tag:blogger.com,1999:blog-50460960739185287152024-03-13T05:00:32.572-07:00contagio mobileMilahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.comBlogger252125tag:blogger.com,1999:blog-5046096073918528715.post-37858748882092134082018-03-20T06:56:00.002-07:002018-03-27T22:30:19.590-07:00Android Fakebank samples <div dir="ltr" style="text-align: left;" trbidi="on">
<br />
Research: <a href="https://www.symantec.com/security-center/writeup/2013-071813-2448-99">Symantec. Android-Fakebank </a><br />
<a href="http://contagiomobile.deependresearch.org/fakebank_android_samp.zip"><br /></a>
<span style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><a href="http://contagiomobile.deependresearch.org/fakebank_android_samp.zip"><img border="0" data-original-height="72" data-original-width="72" src="https://4.bp.blogspot.com/-jSrIuo3h6Dk/WrESV639hGI/AAAAAAACa0Y/itzBxwQXccQTxZdp7zHSEUuoJWDPV-UhgCLcBGAs/s1600/icon.png" /></a></span><br />
<a href="http://contagiomobile.deependresearch.org/fakebank_android_samp.zip"><b>Download</b>. Email me if you need the password</a><br />
<br />
<br />
<br />
File information<br />
<br />
<table class="tableizer-table" style="border: 1px solid rgb(204, 204, 204); color: #1c1c1c; font-family: Arial, Helvetica, sans-serif; font-size: 10px; margin: 0px auto; text-align: center;"><thead>
<tr class="tableizer-firstrow"><th style="background-color: black; color: white; text-align: left;">#</th><th style="background-color: black; color: white; text-align: left;">File Name</th><th style="background-color: black; color: white; text-align: left;">Hash Value</th><th style="background-color: black; color: white; text-align: left;">File Size (on Disk)</th></tr>
</thead><tbody>
<tr><td style="border: 1px solid rgb(204, 204, 204); margin: 3px; padding: 4px; text-align: left;">1</td><td style="border: 1px solid rgb(204, 204, 204); margin: 3px; padding: 4px; text-align: left;">191108379dccd5dc1b21c5f71f4eb5d47603fc4950255f32b1228d4b066ea512</td><td style="border: 1px solid rgb(204, 204, 204); margin: 3px; padding: 4px; text-align: left;">650795A6C3301CD7FF355FA4F7EEDE8B</td><td style="border: 1px solid rgb(204, 204, 204); margin: 3px; padding: 4px; text-align: left;">2625281 bytes (2.5 MiB)</td></tr>
<tr><td style="border: 1px solid rgb(204, 204, 204); margin: 3px; padding: 4px; text-align: left;">2</td><td style="border: 1px solid rgb(204, 204, 204); margin: 3px; padding: 4px; text-align: left;">1ef6e1a7c936d1bdc0c7fd387e071c102549e8fa0038aec2d2f4bffb7e0609c3</td><td style="border: 1px solid rgb(204, 204, 204); margin: 3px; padding: 4px; text-align: left;">0693F22F405C6EFB99DACAD63CF6EE0E</td><td style="border: 1px solid rgb(204, 204, 204); margin: 3px; padding: 4px; text-align: left;">4743009 bytes (4.52 MiB)</td></tr>
<tr><td style="border: 1px solid rgb(204, 204, 204); margin: 3px; padding: 4px; text-align: left;">3</td><td style="border: 1px solid rgb(204, 204, 204); margin: 3px; padding: 4px; text-align: left;">4aeccf56981a32461ed3cad5e197a3eedb97a8dfb916affc67ce4b9e75b67d98</td><td style="border: 1px solid rgb(204, 204, 204); margin: 3px; padding: 4px; text-align: left;">37DFF309CC911A1DC16CCE4E51F9827B</td><td style="border: 1px solid rgb(204, 204, 204); margin: 3px; padding: 4px; text-align: left;">5415986 bytes (5.17 MiB)</td></tr>
<tr><td style="border: 1px solid rgb(204, 204, 204); margin: 3px; padding: 4px; text-align: left;">4</td><td style="border: 1px solid rgb(204, 204, 204); margin: 3px; padding: 4px; text-align: left;">b9cbe8b737a6f075d4d766d828c9a0206c6fe99c6b25b37b539678114f0abffb</td><td style="border: 1px solid rgb(204, 204, 204); margin: 3px; padding: 4px; text-align: left;">67E7BB573EAA1F25772809A471CDA327</td><td style="border: 1px solid rgb(204, 204, 204); margin: 3px; padding: 4px; text-align: left;">4496258 bytes (4.29 MiB)</td></tr>
