slocker | 200d8f98c326fc65f3a11dc5ff1951051c12991cc0996273eeb9b71b27bc294d[.]zip

General

Target

200d8f98c326fc65f3a11dc5ff1951051c12991cc0996273eeb9b71b27bc294d.zip
Size

1.6MB
MD5

f4697a7d0ed913183ffe3338c6899094
SHA1

bf70b4e36f3094d8c802dbb8e7e0aa121aeb4990
SHA256

91a72a93450c6833106c5e8521286006b0d87d57ec69f7cced7fc5fe0479bba9
SHA512

c246ed0dd5c232a6dcf1e5b53ef0ff4740c03a682071831f81dbe34dd999eef7e2ca1c6e8c6eb07b19f0a5713e4027bbb1952fde947a48b29eb43a862931b716
SSDEEP

24576:TAJ1f66WNMahYZzSplPfd4s7EjbUk6rLUN7GKAoEbDwyJGLXBg2:T+C6WN3YZkPFEAQGmyJAg2

Score

10^/10

slocker

SLocker payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/200d8f98c326fc65f3a11dc5ff1951051c12991cc0996273eeb9b71b27bc294d.apk	family_slocker_2

Requests dangerous framework permissions 3 IoCs

Processes:

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE

200d8f98c326fc65f3a11dc5ff1951051c12991cc0996273eeb9b71b27bc294d.zip
.zip

Password: infected
200d8f98c326fc65f3a11dc5ff1951051c12991cc0996273eeb9b71b27bc294d.apk
.apk android

com.android.tencent.zdevs.bah

com.android.tencent.zdevs.bah.MainActivity

Activities

com.android.tencent.zdevs.bah.MainActivity

android.intent.action.MAIN

Permissions

android.permission.SET_WALLPAPER
android.permission.ACCESS_WIFI_STATE
android.permission.READ_LOGS
android.permission.READ_PHONE_STATE
android.permission.GET_TASKS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
com.android.launcher.permission.READ_SETTINGS
android.permission.WAKE_LOCK
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_CONFIGURATION
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_EXTERNAL_STORAGE
android.permission.MODIFY_AUDIO_SETTINGS