall_rules.xml
-
var/ossec/rules/firewalld_rules.xml
-
var/ossec/rules/ftpd_rules.xml
-
var/ossec/rules/hordeimp_rules.xml
-
var/ossec/rules/ids_rules.xml
-
var/ossec/rules/imapd_rules.xml
-
var/ossec/rules/kesl_rules.xml
-
var/ossec/rules/last_rootlogin_rules.xml
-
var/ossec/rules/lighttpd_rules.xml
-
var/ossec/rules/linux_usbdetect_rules.xml
-
var/ossec/rules/local_rules.xml
-
var/ossec/rules/mailscanner_rules.xml
-
var/ossec/rules/mcafee_av_rules.xml
-
var/ossec/rules/mhn_cowrie_rules.xml
-
var/ossec/rules/mhn_dionaea_rules.xml
-
var/ossec/rules/ms-exchange_rules.xml
-
var/ossec/rules/ms-se_rules.xml
-
var/ossec/rules/ms1016_usbdetect_rules.xml
-
var/ossec/rules/ms_dhcp_rules.xml
-
var/ossec/rules/ms_firewall_rules.xml
-
var/ossec/rules/ms_ftpd_rules.xml
-
var/ossec/rules/ms_ipsec_rules.xml
-
var/ossec/rules/ms_powershell_rules.xml
-
var/ossec/rules/msauth_rules.xml
-
var/ossec/rules/mysql_rules.xml
-
var/ossec/rules/named_rules.xml
-
var/ossec/rules/netscreenfw_rules.xml
-
var/ossec/rules/nginx_rules.xml
-
var/ossec/rules/nsd_rules.xml
-
var/ossec/rules/openbsd-dhcpd_rules.xml
-
var/ossec/rules/openbsd_rules.xml
-
var/ossec/rules/opensmtpd_rules.xml
-
var/ossec/rules/ossec_rules.xml
-
var/ossec/rules/owncloud_rules.xml
-
var/ossec/rules/pam_rules.xml
-
var/ossec/rules/php_rules.xml
-
var/ossec/rules/pix_rules.xml
-
var/ossec/rules/policy_rules.xml
-
var/ossec/rules/postfix_rules.xml
-
var/ossec/rules/postgresql_rules.xml
-
var/ossec/rules/proftpd_rules.xml
-
var/ossec/rules/proxmox-ve_rules.xml
-
var/ossec/rules/psad_rules.xml
-
var/ossec/rules/pure-ftpd_rules.xml
-
var/ossec/rules/racoon_rules.xml
-
var/ossec/rules/roundcube_rules.xml
-
var/ossec/rules/rules_config.xml
-
var/ossec/rules/sendmail_rules.xml
-
var/ossec/rules/smbd_rules.xml
-
var/ossec/rules/solaris_bsm_rules.xml
-
var/ossec/rules/sonicwall_rules.xml
-
var/ossec/rules/spamd_rules.xml
-
var/ossec/rules/squid_rules.xml
-
var/ossec/rules/sshd_rules.xml
-
var/ossec/rules/symantec-av_rules.xml
-
var/ossec/rules/symantec-ws_rules.xml
-
var/ossec/rules/syslog_rules.xml
-
var/ossec/rules/sysmon_rules.xml
-
var/ossec/rules/systemd_rules.xml
-
var/ossec/rules/telnetd_rules.xml
-
var/ossec/rules/topleveldomain_rules.xml
-
var/ossec/rules/trend-osce_rules.xml
-
var/ossec/rules/unbound_rules.xml
-
var/ossec/rules/vmpop3d_rules.xml
-
var/ossec/rules/vmware_rules.xml
-
var/ossec/rules/vpn_concentrator_rules.xml
-
var/ossec/rules/vpopmail_rules.xml
-
var/ossec/rules/vsftpd_rules.xml
-
var/ossec/rules/web_appsec_rules.xml
-
var/ossec/rules/web_rules.xml
-
var/ossec/rules/wordpress_rules.xml
-
var/ossec/rules/zeus_rules.xml