Overview

overview

10

Static

static

10

c439378688...64.apk

android-9-x86

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    de18342c1ad82776963dfa340a525d30.bin

  • Size

    70.6MB

  • MD5

    053c2dc89d8218dfa974c993c2b54e99

  • SHA1

    3b79f838e763103851f12a187fef9a8b4dd4fb87

  • SHA256

    6355ada07d176c590c32c5269a6540eab548f247fef0c12982711881101b5390

  • SHA512

    0c0dccfdb17284bddc59f15055e2749aba2c0cf3b92e658349bb40b2a3909af1ad98c4999fd3deaee5aed37776738f1d48fa0b8c818b8352f27639fe34a53f9b

  • SSDEEP

    1572864:+AozaQcvQWPNumRfjFIjCSneE/gMAx+7b6XWmOn:no9Gu0bFzSeEIzQ7mO

Score
10/10
upxtriada

Malware Config

Signatures

  • Android Triada payload 1 IoCs
  • Triada family
    triada
  • Patched UPX-packed file 2 IoCs

    Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Declares services with permission to bind to the system 3 IoCs
  • Requests dangerous framework permissions 23 IoCs

Files

  • de18342c1ad82776963dfa340a525d30.bin
    .zip

    Password: infected

  • c439378688072503009c4af8df7dbea1edef38fb637f526821fe610ee75f3864.apk
    .apk android arch:arm64 arch:arm

    Password: infected

    com.woyoubmw.app

    com.woyoubmw.app.Main