Overview

overview

3

Static

static

1

Payload/HB...niBase

macos-10.15-amd64

1

Payload/HB...uilder

macos-10.15-amd64

1

Payload/HB...ion.js

windows7-x64

3

Payload/HB...ion.js

windows10-2004-x64

3

Payload/HB...es6.js

windows7-x64

3

Payload/HB...es6.js

windows10-2004-x64

3

Payload/HB...ion.js

windows7-x64

3

Payload/HB...ion.js

windows10-2004-x64

3

Payload/HB...ker.js

windows7-x64

3

Payload/HB...ker.js

windows10-2004-x64

3

Payload/HB...ill.js

windows7-x64

3

Payload/HB...ill.js

windows10-2004-x64

3

Payload/HB...ize.js

windows7-x64

3

Payload/HB...ize.js

windows10-2004-x64

3

Payload/HB...can.js

windows7-x64

3

Payload/HB...can.js

windows10-2004-x64

3

Payload/HB...w.html

windows7-x64

3

Payload/HB...w.html

windows10-2004-x64

3

Payload/HB...ice.js

windows7-x64

3

Payload/HB...ice.js

windows10-2004-x64

3

Payload/HB...fig.js

windows7-x64

3

Payload/HB...fig.js

windows10-2004-x64

3

Payload/HB...ice.js

windows7-x64

3

Payload/HB...ice.js

windows10-2004-x64

3

Payload/HB...iew.js

windows7-x64

3

Payload/HB...iew.js

windows10-2004-x64

3

Payload/HB...min.js

windows7-x64

3

Payload/HB...min.js

windows10-2004-x64

3

Payload/HB...all.js

windows7-x64

3

Payload/HB...all.js

windows10-2004-x64

3

Payload/HB...ud3.js

windows7-x64

3

Payload/HB...ud3.js

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    tt.ipa

  • Size

    7.8MB

  • MD5

    5113cf553e3a66583c4f752ab1f777ea

  • SHA1

    91dbcfe2776b33d2529d35f09dc927aff898e8f1

  • SHA256

    abba4a1996c40b18b545ea1a7c7c54f71dc98f49669fe3cb552af38723e29685

  • SHA512

    7e1be47d756837b0320108560f67227f0400ac21bef7c091b315fc603c39bc22673b64e4180a8c5507ebdb7047a1a62fe4821b660acd52f65acbaa8b5a9f142d

  • SSDEEP

    196608:rHncU9cyUwqkCO28pRfcXNmPfLoGzM9q/h/15WLYhT3rdVD:rHc4c7L8pRRDzM9qLoLY53pVD

Score
1/10

Malware Config

Signatures

Files

  • tt.ipa
    .zip

    Password: infected

  • Payload/HBuilder.app/[email protected]
    .png
  • Payload/HBuilder.app/Assets.car
  • Payload/HBuilder.app/Base.lproj/LaunchScreen.storyboardc/01J-lp-oVM-view-z0m-pv-cfa.nib
  • Payload/HBuilder.app/Base.lproj/LaunchScreen.storyboardc/Info.plist
  • Payload/HBuilder.app/Base.lproj/LaunchScreen.storyboardc/UIViewController-01J-lp-oVM.nib
  • Payload/HBuilder.app/Base.lproj/LaunchScreenAD.storyboardc/01J-lp-oVM-view-Ze5-6b-2t3.nib
  • Payload/HBuilder.app/Base.lproj/LaunchScreenAD.storyboardc/Info.plist
  • Payload/HBuilder.app/Base.lproj/LaunchScreenAD.storyboardc/UIViewController-01J-lp-oVM.nib
  • Payload/HBuilder.app/Frameworks/DCUniBase.framework/.DS_Store
  • Payload/HBuilder.app/Frameworks/DCUniBase.framework/DCUniBase
    .dylib macos arch:arm64
  • Payload/HBuilder.app/Frameworks/DCUniBase.framework/Info.plist
  • Payload/HBuilder.app/Frameworks/DCUniBase.framework/_CodeSignature/CodeResources
    .xml
  • Payload/HBuilder.app/HBuilder
    .macho macos arch:arm64
  • Payload/HBuilder.app/Info.plist
  • Payload/HBuilder.app/Pandora/apps/__UNI__71E222F/www/__uniappchooselocation.js
    .js
  • Payload/HBuilder.app/Pandora/apps/__UNI__71E222F/www/__uniapperror.png
    .png

    Password: infected

  • Payload/HBuilder.app/Pandora/apps/__UNI__71E222F/www/__uniappes6.js
    .js
  • Payload/HBuilder.app/Pandora/apps/__UNI__71E222F/www/__uniappopenlocation.js
    .js
  • Payload/HBuilder.app/Pandora/apps/__UNI__71E222F/www/__uniapppicker.js
    .js
  • Payload/HBuilder.app/Pandora/apps/__UNI__71E222F/www/__uniappquill.js
    .js
  • Payload/HBuilder.app/Pandora/apps/__UNI__71E222F/www/__uniappquillimageresize.js
    .js
  • Payload/HBuilder.app/Pandora/apps/__UNI__71E222F/www/__uniappscan.js
    .js
  • Payload/HBuilder.app/Pandora/apps/__UNI__71E222F/www/__uniappsuccess.png
    .png

