bed0e51595b8783b0b15f8723b6582924429c546ae42ed8510c0a50c5562a62e[.]apk[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

bed0e51595b8783b0b15f8723b6582924429c546ae42ed8510c0a50c5562a62e.apk.zip
Size

55.9MB
MD5

37211b42de5cdaba8dba72f6af6c681d
SHA1

2424f8886e5ca70e5e4416caace6ea9932c92a99
SHA256

00ae9262579eb8fb0dae1124490de9bfe7d580844a2c16a0d31b7a7b6ea26878
SHA512

ab5cba1143ff5fb81476200f6495011f5b9ebad8d5f7c6bc4b93bde92e8c7613d6f7c6e6bc6127ad1e536681167ca34fa7bb5327b9d37dd57c9f1b23b5b8e1c4
SSDEEP

786432:aViYoLWp2iuCsG7qcCvwvaOa09zi6WS9GkOlp7Q6rbxDNc2CvqJx9lqJGTV2:4iYcquCsG793a0YcafVXxDN3Jx9AJGZ2

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 6 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION

Files

bed0e51595b8783b0b15f8723b6582924429c546ae42ed8510c0a50c5562a62e.apk.zip
.zip

Password: infected
bed0e51595b8783b0b15f8723b6582924429c546ae42ed8510c0a50c5562a62e.apk
.apk android arch:arm

com.intsig.camscanner

com.intsig.camscanner.launcher.WelcomeDefaultActivity

Activities

com.intsig.camscanner.launcher.WelcomeDefaultActivity

android.intent.action.MAIN
com.intsig.camscanner.Launcher

com.intsig.camscanner.launcher.WelcomePremiumActivity

android.intent.action.MAIN
com.intsig.camscanner.Launcher

com.intsig.camscanner.launcher.WelcomePrestigeActivity

android.intent.action.MAIN
com.intsig.camscanner.Launcher

com.intsig.camscanner.MainMenuActivity

android.intent.action.SEND
android.intent.action.VIEW
MainMenuActivity.intent.folder.shortcut
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

com.intsig.camscanner.CaptureActivity

com.intsig.camscanner.NEW_DOC

com.intsig.camscanner.DocumentActivity

android.intent.action.VIEW
android.intent.action.INSERT

com.intsig.camscanner.ImageScannerActivity

com.intsig.camscanner.NEW_PAGE
com.intsig.camscanner.SCAN_IMAGE_ONECLOUD

com.intsig.camscanner.BillingHelpActivity

com.intsig.camscanner.buyvip

com.intsig.camscanner.onecloud.BoxActionCreateActivity

com.intsig.camscanner.BOX_CREATE

com.intsig.webstorage.googleaccount.RedirectUriReceiverActivity

android.intent.action.VIEW

com.intsig.tsapp.LoginActivity

com.intsig.camscanner.RELOGIN
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

com.intsig.camscanner.SonyCaptureActivity

com.sonymobile.camera.addon.action.REGISTER_MODE

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

com.intsig.camscanner.FeedbackActivity

com.intsig.camscanner.ACTION_FEEDBACK

com.intsig.camscanner.UriRedirectActivity

android.intent.action.VIEW
com.intsig.camscanner.ACTION_REGISTER
com.intsig.camscanner.ACTION_LOGIN

com.intsig.webview.WebUrlRedirectActivity

android.intent.action.VIEW

com.intsig.camscanner.openapi.OCROpenApiActivity

com.intsig.camscanner.ACTION_OCR

com.intsig.camscanner.openapi.ImageOpenApiActivity

com.intsig.camscanner.ACTION_SCAN_BACKGROUD

com.intsig.camscanner.DocumentShortCutActivity

android.intent.action.VIEW

com.intsig.purchase.PurchaseTypeActivity

android.intent.action.VIEW

com.dropbox.core.android.AuthActivity

android.intent.action.VIEW

Permissions

android.permission.ACCESS_WIFI_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.CAMERA
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.READ_PHONE_STATE
com.android.launcher.permission.INSTALL_SHORTCUT
com.intsig.camscanner.Account
com.sonymobile.permission.CAMERA_ADDON
com.intsig.camscanner.permission.C2D_MESSAGE
com.google.android.c2dm.permission.RECEIVE
com.android.vending.BILLING
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.CHANGE_NETWORK_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
com.sony.mobile.permission.SYSTEM_UI_VISIBILITY_EXTENSION
android.permission.VIBRATE
android.permission.FLASHLIGHT
android.permission.MOUNT_UNMOUNT_FILESYSTEMS

