viruses-master[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

viruses-master.zip
Size

9.7MB
MD5

785478b584e99852ce9163925fcf44c5
SHA1

5f98006c83c079625f27e44556e9b2cca82d6fa3
SHA256

b039af7855652be1ce002ff6c97820a6659ca4d0b94467fe52a1de9dc5ac029c
SHA512

adfafb68195c0b004d7c866c64f249ae7df42288d54dcd0a13c8bbabeacf6929821b09ccb786b4c7e7255942d5c91a7883dc8a6b4aacc9910f10f74605df8518
SSDEEP

196608:yBFYtc9trG3+/R0ZnFRtulToqTLX7VR6XPtgTtFBAqptL75+:ybqc9JGu/+ZnPtUdnrToP+tFeax7g

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/viruses-master/windows .exe"s/MusaLLaT.exe	upx

Declares broadcast receivers with permission to handle system events 1 IoCs

description	ioc
Required by device admin receivers to bind with the system. Allows apps to manage device administration features.	android.permission.BIND_DEVICE_ADMIN

Requests dangerous framework permissions 6 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/viruses-master/windows .exe"s/Gefwef.exe
unpack001/viruses-master/windows .exe"s/MusaLLaT.exe
unpack001/viruses-master/windows .exe"s/My_storry.exe
unpack001/viruses-master/windows .exe"s/pkill.exe

Files

viruses-master.zip
.zip
viruses-master/README.md
viruses-master/android .apk's/3168.apk
.apk android arch:arm

com.ps.yams

com.ps.yams.Yams

Activities

com.ps.yams.Yams

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INSTALL_PACKAGES
android.permission.ACCESS_COARSE_LOCATION
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.INTERNET
android.permission.READ_EXTERNAL_STORAGE
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS

Receivers

com.google.update.Receiver

android.intent.action.BATTERY_CHANGED_ACTION
android.intent.action.SIG_STR
android.intent.action.BOOT_COMPLETED

