aca21aa5ffb89505df215ad61d6b27c1537c44f10439abd3b8b4c6623b73bbc3

General

Target

aca21aa5ffb89505df215ad61d6b27c1537c44f10439abd3b8b4c6623b73bbc3
Size

25.6MB
MD5

679c7b8679a869b02c67d650a647d97a
SHA1

e1e28f5ac7fb84eeaf37e33eb314e3680622ea43
SHA256

aca21aa5ffb89505df215ad61d6b27c1537c44f10439abd3b8b4c6623b73bbc3
SHA512

8673d03b82ab2c786a11459d6d9b97682a1d459330912436548e2d413839235c0be4a064f49f79a5854e809bec33f398b0aa4011b38269c07302ea356a3455a9
SSDEEP

393216:LR7YsjIOcHM28YMZJUnb3jB5Mvh2CkgKadQONX9dVCkgKadQONXGaT5QI5ebmDVp:TsVMBiXBG0CoONLVCoONWu5eSXMST

Score

8^/10

upx

Malware Config

Signatures

Patched UPX-packed file 4 IoCs

Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.

resource	yara_rule
sample	patched_upx
sample	patched_upx
sample	patched_upx
sample	patched_upx

UPX packed file 4 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx
sample	upx
sample	upx
sample	upx

Requests dangerous framework permissions 7 IoCs

description	ioc
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Required to be able to access the camera device.	android.permission.CAMERA
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION

Files

aca21aa5ffb89505df215ad61d6b27c1537c44f10439abd3b8b4c6623b73bbc3
.apk android arch:arm64 arch:arm arch:x86

cderg.cocc.cocc_cdids

cderg.cocc.cocc_cdids.activities.FirstLoadingActivity

Activities

cderg.cocc.cocc_cdids.activities.main.MainActivity

android.intent.action.VIEW

cderg.cocc.cocc_cdids.activities.FirstLoadingActivity

android.intent.action.MAIN

Permissions

android.permission.WAKE_LOCK
android.permission.CALL_PHONE
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.READ_LOGS
android.permission.CAMERA
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.FLASHLIGHT

Receivers

cderg.cocc.cocc_cdids.broadcast.NewAppInstallBroadcastReceiver

android.intent.action.PACKAGE_REPLACED

cderg.cocc.cocc_cdids.broadcast.UpdateAppReceiver

android.intent.action.DOWNLOAD_COMPLETE
android.intent.action.DOWNLOAD_NOTIFICATION_CLICKED

cderg.cocc.cocc_cdids.broadcast.NotifycationReceiver

com.push.NotifycationReceiver

cderg.cocc.cocc_cdids.broadcast.ShowNotifyReceiver

com.push.ShowNotifyReceiver

Services

cderg.cocc.cocc_cdids.services.ApplicationInitService

com.erg.railmap.loade
amap_resource1_0_0.png
.apk android

com.amap.api.map3d

Android Permissions

aca21aa5ffb89505df215ad61d6b27c1537c44f10439abd3b8b4c6623b73bbc3

Permissions

android.permission.WAKE_LOCK

android.permission.CALL_PHONE

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.READ_PHONE_STATE

android.permission.ACCESS_COARSE_LOCATION

android.permission.READ_LOGS

android.permission.CAMERA

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_LOCATION_EXTRA_COMMANDS

android.permission.FLASHLIGHT

Sharing

General

Malware Config

Signatures

Files

cderg.cocc.cocc_cdids

cderg.cocc.cocc_cdids.activities.FirstLoadingActivity

Activities

cderg.cocc.cocc_cdids.activities.main.MainActivity

cderg.cocc.cocc_cdids.activities.FirstLoadingActivity

Permissions

Receivers

cderg.cocc.cocc_cdids.broadcast.NewAppInstallBroadcastReceiver

cderg.cocc.cocc_cdids.broadcast.UpdateAppReceiver

cderg.cocc.cocc_cdids.broadcast.NotifycationReceiver

cderg.cocc.cocc_cdids.broadcast.ShowNotifyReceiver

Services

cderg.cocc.cocc_cdids.services.ApplicationInitService

com.amap.api.map3d

Android Permissions

aca21aa5ffb89505df215ad61d6b27c1537c44f10439abd3b8b4c6623b73bbc3