Receivers

com.intsig.camscanner.onecloud.BoxActionReceiver

com.box.android.EDIT_FILE
com.box.android.CREATE_FILE
com.box.android.VIEW_FILE
com.box.android.LAUNCH
com.android.vending.INSTALL_REFERRER

com.intsig.gcm.GCMBroadcastReceiver

com.google.android.c2dm.intent.RECEIVE
com.google.android.c2dm.intent.REGISTRATION

com.intsig.camscanner.shortcut.CaptureWidgetProvider

android.appwidget.action.APPWIDGET_UPDATE

com.appsflyer.SingleInstallBroadcastReceiver

com.android.vending.INSTALL_REFERRER

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

com.facebook.sdk.ACTION_CURRENT_ACCESS_TOKEN_CHANGED

com.microsoft.aad.adal.ApplicationReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_INSTALL

Services
arrow_down.png
.png
arrow_up.png
.png
bill_guide_zh.jpg
.jpg
capture_guide.jpg
.jpg
capture_guide_zh.jpg
.jpg
certificate_guide_zh.jpg
.jpg
com.tencent.open.config.json
common.css
crashlytics-build.properties
csice.dat
index_ar.html
.js
index_br.html
.html .js
index_de.html
.js
index_en.html
.js
index_es.html
.js
index_fr.html
.js
index_it.html
.js
index_ja.html
.js
index_ko.html
.js
index_pl.html
.js
index_pt.html
.js
index_ru.html
.js
index_tr.html
.js
index_tw.html
.js
index_zh.html
.js
iu.base.js
.js
jquery.min.js
.js
libwbsafeedit
.elf linux arm
libwbsafeedit_64
.elf linux aarch64
libwbsafeedit_x86
.elf linux x86
libwbsafeedit_x86_64
.elf linux x64
mobile.common.css
premium.feature.css
premium_10G.png
.png
premium_10G_hl.png
.png
premium_assist.png
.png
premium_assist_hl.png
.png
premium_combine.png
.png
premium_combine_hl.png
.png
premium_link.png
.png
premium_link_hl.png
.png
premium_ocr.png
.png
premium_ocr_hl.png
.png
premium_pay.png
.png
premium_pay_hl.png
.png
premium_pdf.png
.png
premium_pdf_hl.png
.png
premium_sign.png
.png
premium_sign_hl.png
.png
premium_strongbox.png
.png
premium_strongbox_hl.png
.png
premium_upload.png
.png
premium_upload_hl.png
.png
qr_code.jpg
.jpg

Sharing

General

Malware Config

Signatures

Files

Password: infected

com.intsig.camscanner

com.intsig.camscanner.launcher.WelcomeDefaultActivity

Activities

com.intsig.camscanner.launcher.WelcomeDefaultActivity

com.intsig.camscanner.launcher.WelcomePremiumActivity

com.intsig.camscanner.launcher.WelcomePrestigeActivity

com.intsig.camscanner.MainMenuActivity

com.intsig.camscanner.CaptureActivity

com.intsig.camscanner.DocumentActivity

com.intsig.camscanner.ImageScannerActivity

com.intsig.camscanner.BillingHelpActivity

com.intsig.camscanner.onecloud.BoxActionCreateActivity

com.intsig.webstorage.googleaccount.RedirectUriReceiverActivity

com.intsig.tsapp.LoginActivity

com.intsig.camscanner.SonyCaptureActivity

com.tencent.tauth.AuthActivity

com.intsig.camscanner.FeedbackActivity

com.intsig.camscanner.UriRedirectActivity

com.intsig.webview.WebUrlRedirectActivity

com.intsig.camscanner.openapi.OCROpenApiActivity

com.intsig.camscanner.openapi.ImageOpenApiActivity

com.intsig.camscanner.DocumentShortCutActivity

com.intsig.purchase.PurchaseTypeActivity

com.dropbox.core.android.AuthActivity

Permissions

Receivers

com.intsig.camscanner.onecloud.BoxActionReceiver

com.intsig.gcm.GCMBroadcastReceiver

com.intsig.camscanner.shortcut.CaptureWidgetProvider

com.appsflyer.SingleInstallBroadcastReceiver

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

com.microsoft.aad.adal.ApplicationReceiver

Services