</tbody></table>
</div>
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.com1tag:blogger.com,1999:blog-5046096073918528715.post-35048684036365689892018-03-19T22:23:00.000-07:002018-03-27T22:25:35.860-07:00Android Tizi - Samples<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<br />
<b>2017/11/25 Research</b>: <a href="https://security.googleblog.com/2017/11/tizi-detecting-and-blocking-socially.html">Google. Tizi: Detecting and blocking socially engineered spyware on Android </a><br />
<br />
<b>List of SHA256 hashes</b><br />
com.press.nasa.com.tanofresh<br />
4d780a6fc18458311250d4d1edc750468fdb9b3e4c950dce5b35d4567b47d4a7<br />
<br />
com.dailyworkout.tizi<br />
7c6af091a7b0f04fb5b212bd3c180ddcc6abf7cd77478fd22595e5b7aa7cfd9f<br />
<br />
com.system.update.systemupdate<br />
7a956c754f003a219ea1d2205de3ef5bc354419985a487254b8aeb865442a55e<br />
<br />
19032b32cc0d99e65f32a28ecffc411572bb58cc19c8cf8195339dd30011e54c<br />
3135c6a2793b66c73aacc668f0fddcdf8afdb0749024d408f592bf715e4c68ac<br />
b702149585354b78ee317e2cc1d89e35bf59d73e9610c6b2950899a5f1315fa5<br />
ccf604ba0393ac28c6b5f9f8bb719de251476968589df0239c743e30e1eb2707<br />
<br />
<br />
<a href="https://3.bp.blogspot.com/-Qffu802XJ14/WrCYzZi5HGI/AAAAAAACaz4/fGi4L_e2Af8jGfWQQH2l7Sfge7LVipseQCLcBGAs/s1600/1a1u0dvn.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" data-original-height="512" data-original-width="584" height="175" src="https://3.bp.blogspot.com/-Qffu802XJ14/WrCYzZi5HGI/AAAAAAACaz4/fGi4L_e2Af8jGfWQQH2l7Sfge7LVipseQCLcBGAs/s200/1a1u0dvn.png" width="200" /></a><a href="http://contagiomobile.deependresearch.org/tizi_android-samp.zip">Download. Email me if you need the password</a><br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<a name='more'></a><br />
<br />
<b>Sandbox results</b><br />
Required permissions<br />
android.permission.CHANGE_NETWORK_STATE (change network connectivity)<br />
android.permission.ACCESS_COARSE_UPDATES (Unknown permission from android reference)<br />
android.permission.READ_CALENDAR (read calendar events)<br />
android.permission.PROCESS_OUTGOING_CALLS (intercept outgoing calls)<br />
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)<br />
android.permission.INTERNET (full Internet access)<br />
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)<br />
android.permission.SEND_SMS (send SMS messages)<br />
android.permission.ACCESS_NETWORK_STATE (view network status)<br />
android.permission.READ_CALL_LOG (read the user's call log.)<br />
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)<br />
android.permission.RECORD_AUDIO (record audio)<br />
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)<br />
android.permission.CALL_PHONE (directly call phone numbers)<br />
android.permission.READ_PHONE_STATE (read phone state and identity)<br />
android.permission.READ_SMS (read SMS or MMS)<br />
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)<br />
android.permission.CHANGE_WIFI_STATE (change Wi-Fi status)<br />
android.permission.RECEIVE_SMS (receive SMS)<br />
android.permission.READ_CONTACTS (read contact data)<br />
android.location.GPS_ENABLED_CHANGE (Unknown permission from android reference)<br />
android.permission.GET_ACCOUNTS (discover known accounts)<br />
Activities<br />
com.system.update.systemupdate.MainActivity<br />
Services<br />
com.system.update.systemupdate.services.MQTTService<br />
Receivers<br />
com.system.update.systemupdate.receivers.StartOnBoot<br />
com.system.update.systemupdate.receivers.RestartUpdateService<br />
