ddf22806753b4f417208b24548588b6c51ef6d60ad11b354e851b22a80a56705[.]apk[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

ddf22806753b4f417208b24548588b6c51ef6d60ad11b354e851b22a80a56705.apk.zip
Size

33.0MB
MD5

a0ce55c9ac7754ffd23e4cbd7caacf63
SHA1

7546fd9ae8bc39121ba8eefc147f76f915fb6e83
SHA256

74601890114611e347149e7f846b6a950a0b9e04ed35e31c3d1627e7a5fdc8b4
SHA512

5f9014b59439c788918570b27eef36c07bbe9deb2163e2a748121c045437a1a453d494f8c66bd368a6d770e9497048592d6e42a5f910bb8a5b340e0daabfa020
SSDEEP

786432:fXDFVQPn7kuvt8ViyaQ2izjhqg3qPCmJuKZOgwWb9aKIIoJRJ:5VK7HMidDizkuqqmGCbQIkJ

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 7 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Required to be able to access the camera device.	android.permission.CAMERA
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE

Files

ddf22806753b4f417208b24548588b6c51ef6d60ad11b354e851b22a80a56705.apk.zip
.zip

Password: infected
ddf22806753b4f417208b24548588b6c51ef6d60ad11b354e851b22a80a56705.apk
.apk android arch:mips64 arch:x86 arch:arm arch:mips arch:x64 arch:arm64

com.estrongs.android.pop

com.estrongs.android.pop.app.openscreenad.NewSplashActivity

Activities

com.estrongs.android.pop.view.FileExplorerActivity

android.intent.action.VIEW
com.estrongs.android.pop.action.ACTION_VIEW_FOLDER
org.openintents.action.VIEW_DIRECTORY
com.estrongs.android.SHOW_DISK_USAGE

com.estrongs.android.pop.app.OpenRecommActivityAlias

com.estrongs.android.pop.action.OPEN_CHOOSER

com.estrongs.android.pop.app.compress.CompressionActivity

android.intent.action.VIEW

com.estrongs.android.pop.app.ESFileSharingActivity

android.intent.action.VIEW
android.intent.action.SEND
android.intent.action.SEND_MULTIPLE

com.estrongs.android.pop.app.SaveToESActivity

android.intent.action.VIEW
android.intent.action.SEND
android.intent.action.SEND_MULTIPLE

com.estrongs.android.pop.app.LocalFileSharingActivity

android.intent.action.VIEW

com.estrongs.android.pop.app.PopVideoPlayer

android.intent.action.VIEW
android.intent.action.VIEW

com.estrongs.android.pop.app.AudioPlayerProxyActivity

android.intent.action.VIEW
android.intent.action.VIEW

com.estrongs.android.pop.app.editor.PopNoteEditor

android.intent.action.VIEW
android.intent.action.EDIT
android.intent.action.SEND
android.intent.action.SEARCH
com.googlecode.android_scripting.action.EDIT_SCRIPT

com.estrongs.android.pop.app.FileChooserActivity

com.estrongs.action.PICK_FILE
com.estrongs.action.PLUGIN_PICK_FILE
com.estrongs.action.PICK_FILE
com.estrongs.action.PLUGIN_PICK_FILE
com.estrongs.action.PICK_DIRECTORY
com.estrongs.action.PLUGIN_PICK_DIRECTORY
com.estrongs.action.PICK_DIRECTORY
com.estrongs.action.PLUGIN_PICK_DIRECTORY
android.intent.action.CREATE_SHORTCUT

com.estrongs.android.pop.app.ESContentChooserActivity

android.intent.action.GET_CONTENT

com.estrongs.android.pop.app.ESRingtoneChooserActivity

android.intent.action.RINGTONE_PICKER

com.estrongs.android.pop.app.ESWallPaperChooserActivity

android.intent.action.SET_WALLPAPER

com.estrongs.android.pop.app.BrowserDownloaderActivity

android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

com.estrongs.android.pop.app.PopRemoteImageBrowser

android.intent.action.VIEW

com.estrongs.android.pop.app.AdbControllerActivity

com.estrongs.android.pop.app.AdbControllerActivity

com.estrongs.android.pop.app.UsbMonitorActivity

android.hardware.usb.action.USB_DEVICE_ATTACHED
android.hardware.usb.action.USB_DEVICE_DETACHED

com.estrongs.android.pop.app.TransitActivity

com.estrongs.android.SHOW_DISK_USAGE
com.estrongs.android.SHOW_APP_MGR
com.estrongs.android.SHOW_SDCARD
com.estrongs.android.SHOW_MUSIC_PLAYER

