9D4C646DC878967F89DFFBD2E218541268CF785EF0889E32906D68DC656DD7F2[.]apk

General

Target

9D4C646DC878967F89DFFBD2E218541268CF785EF0889E32906D68DC656DD7F2.apk
Size

41.7MB
MD5

41e409ee45949b693bb6b51920126685
SHA1

cc53ca144b539ace7f706b0f01d94445b22adca0
SHA256

9d4c646dc878967f89dffbd2e218541268cf785ef0889e32906d68dc656dd7f2
SHA512

678a2b4f2665b0c4dda55bdd33a36eccb144ff1571c6f8c25339d3e37fb6de59f427b0e42eef4775d543f366c5fa4c5785c4cfcccb5a20967e1c11a35b2e0365
SSDEEP

786432:r8ihXHck3VGqzOLnc6toDQ4W04U9Xn+/0gqLs+9+1BspwWXOgPe535EwWx9uRs:AixHcklGqyw6tL64U9ODqL1oUFOgPeve

Score

8^/10

upx

Malware Config

Signatures

Patched UPX-packed file 2 IoCs

Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.

resource	yara_rule
sample	patched_upx
sample	patched_upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx
sample	upx

Requests dangerous framework permissions 5 IoCs

description	ioc
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE

Files

9D4C646DC878967F89DFFBD2E218541268CF785EF0889E32906D68DC656DD7F2.apk
.apk .pdf android arch:arm64 arch:arm polyglot

com.kaiserbaas.trail1080

com.lewei.multiple.main.LoadingActivity

Activities

com.lewei.multiple.main.LoadingActivity

android.intent.action.MAIN

Permissions

.permission.MAPS_RECEIVE
android.permission.INTERNET
android.permission.CHANGE_WIFI_MULTICAST_STATE
android.permission.CHANGE_CONFIGURATION
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.WAKE_LOCK
android.permission.CHANGE_WIFI_STATE
android.permission.WRITE_SETTINGS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.GET_TASKS
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.DISABLE_KEYGUARD
android.permission.VIBRATE
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.ACCESS_MOCK_LOCATION
com.google.android.providers.gsf.permission.READ_GSERVICES
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_PHONE_STATE

Services
amap_resource1_0_0.png
.apk android

com.amap.api.map3d

Android Permissions

9D4C646DC878967F89DFFBD2E218541268CF785EF0889E32906D68DC656DD7F2.apk

Permissions

.permission.MAPS_RECEIVE

android.permission.INTERNET

android.permission.CHANGE_WIFI_MULTICAST_STATE

android.permission.CHANGE_CONFIGURATION

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.CHANGE_NETWORK_STATE

android.permission.WAKE_LOCK

android.permission.CHANGE_WIFI_STATE

android.permission.WRITE_SETTINGS

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.GET_TASKS

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.DISABLE_KEYGUARD

android.permission.VIBRATE

android.permission.ACCESS_LOCATION_EXTRA_COMMANDS

android.permission.ACCESS_MOCK_LOCATION

com.google.android.providers.gsf.permission.READ_GSERVICES

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.READ_PHONE_STATE

Sharing

General

Malware Config

Signatures

Files

com.kaiserbaas.trail1080

com.lewei.multiple.main.LoadingActivity

Activities

com.lewei.multiple.main.LoadingActivity

Permissions

Services

com.amap.api.map3d

Android Permissions

9D4C646DC878967F89DFFBD2E218541268CF785EF0889E32906D68DC656DD7F2.apk