com.system.update.systemupdate.receivers.StartOnData<br />
Activity-related intent filters<br />
com.system.update.systemupdate.MainActivity<br />
actions: android.intent.action.MAIN<br />
categories: android.intent.category.LAUNCHER<br />
Receiver-related intent filters<br />
com.system.update.systemupdate.receivers.StartOnBoot<br />
actions: android.intent.action.BOOT_COMPLETED, android.intent.action.QUICKBOOT_POWERON<br />
com.system.update.systemupdate.receivers.StartOnData<br />
actions: android.net.conn.CONNECTIVITY_CHANGE<br />
com.system.update.systemupdate.receivers.RestartUpdateService<br />
actions: android.net.conn.CONNECTIVITY_CHANGE<br />
Application certificate information<br />
<br />
Subject<br />
DN: C:US, CN:Android Debug, O:Android<br />
C: US<br />
CN: Android Debug<br />
O: Android<br />
validto: 09:20 AM 10/25/2046<br />
serialnumber: 01<br />
thumbprint: 4d2962ac1f6551435709a5a874595d855b1fa8ab<br />
validfrom: 09:20 AM 11/01/2016<br />
Issuer<br />
DN: C:US, CN:Android Debug, O:Android<br />
C: US<br />
CN: Android Debug<br />
O: Android<br />
<br />
The file being studied is a compressed stream! Details about the compressed contents follow.<br />
Contained files<br />
This file is a compressed stream containing 241 files.<br />
[+] classes.dex DEX 752 Bytes<br />
[+] classes2.dex DEX 64752 Bytes<br />
[+] AndroidManifest.xml XML 8076 Bytes<br />
[+] META-INF/CERT.RSA unknown 765 Bytes<br />
[+] META-INF/CERT.SF unknown 24185 Bytes<br />
[+] META-INF/MANIFEST.MF unknown 24142 Bytes<br />
[+] bundle.properties unknown 673 Bytes<br />
[+] instant-run.zip ZIP 2513313 Bytes<br />
[+] org/eclipse/paho/client/mqttv3/internal/nls/logcat.proper... unknown 4550 Bytes<br />
[+] org/eclipse/paho/client/mqttv3/internal/nls/messages.prop... unknown 1297 Bytes<br />
[+] org/eclipse/paho/client/mqttv3/internal/nls/messages_cs.p... unknown 1529 Bytes<br />
[+] org/eclipse/paho/client/mqttv3/internal/nls/messages_de.p... unknown 1401 Bytes<br />
[+] org/eclipse/paho/client/mqttv3/internal/nls/messages_es.p... unknown 1409 Bytes<br />
[+] org/eclipse/paho/client/mqttv3/internal/nls/messages_fr.p... unknown 1367 Bytes<br />
[+] org/eclipse/paho/client/mqttv3/internal/nls/messages_hu.p... unknown 1658 Bytes<br />
[+] org/eclipse/paho/client/mqttv3/internal/nls/messages_it.p... unknown 1238 Bytes<br />
[+] org/eclipse/paho/client/mqttv3/internal/nls/messages_ja.p... unknown 2488 Bytes<br />
[+] org/eclipse/paho/client/mqttv3/internal/nls/messages_ko.p... unknown 2111 Bytes<br />
[+] org/eclipse/paho/client/mqttv3/internal/nls/messages_pl.p... unknown 1621 Bytes<br />
[+] org/eclipse/paho/client/mqttv3/internal/nls/messages_pt_B... unknown 1426 Bytes<br />
[+] org/eclipse/paho/client/mqttv3/internal/nls/messages_ru.p... unknown 3676 Bytes<br />
[+] org/eclipse/paho/client/mqttv3/internal/nls/messages_zh_C... unknown 1590 Bytes<br />
[+] org/eclipse/paho/client/mqttv3/internal/nls/messages_zh_T... unknown 1636 Bytes<br />
[+] org/eclipse/paho/client/mqttv3/logging/jsr47min.properties unknown 3568 Bytes<br />
[+] res/anim/abc_fade_in.xml XML 396 Bytes<br />
[+] res/anim/abc_fade_out.xml XML 396 Bytes<br />
[+] res/anim/abc_grow_fade_in_from_bottom.xml XML 860 Bytes<br />
[+] res/anim/abc_popup_enter.xml XML 512 Bytes<br />
[+] res/anim/abc_popup_exit.xml XML 512 Bytes<br />
[+] res/anim/abc_shrink_fade_out_from_bottom.xml XML 860 Bytes<br />
[+] res/anim/abc_slide_in_bottom.xml XML 400 Bytes<br />
[+] res/anim/abc_slide_in_top.xml XML 400 Bytes<br />
[+] res/anim/abc_slide_out_bottom.xml XML 400 Bytes<br />
[+] res/anim/abc_slide_out_top.xml XML 400 Bytes<br />
[+] res/color-v11/abc_background_cache_hint_selector_material... XML 472 Bytes<br />