com.estrongs.android.pop.app.filetransfer.FileTransferSendActivity

android.intent.action.SEND
android.intent.action.SEND_MULTIPLE

com.estrongs.android.pop.app.openscreenad.NewSplashActivity

android.intent.action.MAIN

com.estrongs.android.pop.app.FileSaveToActivity

com.estrongs.action.SAVE_TO_FILE

com.estrongs.android.pop.app.videoeditor.VideoEditProxyActivity

android.intent.action.VIEW

com.estrongs.android.pop.app.premium.newui.ChinaMemberActivity

com.estrongs.action.EDITOR_GO_VIP_PAGE

com.estrongs.android.pop.app.transferstation.FileTransferStationActivity

android.intent.action.VIEW

com.kwad.sdk.api.proxy.app.BaseFragmentActivity$RequestInstallPermissionActivity

intent.action.requestInstallPermission

Permissions

android.permission.KILL_BACKGROUND_PROCESSES
android.permission.WRITE_SETTINGS
android.permission.CHANGE_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.INTERNET
android.permission.SET_WALLPAPER
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WRITE_MEDIA_STORAGE
android.permission.WAKE_LOCK
android.permission.ACCESS_SUPERUSER
android.permission.VIBRATE
.PERMISSION
android.permission.CHANGE_WIFI_MULTICAST_STATE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.GET_TASKS
android.permission.GET_TASKS
android.permission.WAKE_LOCK
android.permission.RECEIVE_BOOT_COMPLETED
com.google.android.c2dm.permission.RECEIVE
com.estrongs.android.pop.permission.C2D_MESSAGE
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.GET_PACKAGE_SIZE
android.permission.CLEAR_APP_CACHE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_PHONE_STATE
android.permission.CAMERA
android.permission.MANAGE_DOCUMENTS
android.permission.GET_ACCOUNTS
android.permission.READ_EXTERNAL_STORAGE
android.permission.QUERY_ALL_PACKAGES
android.permission.REORDER_TASKS
com.estrongs.android.pop.openadsdk.permission.TT_PANGOLIN
com.asus.msa.SupplementaryDID.ACCESS
android.permission.FOREGROUND_SERVICE
android.permission.USE_FULL_SCREEN_INTENT
qiku.permission.HIDE_NOTIFICATION
freemme.permission.msa
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
com.huawei.appmarket.service.commondata.permission.GET_COMMON_DATA

Receivers

com.estrongs.android.pop.app.AudioPlayerService$MediaButtonReceiver

android.intent.action.MEDIA_BUTTON

com.estrongs.android.pop.app.CampaignReceiver

com.android.vending.INSTALL_REFERRER

com.estrongs.android.pop.EnableOEMConfig

android.intent.action.MEDIA_MOUNTED
android.intent.action.MEDIA_UNMOUNTED
android.intent.action.MEDIA_BAD_REMOVAL

com.estrongs.android.pop.app.InstallMonitorReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED

com.estrongs.android.pop.app.StartServiceReceiver

android.intent.action.USER_PRESENT
android.intent.action.ACTION_POWER_CONNECTED
com.estrongs.action.PERFNOTIFY
android.intent.action.MEDIA_MOUNTED

com.estrongs.android.pop.app.analysis.AnalysisNotificationDeletedReceiver

com.estrongs.analysis.action.NOTIFICATION_REMOVED

com.estrongs.android.pop.app.ReportAliveReceiver

android.intent.action.ACTION_POWER_CONNECTED

com.android.apps.pros.LocalCReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
android.intent.action.USER_PRESENT

com.duapps.ad.stats.CallbackReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
android.intent.action.USER_PRESENT

com.anyun.immo.nutral_creeps.AncientJungleCreep

com.anyun.immo.ACTION_THE_STARTER

com.fighter.extendfunction.notification.ReaperNotifyAlarmReceiver

reaper.action.STATUS_BAR_NOTIFICATION
reaper.action.FLOAT_WINDOW

com.kuaishou.weapon.p0.receiver.WeaponRECE

com.kuaishou.action.WEAPON.VIEW

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

android.net.conn.CONNECTIVITY_CHANGE

androidx.work.impl.background.systemalarm.RescheduleReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.background.systemalarm.UpdateProxies

Services

com.estrongs.android.pop.bt.OBEXFtpServerService

android.intent.action.START_OBEX_FTP_SERVER

com.ss.android.socialbase.downloader.downloader.IndependentProcessDownloadService

com.ss.android.socialbase.downloader.remote

com.qihoo360.qos.QosService

com.qihoo360.qos.QosService
1AA41F66-7334-4D6F-A32E-556FB9CBAD04.png
.png
20210DBC-DAC9-4E1D-B4F4-8093E6694832.png
.png
29238c185da15aa4c48a3428aa9fc10f
.apk android arch:arm64 arch:arm

com.byted.pangle

com.bytedance.sdk.openadsdk.core.activity.base.TTWebPageActivity

Activities

Permissions

android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.ACCESS_WIFI_STATE
com.asus.msa.SupplementaryDID.ACCESS