Services
viruses-master/android .apk's/Alsalah.apk
.apk android

com.sileria.alsalah

.android.AlSalah

Activities

.android.AlSalah

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_CONTACTS
android.permission.CHANGE_WIFI_MULTICAST_STATE
android.permission.CLEAR_APP_USER_DATA
android.permission.BIND_INPUT_METHOD
android.permission.WRITE_CONTACTS
android.permission.CLEAR_APP_CACHE
android.permission.AUTHENTICATE_ACCOUNTS
android.permission.READ_PHONE_STATE
android.permission.SET_PREFERRED_APPLICATIONS
android.permission.INTERNAL_SYSTEM_WINDOW
android.permission.MANAGE_ACCOUNTS
android.permission.PERSISTENT_ACTIVITY
android.permission.FLASHLIGHT
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_MOCK_LOCATION
android.permission.SEND_SMS
android.permission.HARDWARE_TEST
android.permission.ACCESS_CHECKIN_PROPERTIES
android.permission.DISABLE_KEYGUARD
android.permission.READ_SYNC_STATS
android.permission.READ_INPUT_STATE
android.permission.EXPAND_STATUS_BAR
android.permission.BLUETOOTH
android.permission.BIND_APPWIDGET
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.BROADCAST_SMS
android.permission.DIAGNOSTIC
android.permission.BLUETOOTH_ADMIN
android.permission.DEVICE_POWER
android.permission.CHANGE_CONFIGURATION
android.permission.DELETE_PACKAGES
android.permission.BROADCAST_WAP_PUSH
android.permission.REBOOT
android.permission.WRITE_SMS
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.STATUS_BAR
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.GLOBAL_SEARCH
android.permission.READ_SMS
android.permission.CONTROL_LOCATION_UPDATES
android.permission.MANAGE_APP_TOKENS
android.permission.DELETE_CACHE_FILES
android.permission.BATTERY_STATS
android.permission.READ_SYNC_SETTINGS
android.permission.SET_TIME_ZONE
com.android.browser.permission.READ_HISTORY_BOOKMARKS
android.permission.MOUNT_FORMAT_FILESYSTEMS
android.permission.SIGNAL_PERSISTENT_PROCESSES
android.permission.MASTER_CLEAR
android.permission.READ_LOGS
android.permission.BRICK
android.permission.SET_ACTIVITY_WATCHER
android.permission.RECEIVE_SMS
android.permission.GET_ACCOUNTS
android.permission.CALL_PHONE
android.permission.READ_CONTACTS
android.permission.RESTART_PACKAGES
android.permission.READ_CALENDAR
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.CAMERA
android.permission.ACCESS_FINE_LOCATION
android.permission.SUBSCRIBED_FEEDS_READ
android.permission.WAKE_LOCK
android.permission.RECORD_AUDIO
android.permission.INSTALL_PACKAGES
android.permission.INJECT_EVENTS
android.permission.RECEIVE_WAP_PUSH
android.permission.USE_CREDENTIALS
android.permission.ACCOUNT_MANAGER
android.permission.SET_ALWAYS_FINISH
android.permission.RECEIVE_MMS
android.permission.WRITE_SECURE_SETTINGS
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.WRITE_CALENDAR
android.permission.WRITE_SYNC_SETTINGS
android.permission.INSTALL_LOCATION_PROVIDER
android.permission.SYSTEM_ALERT_WINDOW
android.permission.MODIFY_PHONE_STATE
android.permission.WRITE_SETTINGS
android.permission.INTERNET
android.permission.ACCESS_SURFACE_FLINGER
android.permission.CHANGE_NETWORK_STATE
android.permission.CALL_PRIVILEGED
android.permission.CHANGE_COMPONENT_ENABLED_STATE
android.permission.DUMP
android.permission.SET_WALLPAPER
android.permission.GET_TASKS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.PROCESS_OUTGOING_CALLS
android.permission.WRITE_OWNER_DATA
android.permission.WRITE_GSERVICES
android.permission.SET_WALLPAPER_HINTS
android.permission.BROADCAST_STICKY
android.permission.READ_FRAME_BUFFER
android.permission.GET_PACKAGE_SIZE
android.permission.FORCE_BACK
android.permission.UPDATE_DEVICE_STATS
android.permission.WRITE_APN_SETTINGS
android.permission.BROADCAST_PACKAGE_REMOVED
android.permission.SET_ANIMATION_SCALE
android.permission.SET_ORIENTATION
android.permission.SET_DEBUG_APP
android.permission.FACTORY_TEST
android.permission.REORDER_TASKS
android.permission.SET_PROCESS_LIMIT
android.permission.READ_OWNER_DATA
android.permission.CHANGE_WIFI_STATE
android.permission.VIBRATE
android.permission.SUBSCRIBED_FEEDS_WRITE
android.permission.RECEIVE_BOOT_COMPLETED

Receivers

com.awake.arRabi

android.intent.action.BOOT_COMPLETED

Services

com.awake.alArabiyyah

alArabiyyah
viruses-master/android .apk's/Amazon_Appstore-release.apk
.apk android

com.amazon.venezia

Venezia

Activities

Venezia

android.intent.action.MAIN

Help

android.intent.action.VIEW

LegalInformation

android.intent.action.VIEW

UriMatchActivity

android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.ACCESS_NETWORK_STATE

Receivers

.notification.ClientBroadcastReceiver

com.amazon.mas.client.framework.UpdateService.CLIENT_UPDATE
com.amazon.mas.client.framework.UpdateService.CLIENT_UPDATE_INSTALLING
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_REPLACED
android.net.conn.CONNECTIVITY_CHANGE
com.amazon.mas.client.framework.UpdateService.BLACKLIST_UPDATE

com.amazon.mas.client.framework.BootLoader

android.intent.action.BOOT_COMPLETED

Services

com.amazon.venezia.service.command.CommandServiceImpl

com.amazon.venezia.CommandService
viruses-master/android .apk's/Android Lost.apk
.apk android

com.androidlost

.lostapp

Activities

.lostapp

android.intent.action.MAIN

Permissions

com.androidlost.permission.C2D_MESSAGE
com.google.android.c2dm.permission.RECEIVE
android.permission.WRITE_SETTINGS
android.permission.INTERNET
android.permission.GET_ACCOUNTS
android.permission.READ_PHONE_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.READ_SMS
android.permission.SEND_SMS
android.permission.RECEIVE_SMS
android.permission.CALL_PHONE
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
android.permission.CAMERA
android.permission.WRITE_EXTERNAL_STORAGE