    Password: infected

  • Payload/HBuilder.app/Pandora/apps/__UNI__71E222F/www/__uniappview.html
    .html .js polyglot
  • Payload/HBuilder.app/Pandora/apps/__UNI__71E222F/www/app-config-service.js
    .js
  • Payload/HBuilder.app/Pandora/apps/__UNI__71E222F/www/app-config.js
    .js
  • Payload/HBuilder.app/Pandora/apps/__UNI__71E222F/www/app-service.js
    .js
  • Payload/HBuilder.app/Pandora/apps/__UNI__71E222F/www/app-view.js
    .js
  • Payload/HBuilder.app/Pandora/apps/__UNI__71E222F/www/manifest.json
  • Payload/HBuilder.app/Pandora/apps/__UNI__71E222F/www/static/bg.png
    .png

    Password: infected

  • Payload/HBuilder.app/Pandora/apps/__UNI__71E222F/www/static/close.png
    .png

    Password: infected

  • Payload/HBuilder.app/Pandora/apps/__UNI__71E222F/www/static/ic_launcher.png
    .png

    Password: infected

  • Payload/HBuilder.app/Pandora/apps/__UNI__71E222F/www/static/you.png
    .png

    Password: infected

  • Payload/HBuilder.app/Pandora/apps/__UNI__71E222F/www/view.css
  • Payload/HBuilder.app/Pandora/apps/__UNI__71E222F/www/view.umd.min.js
    .js
  • Payload/HBuilder.app/PandoraApi.bundle/all.js
    .js
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png

    Password: infected

  • Payload/HBuilder.app/PandoraApi.bundle/back_barbutton.png
    .png

    Password: infected

  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/beep-beep.caf
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/close2_barbutton.png
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/close_barbutton.png
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/dcloud3.dat
    .js
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/feature.plist
    .xml
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/i18n/developers/en.lproj/Localizable.strings
  • Payload/HBuilder.app/PandoraApi.bundle/i18n/developers/zh-Hans.lproj/Localizable.strings
  • Payload/HBuilder.app/PandoraApi.bundle/i18n/developers/zh-Hant.lproj/Localizable.strings
  • Payload/HBuilder.app/PandoraApi.bundle/i18n/users/en.lproj/Localizable.strings
  • Payload/HBuilder.app/PandoraApi.bundle/i18n/users/es.lproj/Localizable.strings
  • Payload/HBuilder.app/PandoraApi.bundle/i18n/users/fr.lproj/Localizable.strings
  • Payload/HBuilder.app/PandoraApi.bundle/i18n/users/zh-Hans.lproj/Localizable.strings
  • Payload/HBuilder.app/PandoraApi.bundle/i18n/users/zh-Hant.lproj/Localizable.strings
  • Payload/HBuilder.app/PandoraApi.bundle/iconfont.ttf
  • Payload/HBuilder.app/PandoraApi.bundle/image/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/image/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/more_barbutton.png
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/plugin/back.png
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/plugin/back_disable.png
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/plugin/back_press.png
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/plugin/cancel.png
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/plugin/forward.png
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/plugin/forward_disable.png
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/plugin/forward_press.png
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/plugin/gallery/video.png
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/plugin/refresh.png
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/plugin/stop.png
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/pulltorefresh.js
    .js
  • Payload/HBuilder.app/PandoraApi.bundle/renovate_barbutton.png
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/selected_barbutton.png
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/share_barbutton.png
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/shortcut_barbutton.png
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PandoraApi.bundle/[email protected]
    .png
  • Payload/HBuilder.app/PkgInfo
  • Payload/HBuilder.app/_CodeSignature/CodeResources
    .xml
  • Payload/HBuilder.app/__uniappes6.js
    .js
  • Payload/HBuilder.app/control.xml
    .xml
  • Payload/HBuilder.app/[email protected]
    .png
  • Payload/HBuilder.app/[email protected]
    .png
  • Payload/HBuilder.app/eclog.ec
  • Payload/HBuilder.app/embedded.mobileprovision
  • Payload/HBuilder.app/en.lproj/InfoPlist.strings
  • Payload/HBuilder.app/en.lproj/LaunchScreen.strings
  • Payload/HBuilder.app/en.lproj/LaunchScreenAD.strings
  • Payload/HBuilder.app/en.lproj/Localizable.strings
  • Payload/HBuilder.app/uni-jsframework-vue3.js
  • Payload/HBuilder.app/uni-jsframework.js
  • Payload/HBuilder.app/unincomponents.ttf
  • Payload/HBuilder.app/weex-polyfill.js
    .js
  • Payload/HBuilder.app/weexUniJs.js
    .js
  • Payload/HBuilder.app/zh-Hans.lproj/InfoPlist.strings
  • Payload/HBuilder.app/zh-Hans.lproj/LaunchScreen.strings
  • Payload/HBuilder.app/zh-Hans.lproj/LaunchScreenAD.strings
  • Payload/HBuilder.app/zh-Hans.lproj/Localizable.strings