Receivers

Services
dynamic_default.json
tt_mime_type.pro
tt_na.czl
tt_nd
.elf linux x86
33D66DD8-80C4-45ED-8106-EA337D0CFFC1.png
.png
38339A30-8557-47EE-A749-C2FD3E37BDDD.png
.png
39285EFA.dex
4AAC0938-2ECE-4E25-80B8-12336281F891.png
.png
50742804-6B81-44BE-9E47-44DC5605E0ED.png
.png
686BBFE5-9185-4F45-A939-DD1F5242E48A.png
.png
722375B0-33F4-4A7B-A36F-59FB8420F25E.png
.png
76AB821A-BFFB-432C-974A-5EE69BE9D92C.png
.png
83E562C0-8C24-4628-B848-B7C14487D357.png
.png
8BD9ABF8-273C-4AF5-97DC-D3637B9E3BDB.png
.png
93AC0BA8-5492-4826-A667-99C7469871E6.png
.png
C17E3DE9-3616-4442-9BBD-E7D199867650.png
.png
ace.js
.js
adjunk.txt
animation.css
app_config.js
.js
app_permissions_cn.txt
app_permissions_en.txt
app_permissions_zh-Hant.txt
app_whitelist.txt
au_becs_bsb.json
bdxadsdk.jar
.apk android
bridge.js
.js
c_cpp.js
csharp.js
css.js
data.json
device_icon.png
.png
din151.ttf
dom.js
.js
ds-amex.pem
ds-discover.cer
ds-mastercard.crt
ds-test-ec.txt
ds-test-rsa.txt
ds-visa.crt
editor.html
.html .js
editor.js
.js
es5-shim.js
.js
es_privacy_content.html
.html
es_privacy_content_en.html
.html
es_privacy_content_zh.html
.html
event.js
.js
event_emitter.js
.js
event_emitter_test.js
.js
ext-beautify.js
.js
ext-elastic_tabstops_lite.js
.js
ext-emmet.js
.js
ext-error_marker.js
.js
ext-keybinding_menu.js
.js
ext-language_tools.js
.js
ext-linking.js
.js
ext-modelist.js
.js
ext-old_ie.js
.js
ext-searchbox.js
.js
ext-settings_menu.js
.js
ext-spellcheck.js
.js
ext-split.js
.js
ext-static_highlight.js
.js
ext-statusbar.js
.js
ext-textarea.js
.js
ext-themelist.js
.js
ext-whitespace.js
.js
fixoldbrowsers.js
.js .vbs
folder_app.zip
.zip
fontello-codes.css
fontello-embedded.css
fontello-ie7-codes.css
fontello-ie7.css
fontello.css
fontello.eot
fontello.svg
.xml
fontello.ttf
fontello.woff
fontello.woff2
gdtadv2.jar
.apk android arch:arm64 arch:arm
golang.js
groovy.js
grs_sdk_server_config.json
grs_sp.bks
haxe.js
hianalytics_njjn
html.js
html_elixir.js
html_ruby.js
img_0.png
.png
img_1.png
.png
img_10.png
.png
img_11.png
.png
img_2.png
.png
img_3.png
.png
img_4.png
.png
img_5.png
.png
img_6.png
.png
img_7.png
.png
img_8.png
.png
img_9.png
.png
ini.js
java.js
.js
javascript.js
.js
json.js
jsp.js
.js .vbs
keybinding-emacs.js
.js
keybinding-vim.js
.js
keys.js
.js
kotlin.js
ksad_common_encrypt_image.png
.png
lang.js
.js
makefile.js
markdown.js
media_store_monitor_paths.txt
mode-applescript.js
.js
mode-c_cpp.js
.js
mode-csharp.js
.js
mode-css.js
.js
mode-golang.js
.js
mode-groovy.js
.js
mode-haxe.js
.js
mode-html.js
.js
mode-html_elixir.js
.js
mode-html_ruby.js
.js
mode-ini.js
.js
mode-java.js
.js
mode-javascript.js
.js
mode-json.js
.js
mode-jsp.js
.js
mode-kotlin.js
.js
mode-makefile.js
.js
mode-markdown.js
.js
mode-mysql.js
.js
mode-objectivec.js
.js
mode-pascal.js
.js
mode-perl.js
.js
mode-php.js
.js
mode-python.js
.js
mode-ruby.js
.js
mode-shellscript.js
.js
mode-smali.js
.js
mode-sql.js
.js
mode-svg.js
.js
mode-swift.js
.js
mode-text.js
mode-vbscript.js
.js
mode-xml.js
.js
mysql.js
net.js
.js
objectivec.js
oop.js
.js
pascal.js
perl.js
php.js
.js .ps1
python.js
reaper_lottie_banner_w300_h200.json
reaper_lottie_splash_jiantou.json
reaper_lottie_splash_jiantou12.json
reaper_lottie_splash_jiantou15.json
reaper_lottie_splash_sanjiaoxing.json
reaper_lottie_splash_sanjiaoxing12.json
reaper_lottie_splash_sanjiaoxing15.json
reaper_lottie_splash_shouzhi.json
reaper_lottie_splash_shouzhi12.json
reaper_lottie_splash_shouzhi15.json
regexp.js
.js
ruby.js
scrollbar_handle_accelerated.png
.png
search_engines_property.json
search_float_property.json
search_hotwords_property.json
shellscript.js
smali.js
sql.js
supplierconfig.json
svg.js
swift.js
template.docx
.docx office2007
template.pptx
.pptx office2007
template.xlsx
.xlsx office2007
text.js
text_select_handle_left.png
.png
text_select_handle_middle.png
.png
text_select_handle_right.png
.png
theme-chrome.js
.js
theme-github.js
.js
theme-tomorrow_night.js
.js
theme-xcode.js
.js
updatesdkcas.bks
useragent.js
.js
vbscript.js
worker-json.js
.js
xml.js
zlsioh.dat
zt_7e46b28a-8c93-4940-8238-4c60e64e3c81.png
.png
zt_92827f75-21cd-4faa-9aa5-74191b262edd.png
.png