[+] res/color-v11/abc_background_cache_hint_selector_material... XML 472 Bytes<br />
[+] res/color-v23/abc_btn_colored_borderless_text_material.xml XML 504 Bytes<br />
[+] res/color-v23/abc_color_highlight_material.xml XML 548 Bytes<br />
[+] res/color-v23/abc_tint_btn_checkable.xml XML 628 Bytes<br />
[+] res/color-v23/abc_tint_default.xml XML 1128 Bytes<br />
[+] res/color-v23/abc_tint_edittext.xml XML 672 Bytes<br />
[+] res/color-v23/abc_tint_seek_thumb.xml XML 504 Bytes<br />
[+] res/color-v23/abc_tint_spinner.xml XML 672 Bytes<br />
[+] res/color-v23/abc_tint_switch_thumb.xml XML 628 Bytes<br />
[+] res/color-v23/abc_tint_switch_track.xml XML 668 Bytes<br />
[+] res/color/abc_btn_colored_borderless_text_material.xml XML 608 Bytes<br />
[+] res/color/abc_hint_foreground_material_dark.xml XML 568 Bytes<br />
[+] res/color/abc_hint_foreground_material_light.xml XML 568 Bytes<br />
[+] res/color/abc_primary_text_disable_only_material_dark.xml XML 468 Bytes<br />
[+] res/color/abc_primary_text_disable_only_material_light.xml XML 468 Bytes<br />
[+] res/color/abc_primary_text_material_dark.xml XML 468 Bytes<br />
[+] res/color/abc_primary_text_material_light.xml XML 468 Bytes<br />
[+] res/color/abc_search_url_text.xml XML 596 Bytes<br />
[+] res/color/abc_secondary_text_material_dark.xml XML 468 Bytes<br />
[+] res/color/abc_secondary_text_material_light.xml XML 468 Bytes<br />
[+] res/color/abc_tint_btn_checkable.xml XML 732 Bytes<br />
[+] res/color/abc_tint_default.xml XML 1232 Bytes<br />
[+] res/color/abc_tint_edittext.xml XML 776 Bytes<br />
[+] res/color/abc_tint_seek_thumb.xml XML 608 Bytes<br />
[+] res/color/abc_tint_spinner.xml XML 776 Bytes<br />
[+] res/color/abc_tint_switch_thumb.xml XML 732 Bytes<br />
[+] res/color/abc_tint_switch_track.xml XML 772 Bytes<br />
[+] res/color/switch_thumb_material_dark.xml XML 468 Bytes<br />
[+] res/color/switch_thumb_material_light.xml XML 468 Bytes<br />
[+] res/drawable-ldrtl-xhdpi-v17/abc_ic_menu_copy_mtrl_am_alp... PNG 236 Bytes<br />
[+] res/drawable-ldrtl-xhdpi-v17/abc_ic_menu_cut_mtrl_alpha.png PNG 494 Bytes<br />
[+] res/drawable-ldrtl-xhdpi-v17/abc_spinner_mtrl_am_alpha.9.png PNG 483 Bytes<br />
[+] res/drawable-v21/abc_action_bar_item_background_material.xml XML 336 Bytes<br />
[+] res/drawable-v21/abc_btn_colored_material.xml XML 1908 Bytes<br />
[+] res/drawable-v21/abc_edit_text_material.xml XML 1360 Bytes<br />
[+] res/drawable-v21/abc_ratingbar_indicator_material.xml XML 712 Bytes<br />
[+] res/drawable-v21/abc_ratingbar_material.xml XML 712 Bytes<br />
[+] res/drawable-v21/abc_ratingbar_small_material.xml XML 712 Bytes<br />
[+] res/drawable-v21/notification_action_background.xml XML 496 Bytes<br />
[+] res/drawable-v23/abc_control_background_material.xml XML 380 Bytes<br />
[+] res/drawable-xhdpi-v4/abc_ab_share_pack_mtrl_alpha.9.png PNG 297 Bytes<br />
[+] res/drawable-xhdpi-v4/abc_btn_check_to_on_mtrl_000.png PNG 281 Bytes<br />
[+] res/drawable-xhdpi-v4/abc_btn_check_to_on_mtrl_015.png PNG 432 Bytes<br />
[+] res/drawable-xhdpi-v4/abc_btn_radio_to_on_mtrl_000.png PNG 651 Bytes<br />
[+] res/drawable-xhdpi-v4/abc_btn_radio_to_on_mtrl_015.png PNG 785 Bytes<br />
[+] res/drawable-xhdpi-v4/abc_btn_switch_to_on_mtrl_00001.9.png PNG 2259 Bytes<br />
[+] res/drawable-xhdpi-v4/abc_btn_switch_to_on_mtrl_00012.9.png PNG 2606 Bytes<br />
[+] res/drawable-xhdpi-v4/abc_cab_background_top_mtrl_alpha.9... PNG 234 Bytes<br />
[+] res/drawable-xhdpi-v4/abc_ic_commit_search_api_mtrl_alpha... PNG 228 Bytes<br />
[+] res/drawable-xhdpi-v4/abc_ic_menu_copy_mtrl_am_alpha.png PNG 178 Bytes<br />
[+] res/drawable-xhdpi-v4/abc_ic_menu_cut_mtrl_alpha.png PNG 492 Bytes<br />
