Overview

overview

7

Static

static

7

META-INF/c...binary

debian-9-armhf

6

runsetprop.sh

ubuntu-18.04-amd64

runsetprop.sh

debian-9-armhf

runsetprop.sh

debian-9-mips

runsetprop.sh

debian-9-mipsel

system/osc...m8.exe

debian-9-armhf

system/osc...am8.sh

ubuntu-18.04-amd64

system/osc...am8.sh

debian-9-armhf

system/osc...am8.sh

debian-9-mips

system/osc...am8.sh

debian-9-mipsel

vendor/app...IF.apk

android-9-x86

vendor/app...IF.apk

android-10-x64

vendor/app...IF.apk

android-11-x64

vendor/app...am.apk

android-9-x86

vendor/app...am.apk

android-10-x64

vendor/app...am.apk

android-11-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    8951bb8543e0719c23d4cb5dfa9e620a477c06b0cdfa2d49cf04d972bcf8bd1a.zip.zip

  • Size

    3.0MB

  • MD5

    e45b7bf22b5c32832f78fb20a9503c4d

  • SHA1

    57949ac603dc64f1a6e84e82520d3ac43569de91

  • SHA256

    85eaee2d92cd87ad2054c876bd04b84f9fb3240a1142cf25ab57fe2207250987

  • SHA512

    ff026d272587303773fb31753b46869f453d24dc467a9a18d44417199bc1c039ad1f0467aa6758baac68702a68a851324154f70abbb7620749e29e82c0e87312

  • SSDEEP

    49152:VPeZ2bOGV2VctwVVRQVYyj2pLqNGTlp5rJiTKSCpzX61ZFMh1K1RzKz:V4GV2u6VVRQiOSOyX3iuFB61Ze41RGz

Score
7/10

Malware Config

Signatures

  • Requests dangerous framework permissions 1 IoCs

Files

  • 8951bb8543e0719c23d4cb5dfa9e620a477c06b0cdfa2d49cf04d972bcf8bd1a.zip.zip
    .zip

    Password: infected

  • 8951bb8543e0719c23d4cb5dfa9e620a477c06b0cdfa2d49cf04d972bcf8bd1a.zip
    .zip
  • META-INF/com/android/metadata
  • META-INF/com/android/otacert
  • META-INF/com/google/android/update-binary
    .elf linux arm
  • META-INF/com/google/android/updater-script
  • META/filesystem_config.txt
  • META/misc_info.txt
  • META/recovery.fstab
  • external-script
  • runsetprop.sh
    .sh linux
  • system/oscam/constant.cw
  • system/oscam/oscam-ko.server
  • system/oscam/oscam-smargo.server
  • system/oscam/oscam-terrestrial.server
  • system/oscam/oscam-uncorex.conf
  • system/oscam/oscam.ac
  • system/oscam/oscam.cacheex
  • system/oscam/oscam.cert
  • system/oscam/oscam.conf
  • system/oscam/oscam.dvbapi
  • system/oscam/oscam.guess
  • system/oscam/oscam.ird
  • system/oscam/oscam.keys
  • system/oscam/oscam.provid
  • system/oscam/oscam.server
  • system/oscam/oscam.services
  • system/oscam/oscam.srvid
  • system/oscam/oscam.tiers
  • system/oscam/oscam.user
  • system/oscam/oscam.whitelist
  • system/oscam/oscam8.exe
    .elf linux arm
  • system/oscam/oscam8.sh
    .sh linux
  • vendor/app/OscamAndroid_IF/OscamAndroid_IF.apk
    .apk android

    com.hisilicon.oscam

    .OscamMonitor


  • vendor/app/cam/cam.apk
    .apk android

    com.use.cam

    com.use.cam.mainActivity


  • vendor/simple.prop