apkprotectlite[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

apkprotectlite.zip
Size

1.7MB
MD5

2341d15329d440fb38244446644e3083
SHA1

dc5230f528dba38d2ecfc6f2651af7f50ec0c0b3
SHA256

d3b460c3f8ecd88d79d64c3c2dcb4bc8290bea90ae485a084da3ea1782a7f2bc
SHA512

d9cd35b08369d8334e1718bc0d596c53f4f04660f4fb3c2604781b25d0aa67367baca4d2012c1df2952306d299e699456627b81fa1e5b8f39a054c18800538d2
SSDEEP

49152:c5NJvwWll7aFuYNHO5xFSxlNlEuhEIKjQsMMbCZ:c5/vll7L1qPKIQQxdZ

Score

4^/10

pdf link

Malware Config

Signatures

HTTP links in PDF interactive object 1 IoCs

Detects HTTP links in interactive objects within PDF files.

pdf link

resource	yara_rule
static1/unpack001/Manual.pdf	pdf_with_link_action

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/apkcrypt.exe
unpack001/libcrypt.dll

Files

apkprotectlite.zip
.zip
Manual.pdf
.pdf
- http://www.apkprotect.com/.
apkcrypt.exe
.exe windows:5 windows x86

1d28a75b21850802052bcc60ca887ace

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GlobalAlloc
SetEndOfFile
CreateFileA
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileW
WriteConsoleW
GetConsoleOutputCP
GlobalLock
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
GlobalUnlock
GlobalReAlloc
GlobalFree
FindResourceExW
LockResource
GetVersionExW
ExitThread
GetFileAttributesW
CreateThread
CloseHandle
GetProcAddress
SetLastError
lstrcmpiW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
InitializeCriticalSection
GetLastError
lstrlenW
GetModuleFileNameW
GetModuleHandleW
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
RaiseException
LCMapStringA
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
SetFilePointer
GetConsoleMode
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
WriteFile
GetConsoleCP
ReadFile
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetModuleHandleA
GetSystemTimeAsFileTime
GetCurrentThreadId
WriteConsoleA
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
HeapDestroy
HeapReAlloc
HeapSize
WideCharToMultiByte
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
GetStartupInfoW
Sleep
ExitProcess
HeapCreate
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentProcessId

user32

DialogBoxParamW
DestroyWindow
SetWindowLongW
CharNextW
SetCursor
DefWindowProcW
PostMessageW
GetSystemMetrics
EndDialog
SendMessageW
SetWindowTextW
GetWindowTextW
GetActiveWindow
LoadCursorW
CallWindowProcW
CopyRect
IsRectEmpty
DrawTextW
SetRect
InvalidateRect
KillTimer
SetTimer
EndPaint
BeginPaint
LoadImageW
GetParent
GetWindow
GetWindowRect
GetWindowLongW
MonitorFromWindow
GetMonitorInfoW
GetClientRect
UnregisterClassA
MapWindowPoints
SetWindowRgn
MessageBoxW
GetDlgItem
SetWindowPos
MoveWindow
GetWindowTextLengthW

gdi32

CreateCompatibleBitmap
SetBkColor
ExtTextOutW
GetTextExtentPoint32W
BitBlt
SelectObject
CreateRectRgn
CreateDIBSection
GetObjectW
ExtCreateRegion
CombineRgn
DeleteObject
CreateFontIndirectW
DeleteDC
CreateRoundRectRgn
SetTextColor
SetBkMode
GetStockObject
CreateCompatibleDC
RestoreDC
SetDIBitsToDevice
SaveDC
GetClipBox
CreateRectRgnIndirect
ExtSelectClipRgn
SetStretchBltMode

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegCreateKeyExW
RegDeleteValueW
RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW

shell32

ShellExecuteW

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

SysStringLen
SysAllocStringByteLen
SysFreeString
SysAllocString
VarUI4FromStr
VariantClear

libcrypt

ord2
ord4
ord5
ord6
ord3
ord1
ord7

comctl32

InitCommonControlsEx

Sections

.text
Size: 333KB - Virtual size: 333KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 522KB - Virtual size: 522KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libcrypt.dll
.dll windows:5 windows x86

f3dfc7a7c2d1c4fe079e872a3f38242b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
InterlockedDecrement
GetFileAttributesA
CreateDirectoryA
GetTempFileNameA
ExpandEnvironmentStringsA
GetModuleFileNameA
OutputDebugStringA
CloseHandle
FlushFileBuffers
WriteFile
CreateFileA
SetFilePointer
ReadFile
GetFileSize
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
CopyFileA
GetCurrentProcess
WaitForSingleObject
CreateProcessA
GetFileType
DuplicateHandle
SystemTimeToFileTime
DosDateTimeToFileTime
GetCurrentDirectoryA
SetFileTime
FileTimeToSystemTime
FileTimeToDosDateTime
GetLocalTime
GetSystemTime
GetFileInformationByHandle
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
GetLastError
SetFileAttributesA
MoveFileExA
RemoveDirectoryA
InterlockedIncrement
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetConsoleMode
GetConsoleCP
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
HeapFree
GetProcessHeap
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
HeapAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
LCMapStringA
LCMapStringW
HeapCreate
HeapDestroy
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
Sleep
ExitProcess
GetStdHandle
SetHandleCount
GetStartupInfoA
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
HeapSize
GetModuleHandleA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
SetStdHandle

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

ole32

CoInitialize
CoUninitialize

oleaut32

VariantClear
VariantChangeType
VariantInit
SysFreeString
SysStringLen
SysStringByteLen
SysAllocStringByteLen
SysAllocString
GetErrorInfo

Sections

.text
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tools/AXMLPrinter.jar
.jar
tools/SignAPK.jar
.jar
tools/baksmali.jar
.jar
tools/platform.pk8
tools/platform.x509.pem
tools/smali.jar
.jar

Sharing

General

Malware Config

Signatures

Files

1d28a75b21850802052bcc60ca887ace

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

libcrypt

comctl32

Sections

.text Size: 333KB - Virtual size: 333KB

.rdata Size: 82KB - Virtual size: 82KB

.data Size: 7KB - Virtual size: 15KB

.rsrc Size: 522KB - Virtual size: 522KB

.reloc Size: 17KB - Virtual size: 16KB

f3dfc7a7c2d1c4fe079e872a3f38242b

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

oleaut32

Sections

.text Size: 153KB - Virtual size: 152KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 6KB - Virtual size: 12KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 333KB - Virtual size: 333KB

.rdata
Size: 82KB - Virtual size: 82KB

.data
Size: 7KB - Virtual size: 15KB

.rsrc
Size: 522KB - Virtual size: 522KB

.reloc
Size: 17KB - Virtual size: 16KB

.text
Size: 153KB - Virtual size: 152KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 6KB - Virtual size: 12KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 10KB - Virtual size: 10KB