272[.]apk | Triage

Sharing

Copy URL Twitter E-mail

General

Target

272.apk
Size

35.2MB
MD5

e25dd18d9a107ad987cc192166a8d840
SHA1

d1f023b8c17820cb7c0f6dcc520c1a0ec27f63ce
SHA256

91f2a2d1b1847f74bdb503fed315d3a1d970fb6c591cfab9adb378a2de887008
SHA512

ee063999f4a2ab48121b4669c50828e6557ce39a841e43ace759f0454c02158adefdfd5746dc0a4ec6b0ee29fdfe1a003b11b95fcfe2eb15e6e865cdce8e981f
SSDEEP

786432:LQ9OK1WXKNYpFLirF2IbBZxvFxXeNcr+1xWcO6teHqlEftMqi4sX9JNwjwZs844J:wiQ1BHXBcPsHqGKjXzC5X4Aub

Score

8^/10

upx

Malware Config

Signatures

Patched UPX-packed file 1 IoCs

Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.

resource	yara_rule
sample	patched_upx

Requests dangerous framework permissions 6 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

272.apk
.apk android arch:arm64 arch:arm

im.ddoohello666.com

com.x52im.rainbowchat.logic.main.SplashActivity

Activities

com.x52im.rainbowchat.logic.main.SplashActivity

android.intent.action.MAIN

com.x52im.rainbowchat.logic.main.MainActivity

im.ddoohello666.com.main

Permissions

android.permission.GET_TASKS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.READ_PRIVILEGED_PHONE_STATE
MediaStore.Images.Media.INTERNAL_CONTENT_URI
MediaStore.Images.Media.EXTERNAL_CONTENT_URI
android.permission.INTERNET
android.permission.CAMERA
android.permission.VIBRATE
android.permission.RESTART_PACKAGES
android.permission.RECORD_AUDIO
com.sonyericsson.permission.CAMERA_EXTENDED
android.permission.WAKE_LOCK
android.permission.FOREGROUND_SERVICE
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.CHANGE_WIFI_STATE
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.FLASHLIGHT

Services

com.blankj.utilcode.util.MessengerUtils$ServerService

im.ddoohello666.com.messenger
12639.png
.png
1263a.png
.png
1f446.png
.png
1f447.png
.png
1f448.png
.png
1f449.png
.png
1f44a.png
.png
1f44b.png
.png
1f44c.png
.png
1f44d.png
.png
1f44e.png
.png
1f479.png
.png
1f47a.png
.png
1f47b.png
.png
1f47d.png
.png
1f47e.png
.png
1f47f.png
.png
1f480.png
.png
1f48b.png
.png
1f48c.png
.png
1f493.png
.png
1f494.png
.png
1f495.png
.png
1f496.png
.png
1f497.png
.png
1f498.png
.png
1f499.png
.png
1f49a.png
.png
1f49b.png
.png
1f49c.png
.png
1f49d.png
.png
1f49e.png
.png
1f49f.png
.png
1f4a2.png
.png
1f4a3.png
.png
1f4a4.png
.png
1f4a5.png
.png
1f4a6.png
.png
1f4a8.png
.png
1f4a9.png
.png
1f4ab.png
.png
1f4ac.png
.png
1f4ad.png
.png
1f4af.png
.png
1f573.png
.png
1f590.png
.png
1f595.png
.png
1f596.png
.png
1f5a4.png
.png
1f5ef.png
.png
1f601.png
.png
1f602.png
.png
1f604.png
.png
1f605.png
.png
1f606.png
.png
1f607.png
.png
1f608.png
.png
1f609.png
.png
1f60a.png
.png
1f60b.png
.png
1f60c.png
.png
1f60d.png
.png
1f60e.png
.png
1f60f.png
.png
1f611.png
.png
1f612.png
.png
1f613.png
.png
1f614.png
.png
1f615.png
.png
1f616.png
.png
1f618.png
.png
1f61a.png
.png
1f61b.png
.png
1f61c.png
.png
1f61d.png
.png
1f61e.png
.png
1f61f.png
.png
1f620.png
.png
1f621.png
.png
1f622.png
.png
1f623.png
.png
1f624.png
.png
1f625.png
.png
1f627.png
.png
1f628.png
.png
1f629.png
.png
1f62a.png
.png
1f62b.png
.png
1f62c.png
.png
1f62d.png
.png
1f62e.png
.png
1f630.png
.png
1f631.png
.png
1f632.png
.png
1f633.png
.png
1f634.png
.png
1f635.png
.png
1f637.png
.png
1f638.png
.png
1f639.png
.png
1f63a.png
.png
1f63b.png
.png
1f63c.png
.png
1f63d.png
.png
1f63e.png
.png
1f63f.png
.png
1f640.png
.png
1f641.png
.png
1f642.png
.png
1f643.png
.png
1f644.png
.png
1f648.png
.png
1f649.png
.png
1f64a.png
.png
1f910.png
.png
1f911.png
.png
1f912.png
.png
1f913.png
.png
1f914.png
.png
1f915.png
.png
1f916.png
.png
1f917.png
.png
1f918.png
.png
1f919.png
.png
1f91a.png
.png
1f91b.png
.png
1f91e.png
.png
1f91f.png
.png
1f920.png
.png
1f921.png
.png
1f922.png
.png
1f923.png
.png
1f924.png
.png
1f925.png
.png
1f927.png
.png
1f928.png
.png
1f929.png
.png
1f92a.png
.png
1f92b.png
.png
1f92c.png
.png
1f92d.png
.png
1f92e.png
.png
1f92f.png
.png
1f970.png
.png
1f973.png
.png
1f974.png
.png
1f975.png
.png
1f976.png
.png
1f97a.png
.png
1f9d0.png
.png
1f9e1.png
.png
261d.png
.png
2620.png
.png
270a.png
.png
270c.png
.png
2763.png
.png
2764.png
.png
3DFly.flb
3DFly.loc
3DFly.tmc
3d_navi_sky_day.data
.png
3d_sky_day.data
.png
3d_sky_night.data
.png
3dlandscape.xml
3dportrait.xml
AZURE.png
.png
BLUE.png
.png
CYAN.png
.png
GNaviConfig.xml
GREEN.png
.png
MAGENTA.png
.png
ORANGE.png
.png
RED.png
.png
ROSE.png
.png
VIOLET.png
.png
YELLOW.png
.png
amap_resource1_0_0.png
.apk android