[+] res/drawable-xhdpi-v4/abc_ic_menu_paste_mtrl_am_alpha.png PNG 360 Bytes<br />
[+] res/drawable-xhdpi-v4/abc_ic_menu_selectall_mtrl_alpha.png PNG 183 Bytes<br />
[+] res/drawable-xhdpi-v4/abc_ic_menu_share_mtrl_alpha.png PNG 918 Bytes<br />
[+] res/drawable-xhdpi-v4/abc_ic_star_black_16dp.png PNG 333 Bytes<br />
[+] res/drawable-xhdpi-v4/abc_ic_star_black_36dp.png PNG 652 Bytes<br />
[+] res/drawable-xhdpi-v4/abc_ic_star_black_48dp.png PNG 1578 Bytes<br />
[+] res/drawable-xhdpi-v4/abc_ic_star_half_black_16dp.png PNG 431 Bytes<br />
[+] res/drawable-xhdpi-v4/abc_ic_star_half_black_36dp.png PNG 421 Bytes<br />
[+] res/drawable-xhdpi-v4/abc_ic_star_half_black_48dp.png PNG 548 Bytes<br />
[+] res/drawable-xhdpi-v4/abc_list_divider_mtrl_alpha.9.png PNG 167 Bytes<br />
[+] res/drawable-xhdpi-v4/abc_list_focused_holo.9.png PNG 244 Bytes<br />
[+] res/drawable-xhdpi-v4/abc_list_longpressed_holo.9.png PNG 214 Bytes<br />
[+] res/drawable-xhdpi-v4/abc_list_pressed_holo_dark.9.png PNG 214 Bytes<br />
[+] res/drawable-xhdpi-v4/abc_list_pressed_holo_light.9.png PNG 214 Bytes Contract</div>
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.com0tag:blogger.com,1999:blog-5046096073918528715.post-39974023695939399432018-03-19T21:38:00.000-07:002018-03-20T05:26:08.132-07:00Judy - android auto-clicking adware samples<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<br />
Research: <a href="https://blog.checkpoint.com/2017/05/25/judy-malware-possibly-largest-malware-campaign-found-google-play/">Checkpoint. The Judy Malware: Possibly the largest malware campaign found on Google Play</a><br />
<br />
SHA256 - see 119 files below<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<a href="https://3.bp.blogspot.com/-8ydTfPz3e4w/WrCPUGt-nzI/AAAAAAACazk/S1NLj7mUUlwu8CgDNBgPHG7g1V4erJtAQCLcBGAs/s1600/icon.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" data-original-height="114" data-original-width="114" src="https://3.bp.blogspot.com/-8ydTfPz3e4w/WrCPUGt-nzI/AAAAAAACazk/S1NLj7mUUlwu8CgDNBgPHG7g1V4erJtAQCLcBGAs/s1600/icon.png" /></a><b>Download. Email me if you need the password </b><br />
<br />
<a href="https://www.dropbox.com/s/vdh41jw2c3udal5/Android-Judy-part1.zip?dl=0">Download part 1</a><br />
<a href="https://www.dropbox.com/s/61pqaygc54ijkca/Android-Judy-part2.zip?dl=0">Download part 2</a><br />
<a href="https://www.dropbox.com/s/maryrarcqeyfsrl/Android-Judy-part3.zip?dl=0">Download part 3</a><br />
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<br />
<b></b><br />
<a name='more'></a><br />
<b>Sha256 list</b><br />
a7e2030649cca0651730d4bea6f9c03200aaa3a0da56f112bf7c5691c172fcde<br />
a649293a9420afdd9c034f74bc501eef645af1ca940346a59d0fc7aef9028dc9<br />
407e92a8c83a1fc9797c7047a5084ffc3ca8616779bd7eb829c1a0210a731356<br />
3803ca279b007f10b9ca1eb5fa329bd87e5b40670805d57031971d7bd6d5fb77<br />
0aba0b966df39f8e0bf5f93955827ea223c1bda4c167232f9805958aa6e66ec0<br />
<br />
0f883861ce387f2e6336f68f040a6bb635fe8358b9eb6efe1398f887000a9351<br />
11dc1c54f1c0f08bbc335c22e43f1d27e6ed05261c98facffd0a1c084021caf4<br />
15d34a094515d7044194762650c0b0f77ec546025d555b09dd03c9e2d67532fd<br />
1a652e3d37e6d5a67efff547de111d161c396a5619136244d7f0846558037674<br />
1cd233cfedd87e15953138f82d78140ca4890161271542627e033f11225df181<br />
1db8c76ead84322407d4d112c8ab855f4b4ea414c6e7379fcd1ad03e56fa975c<br />
2117a776609b249436e448def0e6e0bfc5a6b3c176f101ff3f4411f4e2e14584<br />
28785f3acd5f3b75ce9b919cb0549b41e24cf38f729b60f720d989f83406bcc0<br />
37ae2e88dee816d7ed4036dced7b404c98d321de89faaedbbabd00fadfde65fa<br />
3e96f9ff46708e5a70977dfbcfb5e90d3c5b1b6caeee36303c179b724c708be5<br />
