Overview

overview

7

Static

static

7

d564e94904...42.apk

android-9-x86

6

d564e94904...42.apk

android-11-x64

5

__uniappch...ion.js

windows7-x64

1

__uniappch...ion.js

windows10-2004-x64

1

__uniappes6.js

windows7-x64

1

__uniappes6.js

windows10-2004-x64

1

__uniappop...ion.js

windows7-x64

1

__uniappop...ion.js

windows10-2004-x64

1

__uniapppicker.js

windows7-x64

1

__uniapppicker.js

windows10-2004-x64

1

__uniappquill.js

windows7-x64

1

__uniappquill.js

windows10-2004-x64

1

__uniappqu...ize.js

windows7-x64

1

__uniappqu...ize.js

windows10-2004-x64

1

__uniappscan.js

windows7-x64

1

__uniappscan.js

windows10-2004-x64

1

__uniappview.html

windows7-x64

1

__uniappview.html

windows10-2004-x64

1

app-config-service.js

windows7-x64

1

app-config-service.js

windows10-2004-x64

1

app-config.js

windows7-x64

1

app-config.js

windows10-2004-x64

1

app-service.js

windows7-x64

1

app-service.js

windows10-2004-x64

1

app-view.js

windows7-x64

1

app-view.js

windows10-2004-x64

1

dcloud3.js

windows7-x64

1

dcloud3.js

windows10-2004-x64

1

dcloud_error.html

windows7-x64

1

dcloud_error.html

windows10-2004-x64

1

error.html

windows7-x64

1

error.html

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    8ee9ffe2e96311ce7dd4a2ede1b180b4.bin

  • Size

    34.6MB

  • MD5

    76d4b6d7298316d7d3acc58c722e15c0

  • SHA1

    da40d5e5016c6c5bb467e02e3eb1c99bba58d6f8

  • SHA256

    0160d2c37f5a84adc2809f265139a033c6d1646aa9e15fc9f820f01e77f16d0a

  • SHA512

    1fa5c7238d45b0b26947b0b066dcca8995f9b1de4a5878cd559564e0467f8ac201782cab448724761a3c2a424a088a009df6a6be4c4824b4e73875724b2cb49f

  • SSDEEP

    786432:p17xl0eRHmChfDvoJMI/DaBDiFRVxm/ku6kq2G4beAO+yDM:3XpRHm2bvoJMI/2BDeRVxm/E2G4beAOi

Score
7/10

Malware Config

Signatures

  • Requests dangerous framework permissions 9 IoCs

Files

  • 8ee9ffe2e96311ce7dd4a2ede1b180b4.bin
    .zip

    Password: infected

  • d564e94904f5df40e11fc9edbab58a5423cfc298958c7e5410478bcc77c2f742.apk
    .apk android arch:arm64 arch:arm arch:x86 arch:x64

    Password: infected

    com.zero.ztothez

    io.dcloud.PandoraEntry


  • HBuilder.png
    .png
  • __uniappchooselocation.js
    .js
  • __uniapperror.png
    .png
  • __uniappes6.js
    .js
  • __uniappopenlocation.js
    .js
  • __uniapppicker.js
    .js
  • __uniappquill.js
    .js
  • __uniappquillimageresize.js
    .js
  • __uniappscan.js
    .js
  • __uniappsuccess.png
    .png
  • __uniappview.html
    .html .js
  • ad2.jpg
  • ad3.jpg
  • app-config-service.js
    .js
  • app-config.js
    .js
  • app-service.js
    .js
  • app-view.js
    .js
  • arc.png
    .png
  • baseline.prof
  • baseline.profm
  • car.png
    .png
  • dcloud3.dat
    .js
  • dcloud_beep.ogg
  • dcloud_configs.json
  • dcloud_control.xml
    .xml
  • dcloud_error.html
    .html .js
  • dcloud_iconfont.ttf
  • dcloud_prograss_snow1.png
    .png
  • dcloud_properties.xml
  • dcloud_uniplugins.json
  • emptyCart.jpg
  • error.html
    .html
  • h1.png
    .png
  • login.png
    .png
  • logo.png
    .png
  • manifest.json
  • missing-face.png
    .png
  • point.png
    .png
  • select.png
    .png
  • selected.png
    .png
  • supplierconfig.json
  • tab-cart-current.png
    .png
  • tab-cart.png
    .png
  • tab-cate-current.png
    .png
  • tab-cate.png
    .png
  • tab-home-current.png
    .png
  • tab-home.png
    .png
  • tab-mall-current.png
    .png
  • tab-mall.png
    .png
  • tab-my-current.png
    .png
  • tab-my.png
    .png
  • uni-jsframework-dev.js
  • uni-jsframework-vue3-dev.js
  • uni-jsframework-vue3.js
  • uni-jsframework.js
  • uni.webview.1.5.2.js
    .js
  • unincomponents.ttf
  • user-bg.jpg
  • view.css
  • view.umd.min.js
    .js
  • vip-card-bg.png
    .png
  • yticon.ttf
  • zlsioh.dat