8935b6b68d4c0246112fcd0e0dab70b0e086ed6e90153478d8817ae1c63b1fc4

General

Target

8935b6b68d4c0246112fcd0e0dab70b0e086ed6e90153478d8817ae1c63b1fc4
Size

18.8MB
MD5

af5062341f520e41721881e8b8e54d1f
SHA1

d80daf617de27c1a3e863b7421a37b0f9d61701b
SHA256

8935b6b68d4c0246112fcd0e0dab70b0e086ed6e90153478d8817ae1c63b1fc4
SHA512

dbe4ef6c11b6cb2567b73a2a7a99d99f69e74d15627250151a58be064c29270ad83e69cb0d9aa29f42818892484649ca6b3fe804b6d23953244d8d32ee6c6ff9
SSDEEP

393216:STOqrpebcDWa+lKEu1ZQ4JXicIP57FHEHH//CWfu+K37O7u+9sq:mogwlKE+ZQ4JXPCFHEHH/FfcG+q

Score

8^/10

upx

Malware Config

Signatures

Patched UPX-packed file 1 IoCs

Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.

resource	yara_rule
sample	patched_upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Requests dangerous framework permissions 7 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE

Files

8935b6b68d4c0246112fcd0e0dab70b0e086ed6e90153478d8817ae1c63b1fc4
.apk android arch:arm

com.cxw.buyer

com.cxw.buyer.MainActivity

Activities

com.cxw.buyer.MainActivity

android.intent.action.MAIN
android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.CAMERA
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.READ_LOGS
android.permission.READ_PHONE_STATE
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.WAKE_LOCK

Services
amap_resource1_0_0.png
.apk android

com.amap.api.map3d

Android Permissions

8935b6b68d4c0246112fcd0e0dab70b0e086ed6e90153478d8817ae1c63b1fc4

Permissions

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.CAMERA

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.READ_EXTERNAL_STORAGE

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.READ_LOGS

android.permission.READ_PHONE_STATE

android.permission.ACCESS_LOCATION_EXTRA_COMMANDS

android.permission.BLUETOOTH

android.permission.BLUETOOTH_ADMIN

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.WAKE_LOCK

Sharing

General

Malware Config

Signatures

Files

com.cxw.buyer

com.cxw.buyer.MainActivity

Activities

com.cxw.buyer.MainActivity

Permissions

Services

com.amap.api.map3d

Android Permissions

8935b6b68d4c0246112fcd0e0dab70b0e086ed6e90153478d8817ae1c63b1fc4