4d1503ef789d31047d39efe28e7abae3104e0b7d0ded9bf899fd92f814246718<br />
5e086c84836ed931dd2650f29f27e8b43eaef67bf29b63d0c508fee04e4c339d<br />
5fc2853fc986b1d6c41a99238ada777c188a1f204720760441f577a19d9030b6<br />
71196796b8cc06d1fe563b18d94043905db92bf87309bc2690522198a7795203<br />
744b6d454f70524b0962843551fb05bed8926fcb7e59e19b23fe63cdaf39b78f<br />
79f43d95e7b90b21b6d00ed942327493c54d492103dcb815979d73593c14d14d<br />
92965cb6e0ea88db6603f485dfdfe454ace7e23beda8e598f60b42179e12a926<br />
97b82001836238d74505b83dac900029338ecc66008827ec62de18f6912e0007<br />
99fb35fdcce4f4834780e29196df6e7d27cfa5d5a2d03ea16a4aae6aaec3541c<br />
9c6ca77794bdd03a9ba76cbe8418a83c50261063b47fbd2d51e7c777f74492f1<br />
9e8b51a18c0032fbb2ff84056dc353cafb03335253cf3864735f2b6231f9bcf9<br />
b1629184416c15e00b446a533b552901a871ef923427042f6aa7f5509579c1a8<br />
b8f3493cb2f37d7dca678e675edca280aac388baad8407b596202b2cdfb7d0f2<br />
c2217f8324394c28b49a34f5012e59a6bd2f98c2d036678692c0d12c418ff593<br />
c23cccc0e5b92c0a0971e6e93ee0652e4cc49996d08f9a389090a43620b2d529<br />
d4d5ad8e8457b006c624f1163cd9a6839ff033ee05722eb2fa4693f6ea20ce1b<br />
dcc4d9a47b9a09c705aed50062f99d0a498e62f10a7e615f9c541383bae72515<br />
e2950cee820ee6fe3d879c0d3dfa43fa803475056e09f27f351713bb1630412b<br />
e992e87b56b088a5d3a594388eada8c2573c974c85412bbf863e45027156fe0a<br />
f3cca64c3c38307c013758a764e1001065dbd1a75e0b3b36f4997556740c1303<br />
faedac8eb47265709f58cc6c91e939d149512fbf81f5eddd618dd9a9351d4e8f<br />
4517d503c3d86e3fd25a929c7af705ed729981b900cd96603a36bb1e20abee3f<br />
4c5f2897403fc3e4d2e0028e9becfece17b2613c8a0ec6b84c56ac2bf6baf0b4<br />
d08dd9fd31862fad3e2a19333f74e9bc8dbc5eac0714f3a32c575329c82e3e4b<br />
459e5fdef42d7007524d1ff2856ea5f218303c88d1cd83d00d38f5cf9645ba0f<br />
5258f84d9f8cc4c1dc018e0ea4fbc8a56c1ec49eb934347b76f8d7bbe91f29cc<br />
040e6d65749ab02446bbd012419cb6e00427201b261128df313daa87cea64abb<br />
d5640bb77ed417bbfcd9e409b8653cac29eb78b0f86981fe4662893fd7b4be7c<br />
32262e708e0467f91bbb86ee3c5955a04b942be4fb5561ea1d92332adc0cb79c<br />
210f88eeb00fd3437cbb6de8da01ed6a027bcd5a4cd8865760baf65d4083f252<br />
4d307d5e2783131eae8c8fba619054cdbe683c5cb6cc3401bf04b08d5b68e036<br />
d08f63456fdd97e3b025bd9d0f41a2369fccc8303f3011d86aadde3d38a7caf8<br />
a52a11928075e12de58794e05fd8d6ecafe49358f74b0734d2f1bb214125493f<br />
a6e2e92d02572698b83f083d6b2c9d22073659644b91ca825b5c95cb3a3b892f<br />
90b1ab2cce2cccd1a65b8242c39f778f723adf632122e26a0c10a970cffc73c3<br />
dbb976d4880010e2d267cccda6d3ed745c35ce1c3310d65fe4cc5dab830fe03b<br />
e9c22cfee3b9161c8677fc5f3e4808af845a7251c340ae226057d070551902e1<br />
7968d34cd539d7e947315da9f39f42ccbfb782498a7362346ce83d5e9cacd374<br />
dca641a91aa5600752c2d8f6cd8b751e655e714cd6ea0c8b247cf23bb9e671de<br />
c70f268d549be552832722824c8150b62e0c9f32e08d11442a2c061a97bda131<br />
b6e745d2f947ce521b425047739ecf206be862f5b8cef6118024084996c1ff38<br />
79c574c4a628b8be8f29fd41f76007e303bbf02d609d1e3a62ca6c2ae7083e1d<br />
564fe11fad80ef31ef067f02904d8db8afe636160fb00803537b275eea15bb67<br />
35888a5fc383316c7ad504bf49653d18965aec49eb7cb8dcf2c27a52d4b0e292<br />
f6628943a994b3a654cc2c04dce979a772c312d30cc9b57e7e87ebe355d88d47<br />
2d78f8bc7a3fcf3f45efe96ca136e33ec74678da80d716e3c2c0c5e9fe61219f<br />
24c96ae798113b454b352e672fd3188361edeecde0bdd78ec69abbfe2510c543<br />
c350a7a3d3c9d142fa0f2f7ef7e8a0aeeb937ba684e2c4a14b363b4e3fb2dc44<br />
406469b7d7c061a14dd3ee959d27ff2de7609ffee27556614f9ada55c9b4c105<br />
887da9c7e2a2c5a86f531e8bb3a0a10d77829c6321ba26ab89398212e0516517<br />
82b0441b97597cee80dcdf373bc77f7dd0ea51aca8268135baf31aef83ede4a9<br />
42f03ce06e47ee7562707b666e3780fc260b211bf4b23021761f54598d731fff<br />