Receivers

.lostapp$MyAdmin

android.app.action.DEVICE_ADMIN_ENABLED

.MyC2dmReceiver

com.google.android.c2dm.intent.RECEIVE
com.google.android.c2dm.intent.REGISTRATION

.SmsReceiver

android.provider.Telephony.SMS_RECEIVED
viruses-master/android .apk's/Gmail.apk
.apk android

com.google.android.gm

ConversationListActivityGmail

Activities

ConversationListActivity

android.intent.action.SEARCH

ConversationListActivityGmail

android.intent.action.MAIN

ConversationListActivityGoogleMail

android.intent.action.MAIN

ComposeActivityGmail

android.intent.action.VIEW
android.intent.action.SENDTO
android.intent.action.SEND
android.intent.action.SEND_MULTIPLE

ComposeActivityGoogleMail

android.intent.action.VIEW
android.intent.action.SENDTO
android.intent.action.SEND

AutoSendActivity

com.google.android.gm.action.AUTO_SEND

Permissions

android.permission.ACCESS_NETWORK_STATE
android.permission.GET_ACCOUNTS
android.permission.MANAGE_ACCOUNTS
android.permission.INTERNET
android.permission.READ_CONTACTS
android.permission.WRITE_CONTACTS
android.permission.READ_SYNC_SETTINGS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.SUBSCRIBED_FEEDS_READ
android.permission.SUBSCRIBED_FEEDS_WRITE
android.permission.USE_CREDENTIALS
android.permission.VIBRATE
android.permission.WAKE_LOCK
android.permission.WRITE_SYNC_SETTINGS
android.permission.WRITE_EXTERNAL_STORAGE
com.google.android.gm.permission.READ_ATTACHMENT_PREVIEW
com.google.android.gm.permission.READ_GMAIL
com.google.android.gm.permission.WRITE_GMAIL
com.google.android.googleapps.permission.GOOGLE_AUTH
com.google.android.googleapps.permission.GOOGLE_AUTH.mail
com.google.android.providers.gsf.permission.READ_GSERVICES
com.google.android.gm.permission.AUTO_SEND
com.google.android.voicesearch.AUDIO_FILE_ACCESS

Receivers

GoogleMailSwitchReceiver

com.google.android.googleapps.GOOGLE_MAIL_SWITCH

AccountsChangedReceiver

android.accounts.LOGIN_ACCOUNTS_CHANGED

GmailReceiver

android.intent.action.PROVIDER_CHANGED

.MailIntentReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.DEVICE_STORAGE_OK
android.intent.action.DOWNLOAD_COMPLETED
com.google.android.gm.intent.CLEAR_ALL_NEW_MAIL_NOTIFICATIONS

.downloadprovider.DownloadReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE

Services

.provider.MailSyncAdapterService

android.content.SyncAdapter
viruses-master/android .apk's/Google-play.apk
.apk android

cosmetiq.fl

.services.LaunchActivity

Activities

.services.LaunchActivity

android.intent.action.MAIN

.services.IncomeSMSActivity

android.intent.action.SEND
android.intent.action.SENDTO

Permissions

android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_CONTACTS
android.permission.DEVICE_POWER
android.permission.USES_POLICY_FORCE_LOCK
android.permission.RECEIVE_SMS
android.permission.READ_SMS
android.permission.WAKE_LOCK
android.permission.WRITE_SMS
android.permission.READ_PHONE_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.SEND_SMS
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.VIBRATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE

Receivers

.services.receivers.InstallReceiver

android.intent.action.PACKAGE_INSTALL
android.intent.action.PACKAGE_ADDED

.services.receivers.mess.ReceiverMess

android.provider.Telephony.SMS_DELIVER

.services.receivers.mess.ReceiverPush

android.provider.Telephony.WAP_PUSH_DELIVER

.services.receivers.AdministrationReceiver

android.app.action.DEVICE_ADMIN_ENABLED

.services.receivers.mess.ReceiverIncoming

android.provider.Telephony.SMS_RECEIVED

.services.receivers.BootReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.ACTION_SHUTDOWN
android.intent.action.QUICKBOOT_POWERON

