Test[.]zip | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

Test.zip
Size

60.1MB
MD5

e737cd7800055e37602b9912868a5a9f
SHA1

9469846a0bd80303352369be53176d91155d96b2
SHA256

07fc349e4895810cc570990f998f74feecfc65e6acd7c30dc8ad85b84267d7a6
SHA512

0c83cd3262ecb0ef3d882fdcc4eddc6411a113296b60e8416f2c80cd543f90e6517486622b9eea108fd32070f6ee6cf8b6356ff16941bb0256d230ee7d66d978
SSDEEP

1572864:QTqINCzKTXWU4PH9xRTivWrtWJ/PvnE2Lefai/KK:ZRKTGU4VxlrtgfdiiVK

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 1 IoCs

description	ioc
Required by accessibility services to bind with the system. Allows apps to access accessibility features.	android.permission.BIND_ACCESSIBILITY_SERVICE

Requests dangerous framework permissions 5 IoCs

description	ioc
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application a broad access to external storage in scoped storage.	android.permission.MANAGE_EXTERNAL_STORAGE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW

Files

Test.zip
.rar

Password: 12345
MT-Manager-Vip-Mod-2.14.5-3.apk
.apk android arch:arm64 arch:arm arch:x86 arch:x64

Password: 12345

bin.mt.plus.canary

bin.mt.plus.Main

Activities

bin.mt.plus.OpenFileActivity

android.intent.action.VIEW
android.intent.action.EDIT
android.intent.action.SEND

l.۫ۦ۫

android.intent.action.VIEW

l.ۖ۟ۢ

android.intent.action.GET_CONTENT

bin.mt.plus.TenpayCallbackActivity

android.intent.action.VIEW

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

Permissions

android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.INTERNET
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.REQUEST_DELETE_PACKAGES
android.permission.QUERY_ALL_PACKAGES
android.permission.VIBRATE
android.permission.WAKE_LOCK
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MANAGE_EXTERNAL_STORAGE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.FOREGROUND_SERVICE
android.permission.FOREGROUND_SERVICE_MEDIA_PROJECTION
android.permission.FOREGROUND_SERVICE_SPECIAL_USE
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.ACCESS_SUPERUSER
bin.mt.plus.canary.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION
moe.shizuku.manager.permission.API_V23

Receivers

l.ۨ۟ۜ

androidx.profileinstaller.action.INSTALL_PROFILE
androidx.profileinstaller.action.SKIP_FILE
androidx.profileinstaller.action.SAVE_PROFILE
androidx.profileinstaller.action.BENCHMARK_OPERATION

Services

l.ۖۢۖ

android.accessibilityservice.AccessibilityService
filetransfer.apk
.apk android

Password: 12345

bin.mt.filetransfer

bin.mt.filetransfer.Main

Activities
MT_Vip_Fix_2.6.1-beta.apk
.apk android arch:arm64 arch:arm arch:mips arch:mips64 arch:x86 arch:x64

Password: 12345

bin.mt.mtgz

bin.mt.mtgz.Main

Activities

bin.mt.mtgz.Main

android.intent.action.MAIN

bin.mt.mtgz.PhotoViewer

android.intent.action.VIEW
android.intent.action.EDIT

bin.mt.edit.TextEditor

android.intent.action.VIEW

Permissions

android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.INTERNET
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.READ_PHONE_STATE
android.permission.VIBRATE
android.permission.WAKE_LOCK
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.SYSTEM_ALERT_WINDOW
com.android.vending.BILLING
android.permission.SYSTEM_ALERT_WINDOW
android.permission.READ_SETTINGS
android.permission.WRITE_SETTINGS
android.permission.BLUETOOTH
net.dinglisch.android.tasker.PERMISSION_RUN_TASKS
android.permission.USE_FINGERPRINT
android.permission.BLUETOOTH_ADMIN
android.permission.CHANGE_WIFI_STATE
android.permission.READ_LOGS
android.permission.VIBRATE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.READ_SETTINGS
android.permission.WRITE_SETTINGS
android.permission.CHANGE_WIFI_STATE
android.permission.READ_LOGS
android.permission.CAMERA
android.permission.FLASHLIGHT
android.permission.BLUETOOTH
android.permission.READ_EXTERNAL_STORAGE
net.dinglisch.android.tasker.PERMISSION_RUN_TASKS
android.permission.USE_FINGERPRINT
android.permission.BLUETOOTH_ADMIN
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.VIBRATE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE

Receivers

com.applisto.appcloner.classes.FakeCamera$FakeCameraReceiver

com.applisto.appcloner.action.FAKE_CAMERA_SELECT_CAMERA_PICTURE
com.applisto.appcloner.action.FAKE_CAMERA_ROTATE_CLOCKWISE
com.applisto.appcloner.action.FAKE_CAMERA_ROTATE_ANTI_CLOCKWISE

Services

bin.mt.mtgz.ActivityRecordService

android.accessibilityservice.AccessibilityService
NP-Manager-v3.0.84-mod.apk
.apk android arch:arm64 arch:arm

Password: 12345

com.wn.app.np

player.normal.np.activity.GuideActivity

Activities

player.normal.np.activity.GuideActivity

android.intent.action.MAIN

player.normal.np.activity.NPMainActivity

android.intent.action.GET_CONTENT

player.normal.np.activity.ApkInstallerActivity

android.intent.action.VIEW

player.normal.np.activity.EditActivity

android.intent.action.VIEW
android.intent.action.EDIT

Permissions

android.permission.VIBRATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.GET_TASKS
android.permission.WAKE_LOCK
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.REQUEST_DELETE_PACKAGES
android.permission.MANAGE_EXTERNAL_STORAGE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.FOREGROUND_SERVICE
android.permission.ACCESS_SUPERUSER
android.permission.QUERY_ALL_PACKAGES
com.wn.app.np.openadsdk.permission.TT_PANGOLIN
com.asus.msa.SupplementaryDID.ACCESS
android.permission.BLUETOOTH
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.CHANGE_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.REORDER_TASKS
freemme.permission.msa
android.permission.READ_PRIVILEGED_PHONE_STATE
com.wn.app.np.permission.KW_SDK_BROADCAST
android.permissio.WRITE_EXTERNAL_STORAGE
com.google.android.gms.permission.AD_ID
android.permission.SET_WALLPAPER

Services

com.blankj.utilcode.util.BusUtils$ServerService

com.wn.app.np.messenger

Sharing

General

Malware Config

Signatures

Files

Password: 12345

Password: 12345

bin.mt.plus.canary

bin.mt.plus.Main

Activities

bin.mt.plus.OpenFileActivity

l.۫ۦ۫

l.ۖ۟ۢ

bin.mt.plus.TenpayCallbackActivity

com.tencent.tauth.AuthActivity

Permissions

Receivers

l.ۨ۟ۜ

Services

l.ۖۢۖ

Password: 12345

bin.mt.filetransfer

bin.mt.filetransfer.Main

Activities

Password: 12345

bin.mt.mtgz

bin.mt.mtgz.Main

Activities

bin.mt.mtgz.Main

bin.mt.mtgz.PhotoViewer

bin.mt.edit.TextEditor

Permissions

Receivers

com.applisto.appcloner.classes.FakeCamera$FakeCameraReceiver

Services

bin.mt.mtgz.ActivityRecordService

Password: 12345

com.wn.app.np

player.normal.np.activity.GuideActivity

Activities

player.normal.np.activity.GuideActivity

player.normal.np.activity.NPMainActivity

player.normal.np.activity.ApkInstallerActivity

player.normal.np.activity.EditActivity

Permissions

Services

com.blankj.utilcode.util.BusUtils$ServerService