4293c15a61b194cbf98c2cbb413e514931ada1a3b241a34e4cfda1b30c191c8a<br />
37a7e7b390014fa314533cff462e733d2491ef50c18834e06ce8df0a2e7cf354<br />
42e2f82baa67172643a0e285eaddc61e0190bee98cb6d11dfa6dc93ad4780d29<br />
d5c0911a90ce75378065af7790ae94a49462b55c57ae71f49b3d1b3ec4a46bed<br />
3974f21d025ff41edc5161b6b115a389509a607a51d47867d7f4bd8eb16a0506<br />
45f3fbc9dea31761d3b0a7ceae28e1858495f5e0f2dd5fef3c1ab9954f2cbc5d<br />
48b36f59091697e8053ec2b7a1b7e1d8ae41a1cd8fe0ebb30ef4cb32aa64cdd6<br />
496445f3b2966b01edfd40458d27e6ecb85737aa035552958d83188069fc6533<br />
3fa06d06ae072af0877bb8f52ff80d26e74153d1cd1b96b0bc0a428491af59d8<br />
30b201ac258b70b9facd77f565c6704c8b99cee000afd2877ac88ffb8e424094<br />
1fad3833e49aee029fad5089deb28301fbf8640fa97fa58452716bdab4f8c610<br />
cd68e747b5f0c143ee006dbd4e545bd80540cfac03290d46416acb756ba2d986<br />
c9aaefb6b3fb1c03b3a41afccc37561537146eefb51f7d498fbdad55bf2a8ff1<br />
d180f55c5f9f8b6557d485ae8d09a31a52a6f827e8b41551fea9d07ff6b17739<br />
6a26e97cf849e8631e2f6cf92f1c8839755a213cdd2b6ee500b640e38d73fc5c<br />
434382ae159c0080dbd7dbb8c20a1ad842ab127c3f09f58bf6ef5547497dbca7<br />
a76633d89e8dd4833c12be91175ee4af5744e9a4edc873a1349dd5be39bbac2d<br />
83d97489848532aaad58df7d74a5ffc36ae0aad89196be99c4d6b0dcb350ed1a<br />
bd45a96672a5dbd35a99ee3c9e12bacb99715771c59dc7071a0eaa1fcbdb379f<br />
f9f1fbe3b68c1c465c781c33dd7b155f491444cdfa337b7f472bc03b86878361<br />
b7121de02f2a5fe031988382ccad0a277f50fac7e27c006f1ca15e91973f6a78<br />
39d54257f158b9b47f6d82e9e6f2427cfa4b629f355623930fa0627f59409ca3<br />
501e81f133aedd99a8499182b5823efbbc3d5865f83c4c1de4fdbfa085924fc6<br />
adca05fded0f8203fb79a3aaf7d33b6dbf80936f32c676f8f8bfef55103f6d6c<br />
3c8caaee546077f1f477caa4492dd136c4c7b1884903a2065406b39877617689<br />
f94022043e53ae7f89294a572fb66fe11ede2327547e5bcfdbec776e96fbef89<br />
0cd304c9ff806002d9a763e0351e37e81493e723166e471c6bb8ff2acde29f43<br />
4e62e6a4193ab91ce6630307fb62dd5d021251d206f09138aef4cb028b5aa0c8<br />
adfc6449c4b7035b0a22d92d21dbdffde70b1eda0bf04b755a84ec47bc3965b7<br />
fe571038b3457bc79669b5ade54223a03ab8bc85380f18f162f8df2ba83d08b2<br />
fcbcfb6b2c31062008f7ec5efd363b532295790aa2c22220dfb21ab1e1db32f7<br />
5600a01296c01d0059bc2db6eccf7b0079fdfb094cd8b1065d261f7a67e51b78<br />
1f3a6a5e2a56ec8ad1afe22b5909e052b6085084b0a97076cf0697b9f854459b<br />
5bf386540b73f41b76e68058f410094a7721d4cb1012cbeff0a49d96907a2c8f<br />
f60eea8b71c6d95488b1a7ae93524471b7f8d5eeb7f14431be42d1956cd3338c<br />
205ec303d5c7b2377ebef257cbfc0f21c8066e6b789f4cdf5eb3a97021586d5d<br />
841a1950bea9acad0a6871026fb8e003b7eeecd3a8b73f2ca1e51aaec814fb2d<br />
9488ea858098e67f7a70afca4c0aeb68e165f3db5fe1431bfd14cdd943620899<br />
ce890aa7ff83d3b05ccb2b4cfc411d73fad7552d616d5ed950bb53072a7a4e62<br />
1a8814ab87718639dd6603795b0155132e4b60117a9b310c1b85a548116ff446<br />
51b650cb4160bf78637acc6b22c0996bbe1068688f20994bb8a9c7e1c4462a37<br />
037bbd9f907338e0db3872a8ea5ba79b900368790b92885ddd8a350cc2b275a9<br />
be7759dcb501880c63b45c61578dfd67d4014589581f2f43d1666ba38c1e63dd<br />
92a72f36c1fce30fcf1b14e14ba868c4848b9f78d68c33ff8033f32f5f5f96fc<br />
bcc39545c42276594a78c517e452befc5438ec93c92abc568c426677da0c684a<br />
0b07e6dc9b5855833630bf45533320c8a2a8fdd685e9f3e0ebe62d502a391980<br />
4ded00a4d12c4a045b681823182274a93b706b3c72f9905716b94cf03e954d02<br />
ad56d33051d3ed4068c95e2033a3630504f3feb8bf96d3424785e697e57c0eb5<br />
959b8403e989cd0a6d994906a09d9d210914c46d9ee10c8ee03c1fc2c6657e06<br />
26f4ff8969543cac41b0c9a63c15f90fd4697a1f110a8df90c5f1fd9d1860d0e<br />
0efd2d97dbe61bd9b5951180ae8979c01ef2e3bd0184dcdf850e11781531e5a4<br />
15e5bf87fe854b3a1ecf0e8446cd39ceda429d6b6e7d78f2f78fbfea7eb5959c<br />
<br />