.services.receivers.NetworkChangeReceiver

android.net.conn.CONNECTIVITY_CHANGE
android.net.wifi.WIFI_STATE_CHANGED

Services

.services.call.HeadlessSmsSendService

android.intent.action.RESPOND_VIA_MESSAGE

.controllers.activities.WebMainService

.controllers.activities.WebMainService

.services.call.SmsKitKatService

.services.call.SmsKitKatService
viruses-master/android .apk's/KSHDToGo.apk
.apk android

com.kandian.hdtogoapp

.GuideActivity

Activities

.GuideActivity

android.intent.action.MAIN

.AssetListActivity

android.intent.action.VIEW

.RankingActivity

android.intent.action.MAIN

.RankingListActivity

android.intent.action.VIEW

.SearchActivity

android.intent.action.SEARCH

.MovieAssetActivity

android.intent.action.VIEW

.EpisodeAssetActivity

android.intent.action.VIEW

com.kandian.ksfamily.KSFamilyListActivity

android.intent.action.VIEW

com.kandian.videoplayer.VideoPlayerActivity

android.intent.action.VIEW

.DownloadServiceActivity

android.intent.action.MAIN

.DownloadExploreListActivity

android.intent.action.VIEW

.MyViewsActivity

android.intent.action.VIEW

.DeleteMyViewsActivity

android.intent.action.VIEW

com.kandian.other.KSAboutActivity

android.intent.action.VIEW

com.kandian.other.KSHelpActivity

android.intent.action.VIEW

.UserNotifyActivity

android.intent.action.VIEW

com.kandian.user.UserLoginActivity

android.intent.action.VIEW

com.kandian.user.UserRegActivity

android.intent.action.VIEW

com.kandian.user.UserBindShareActivity

android.intent.action.VIEW

com.kandian.user.ShareListActivity

android.intent.action.VIEW

com.kandian.user.ShareUnbindActivity

android.intent.action.VIEW

com.kandian.user.UserActivity

android.intent.action.VIEW

com.kandian.user.UserSyncShareActivity

android.intent.action.VIEW

com.kandian.user.BindExistUserActivity

android.intent.action.VIEW

com.kandian.user.UserRegBindActivity

android.intent.action.VIEW

com.kandian.other.PreferenceSettingActivity

android.intent.action.VIEW

com.kandian.user.UserLoginActivity

android.intent.action.VIEW

com.kandian.user.UserRegActivity

android.intent.action.VIEW

com.kandian.user.UserBindShareActivity

android.intent.action.VIEW

com.kandian.user.ShareListActivity

android.intent.action.VIEW

com.kandian.user.ShareUnbindActivity

android.intent.action.VIEW

com.kandian.user.UserActivity

android.intent.action.VIEW

com.kandian.user.UserSyncShareActivity

android.intent.action.VIEW

.MyKSActivity

android.intent.action.VIEW

.MyHistoryActivity

android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.WRITE_SETTINGS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.DISABLE_KEYGUARD
android.permission.READ_PHONE_STATE
android.permission.MANAGE_ACCOUNTS
android.permission.ACCOUNT_MANAGER
android.permission.GET_ACCOUNTS
android.permission.AUTHENTICATE_ACCOUNTS

Receivers

com.admob.android.ads.analytics.InstallReceiver

com.android.vending.INSTALL_REFERRER

Services

com.kandian.user.UserAccountsService

android.accounts.AccountAuthenticator
viruses-master/android .apk's/com.c101421042723.apk
.apk android arch:arm

com.c101421042723

com.c101421042723.ui.MainActivity

Activities

com.c101421042723.ui.MainActivity

android.intent.action.MAIN

Permissions

android.permission.RAISED_THREAD_PRIORITY
android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.WRITE_EXTERNAL_STORAGE
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.READ_SETTINGS
android.permission.WRITE_SECURE_SETTINGS
com.android.launcher.permission.WRITE_SETTINGS
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.RECEIVE_MMS
android.permission.RECEIVE_WAP_PUSH
android.permission.WRITE_SETTINGS
android.permission.READ_SMS
android.permission.SEND_SMS
android.permission.RECEIVE_SMS