com.amap.api.map3d
amap_sdk_lineDashTexture_circle.png
.png
amap_sdk_lineDashTexture_square.png
.png
amap_sdk_lineTexture.png
.png
ap.data
.png
ap1.data
.png
arrow_line_inner.png
.png
arrow_line_outer.png
.png
arrow_line_shadow.png
.png
bktile.data
.png
bktile_n.data
.png
boxing.png
.png
building.data
.png
config_1_16_1560339683.data
.gz
config_2_16_1560339691.data
.gz
crossing_day_bk.data
.png
crossing_nigth_bk.data
.png
dash.data
.png
dash_cd.data
.png
dash_tq.data
.png
eagle_eye_day.png
.png
eagle_eye_night.png
.png
embrace.png
.png
face_data.json
face_data_fullbck.json
fog.png
.png
handshake.png
.png
haze.png
.png
hud.png
.png
icons-for_custom_5_14.data
.zip
icons_1_16_1561444603.data
.gz
icons_25_16_1560344307.data
.gz
icons_2_16_1560344131.data
.gz
icons_3_16_1560517561.data
.gz
icons_4_16_1560344142.data
.gz
icons_50_16_1541648499.data
.gz
icons_5_16_1561028345.data
.gz
icons_6_16_1560344646.data
.gz
icons_7_16_1560344652.data
.gz
icons_8_16_1560344658.data
.gz
icons_9_16_1560344664.data
.gz
infowindow_bg.9.png
.png
lineround.data
.png
location_map_gps_3d.png
.png
location_map_gps_locked.png
.png
location_pressed.png
.png
location_selected.png
.png
location_unselected.png
.png
map_indoor_select.png
.png
mapprofile_1_16_1560563265.data
.gz
mapprofile_2_16_1560563265.data
.gz
maps_dav_compass_needle_large.png
.png
marker_default.png
.png
marker_gps_no_sharing.png
.png
offlinemapv4.png
point.glsl
rain.png
.png
res.zip
.zip
roadarrow.data
.png
search_scenic_icon.data
.png
snow.png
.png
style-for_custom_0_16_1561381751.data
.gz
style_0_16_1561381751.data
.gz
style_100_16_1561026477.data
.gz
style_17_16_1561023816.data
.gz
style_1_16_1562032355.data
.gz
style_3_16_1561987623.data
.gz
style_4_16_1561711243.data
.gz
style_50_16_1501671321.data
.gz
style_5_16_1561711250.data
.gz
style_6_16_1562032423.data
.gz
styleiconslist.data
sun_0.png
.png
sun_1.png
.png
texture.glsl
texture_layer.glsl
texture_normal.glsl
tmc_allinone.data
.png
tmc_l_allinone.data
.png
tmc_n_allinone.data
.png
tracelinetexture.png
.png
waterline.data
.png
zoomin_pressed.png
.png
zoomin_selected.png
.png
zoomin_unselected.png
.png
zoomout_pressed.png
.png
zoomout_selected.png
.png
zoomout_unselected.png
.png

Android Permissions

272.apk

Permissions

android.permission.GET_TASKS

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.READ_PRIVILEGED_PHONE_STATE

MediaStore.Images.Media.INTERNAL_CONTENT_URI

MediaStore.Images.Media.EXTERNAL_CONTENT_URI

android.permission.INTERNET

android.permission.CAMERA

android.permission.VIBRATE

android.permission.RESTART_PACKAGES

android.permission.RECORD_AUDIO

com.sonyericsson.permission.CAMERA_EXTENDED

android.permission.WAKE_LOCK

android.permission.FOREGROUND_SERVICE

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.CHANGE_WIFI_STATE

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.CHANGE_WIFI_STATE

android.permission.ACCESS_LOCATION_EXTRA_COMMANDS

android.permission.BLUETOOTH

android.permission.BLUETOOTH_ADMIN

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.FLASHLIGHT

Sharing

General

Malware Config

Signatures

Files

im.ddoohello666.com

com.x52im.rainbowchat.logic.main.SplashActivity

Activities

com.x52im.rainbowchat.logic.main.SplashActivity

com.x52im.rainbowchat.logic.main.MainActivity

Permissions

Services

com.blankj.utilcode.util.MessengerUtils$ServerService

com.amap.api.map3d

Android Permissions

272.apk