Sharing

General

Malware Config

Signatures

Files

Password: infected

com.estrongs.android.pop

com.estrongs.android.pop.app.openscreenad.NewSplashActivity

Activities

com.estrongs.android.pop.view.FileExplorerActivity

com.estrongs.android.pop.app.OpenRecommActivityAlias

com.estrongs.android.pop.app.compress.CompressionActivity

com.estrongs.android.pop.app.ESFileSharingActivity

com.estrongs.android.pop.app.SaveToESActivity

com.estrongs.android.pop.app.LocalFileSharingActivity

com.estrongs.android.pop.app.PopVideoPlayer

com.estrongs.android.pop.app.AudioPlayerProxyActivity

com.estrongs.android.pop.app.editor.PopNoteEditor

com.estrongs.android.pop.app.FileChooserActivity

com.estrongs.android.pop.app.ESContentChooserActivity

com.estrongs.android.pop.app.ESRingtoneChooserActivity

com.estrongs.android.pop.app.ESWallPaperChooserActivity

com.estrongs.android.pop.app.BrowserDownloaderActivity

com.estrongs.android.pop.app.PopRemoteImageBrowser

com.estrongs.android.pop.app.AdbControllerActivity

com.estrongs.android.pop.app.UsbMonitorActivity

com.estrongs.android.pop.app.TransitActivity

com.estrongs.android.pop.app.filetransfer.FileTransferSendActivity

com.estrongs.android.pop.app.openscreenad.NewSplashActivity

com.estrongs.android.pop.app.FileSaveToActivity

com.estrongs.android.pop.app.videoeditor.VideoEditProxyActivity

com.estrongs.android.pop.app.premium.newui.ChinaMemberActivity

com.estrongs.android.pop.app.transferstation.FileTransferStationActivity

com.kwad.sdk.api.proxy.app.BaseFragmentActivity$RequestInstallPermissionActivity

Permissions

Receivers

com.estrongs.android.pop.app.AudioPlayerService$MediaButtonReceiver

com.estrongs.android.pop.app.CampaignReceiver

com.estrongs.android.pop.EnableOEMConfig

com.estrongs.android.pop.app.InstallMonitorReceiver

com.estrongs.android.pop.app.StartServiceReceiver

com.estrongs.android.pop.app.analysis.AnalysisNotificationDeletedReceiver

com.estrongs.android.pop.app.ReportAliveReceiver

com.android.apps.pros.LocalCReceiver

com.duapps.ad.stats.CallbackReceiver

com.anyun.immo.nutral_creeps.AncientJungleCreep

com.fighter.extendfunction.notification.ReaperNotifyAlarmReceiver

com.kuaishou.weapon.p0.receiver.WeaponRECE

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

androidx.work.impl.background.systemalarm.RescheduleReceiver

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

Services

com.estrongs.android.pop.bt.OBEXFtpServerService

com.ss.android.socialbase.downloader.downloader.IndependentProcessDownloadService

com.qihoo360.qos.QosService

com.byted.pangle

com.bytedance.sdk.openadsdk.core.activity.base.TTWebPageActivity

Activities

Permissions

Receivers

Services