Receivers

com.c101421042723.util.Rc101421042723

android.provider.Telephony.WAP_PUSH_RECEIVED
android.provider.Telephony.WAP_PUSH_RECEIVED
android.provider.Telephony.SMS_RECEIVED
android.provider.Telephony.SMS_REJECTED

Services
viruses-master/android .apk's/com.fdhgkjhrtjkjbx.model.apk
.apk android arch:arm

com.fdhgkjhrtjkjbx.model

.LoadActivity

Activities

.LoadActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_WIFI_STATE
android.permission.SYSTEM_ALERT_WINDOW
com.android.launcher.permission.INSTALL_SHORTCUT
android.permission.WAKE_LOCK
android.permission.GET_TASKS

Receivers

com.yangccaa.chengaa.WEPP

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
android.intent.action.USER_PRESENT

com.yangccaa.ssll.SDHH

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
android.intent.action.USER_PRESENT

Services
viruses-master/android .apk's/com.parental.control.v4-dexguarded.apk
.apk android

com.parental.control.v4

com.connect.Dendroid

Activities

com.connect.Dendroid

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.GET_ACCOUNTS
com.android.browser.permission.READ_HISTORY_BOOKMARKS
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_CONTACTS
android.permission.ACCESS_FINE_LOCATION
android.permission.GET_TASKS
android.permission.WAKE_LOCK
android.permission.CALL_PHONE
android.permission.SEND_SMS
android.permission.WRITE_SETTINGS
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.CAMERA
android.permission.RECORD_AUDIO
android.permission.PROCESS_OUTGOING_CALLS
android.permission.RECEIVE_SMS

Receivers

com.connect.ServiceReceiver

android.provider.Telephony.SMS_RECEIVED
android.intent.action.BOOT_COMPLETED
android.intent.action.PHONE_STATE
android.intent.action.ACTION_EXTERNAL_APPLICATIONS_AVAILABLE

Services
viruses-master/android .apk's/com.parental.control.v4.apk
.apk android

com.parental.control.v4

com.connect.Dendroid

Activities

com.connect.Dendroid

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.GET_ACCOUNTS
com.android.browser.permission.READ_HISTORY_BOOKMARKS
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_CONTACTS
android.permission.ACCESS_FINE_LOCATION
android.permission.GET_TASKS
android.permission.WAKE_LOCK
android.permission.CALL_PHONE
android.permission.SEND_SMS
android.permission.WRITE_SETTINGS
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.CAMERA
android.permission.RECORD_AUDIO
android.permission.PROCESS_OUTGOING_CALLS
android.permission.RECEIVE_SMS

Receivers

com.connect.ServiceReceiver

android.provider.Telephony.SMS_RECEIVED
android.intent.action.BOOT_COMPLETED
android.intent.action.PHONE_STATE
android.intent.action.ACTION_EXTERNAL_APPLICATIONS_AVAILABLE

Services
viruses-master/android .apk's/org.benews.apk
.apk android arch:arm

org.benews

org.benews.BeNews

Activities

org.benews.BeNews

android.intent.action.MAIN

Permissions

android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INTERNET
android.permission.READ_PHONE_STATE

Receivers

org.benews.BootManager

android.intent.action.BOOT_COMPLETED
android.intent.action.USER_PRESENT

Services
viruses-master/windows .exe"s/Gefwef.exe
.exe windows:5 windows x86 arch:x86

0ebb3c09b06b1666d307952e824c8697

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

wextract.pdb

Imports

advapi32

FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA

kernel32

LocalFree
LocalAlloc
GetLastError
GetCurrentProcess
lstrlenA
GetModuleFileNameA
GetSystemDirectoryA
_lclose
_llseek
_lopen
WritePrivateProfileStringA
GetWindowsDirectoryA
CreateDirectoryA
GetFileAttributesA
ExpandEnvironmentStringsA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
IsDBCSLeadByte
GetShortPathNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpiA
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
SetFileAttributesA
lstrcmpA
FindFirstFileA
FreeResource
GetProcAddress
LoadResource
SizeofResource
FindResourceA
lstrcatA
CloseHandle
WriteFile
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetCurrentDirectoryA
GetTempFileNameA
ExitProcess
CreateFileA
LoadLibraryExA
lstrcpynA
GetVolumeInformationA
FormatMessageA
GetCurrentDirectoryA
GetVersionExA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetTempPathA
GetSystemInfo
CreateMutexA
SetEvent
CreateEventA
CreateThread
ResetEvent
TerminateThread
GetDriveTypeA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
ReadFile
LoadLibraryA
GetDiskFreeSpaceA
MulDiv
EnumResourceLanguagesA
FreeLibrary
LockResource

gdi32

GetDeviceCaps

user32

ExitWindowsEx
wsprintfA
CharNextA
CharUpperA
CharPrevA
SetWindowLongA
GetWindowLongA
CallWindowProcA
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
SendMessageA
SetWindowPos
ReleaseDC
GetDC
GetWindowRect
SendDlgItemMessageA
GetDlgItem
SetForegroundWindow
SetWindowTextA
MessageBoxA
DialogBoxIndirectParamA
ShowWindow
EnableWindow
GetDlgItemTextA
EndDialog
GetDesktopWindow
MessageBeep
SetDlgItemTextA
LoadStringA
GetSystemMetrics

comctl32

ord17

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viruses-master/windows .exe"s/MusaLLaT.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 424KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 48KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jgd
Size: - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viruses-master/windows .exe"s/My_storry.exe
.exe windows:4 windows x86 arch:x86

5c328b02ace6c40a71423369740e1222

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomA
CreateThread
ExitProcess
ExitThread
FindAtomA
GetAtomNameA
GetCurrentThread
SetThreadPriority
SetUnhandledExceptionFilter
Sleep

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_assert
_cexit
_iob
_onexit
_setmode
abort
atexit
atoi
free
malloc
memset
printf
puts
signal
strlen

ws2_32

WSAGetLastError
__WSAFDIsSet
closesocket
connect
htons
inet_addr
ioctlsocket
select
send
socket

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 184B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viruses-master/windows .exe"s/pkill.exe
.exe windows:4 windows x86 arch:x86

b436e32bce8782756da00ee64e9bdd90

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomA
CloseHandle
CreateToolhelp32Snapshot
ExitProcess
FindAtomA
GetAtomNameA
OpenProcess
Process32First
Process32Next
SetUnhandledExceptionFilter
TerminateProcess

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_assert
_cexit
_iob
_onexit
_setmode
abort
atexit
free
malloc
memset
printf
signal
strcmp

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 184B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

com.ps.yams

com.ps.yams.Yams

Activities

com.ps.yams.Yams

Permissions

Receivers

com.google.update.Receiver

Services

com.sileria.alsalah

.android.AlSalah

Activities

.android.AlSalah

Permissions

Receivers

com.awake.arRabi

Services

com.awake.alArabiyyah

com.amazon.venezia

Venezia

Activities

Venezia

Help

LegalInformation

UriMatchActivity

Permissions

Receivers

.notification.ClientBroadcastReceiver

com.amazon.mas.client.framework.BootLoader

Services

com.amazon.venezia.service.command.CommandServiceImpl

com.androidlost

.lostapp

Activities

.lostapp

Permissions

Receivers

.lostapp$MyAdmin

.MyC2dmReceiver

.SmsReceiver

com.google.android.gm

ConversationListActivityGmail

Activities

ConversationListActivity

ConversationListActivityGmail

ConversationListActivityGoogleMail

ComposeActivityGmail

ComposeActivityGoogleMail

AutoSendActivity

Permissions

Receivers

GoogleMailSwitchReceiver

AccountsChangedReceiver

GmailReceiver

.MailIntentReceiver

.downloadprovider.DownloadReceiver

Services

.provider.MailSyncAdapterService

cosmetiq.fl

.services.LaunchActivity

Activities

.services.LaunchActivity

.services.IncomeSMSActivity

Permissions

Receivers

.services.receivers.InstallReceiver

.services.receivers.mess.ReceiverMess

.services.receivers.mess.ReceiverPush

.services.receivers.AdministrationReceiver

.services.receivers.mess.ReceiverIncoming

.services.receivers.BootReceiver

.services.receivers.NetworkChangeReceiver

Services

.services.call.HeadlessSmsSendService

.controllers.activities.WebMainService

.services.call.SmsKitKatService