<b>Sandbox information:</b><br />
com.adobe.air.DownloadConfigComplete<br />
com.motorola.intent.action.externaldisplaystate<br />
com.motorola.intent.action.EXTDISP_STATUS_CONNECTION<br />
com.motorola.intent.action.EXTDISP_STATUS_DISPLAY<br />
com.motorola.intent.action.EXTDISP_STATUS_RESOLUTION<br />
Opened files<br />
assets/META-INF/AIR/application.xml<br />
assets/META-INF/AIR<br />
assets/META-INF<br />
assets<br />
assets/adobeair.vch<br />
assets/META-INF/AIR/extensions/com.eni.TnkANE/META-INF/ANE/extension.xml<br />
assets/META-INF/AIR/extensions/com.eni.TnkANE/META-INF/ANE<br />
assets/META-INF/AIR/extensions/com.eni.TnkANE/META-INF<br />
assets/META-INF/AIR/extensions/com.eni.TnkANE<br />
assets/META-INF/AIR/extensions<br />
assets/META-INF/AIR/extensions/com.eni.TnkANE/catalog.xml<br />
assets/META-INF/AIR/extensions/com.eni.TnkANE/library.swf<br />
assets/META-INF/AIR/extensions/com.eni.TnkANE/META-INF/ANE/Android-ARM/library.swf<br />
assets/META-INF/AIR/extensions/com.eni.TnkANE/META-INF/ANE/Android-ARM<br />
assets/META-INF/AIR/extensions/com.igaworks.air.extension/catalog.xml<br />
assets/META-INF/AIR/extensions/com.igaworks.air.extension<br />
assets/META-INF/AIR/extensions/com.igaworks.air.extension/library.swf<br />
assets/META-INF/AIR/extensions/com.igaworks.air.extension/META-INF/ANE/Android-ARM/android_platform.xml<br />
assets/META-INF/AIR/extensions/com.igaworks.air.extension/META-INF/ANE/Android-ARM<br />
assets/META-INF/AIR/extensions/com.igaworks.air.extension/META-INF/ANE<br />
assets/META-INF/AIR/extensions/com.igaworks.air.extension/META-INF<br />
assets/META-INF/AIR/extensions/com.igaworks.air.extension/META-INF/ANE/Android-ARM/library.swf<br />
assets/META-INF/AIR/extensions/com.igaworks.air.extension/META-INF/ANE/Android-ARM/platform.xml<br />
assets/META-INF/AIR/extensions/com.igaworks.air.extension/META-INF/ANE/Android-ARM/platform.xml.bak<br />
assets/META-INF/AIR/extensions/com.igaworks.air.extension/META-INF/ANE/extension.xml<br />
assets/META-INF/AIR/extensions/com.freshplanet.AirAlert/META-INF/ANE/extension.xml<br />
assets/META-INF/AIR/extensions/com.freshplanet.AirAlert/META-INF/ANE<br />
assets/META-INF/AIR/extensions/com.freshplanet.AirAlert/META-INF<br />
assets/META-INF/AIR/extensions/com.freshplanet.AirAlert<br />
assets/META-INF/AIR/extensions/com.freshplanet.AirAlert/catalog.xml<br />
assets/META-INF/AIR/extensions/com.freshplanet.AirAlert/library.swf<br />
assets/META-INF/AIR/extensions/com.freshplanet.AirAlert/META-INF/ANE/Android-ARM/library.swf<br />
assets/META-INF/AIR/extensions/com.freshplanet.AirAlert/META-INF/ANE/Android-ARM<br />
assets/META-INF/AIR/extensions/NAS.AIR/META-INF/ANE/extension.xml<br />
assets/META-INF/AIR/extensions/NAS.AIR/META-INF/ANE<br />
assets/META-INF/AIR/extensions/NAS.AIR/META-INF<br />
assets/META-INF/AIR/extensions/NAS.AIR<br />
assets/META-INF/AIR/extensions/NAS.AIR/catalog.xml<br />
assets/META-INF/AIR/extensions/NAS.AIR/library.swf<br />
assets/META-INF/AIR/extensions/NAS.AIR/META-INF/ANE/Android-ARM/library.swf<br />
assets/META-INF/AIR/extensions/NAS.AIR/META-INF/ANE/Android-ARM<br />
assets/META-INF/AIR/extensions/com.eni.ContactMgr/META-INF/ANE/extension.xml<br />
assets/META-INF/AIR/extensions/com.eni.ContactMgr/META-INF/ANE<br />
assets/META-INF/AIR/extensions/com.eni.ContactMgr/META-INF<br />
assets/META-INF/AIR/extensions/com.eni.ContactMgr<br />
assets/META-INF/AIR/extensions/com.eni.ContactMgr/catalog.xml<br />
assets/META-INF/AIR/extensions/com.eni.ContactMgr/library.swf<br />
assets/META-INF/AIR/extensions/com.eni.ContactMgr/META-INF/ANE/Android-ARM/library.swf<br />
assets/META-INF/AIR/extensions/com.eni.ContactMgr/META-INF/ANE/Android-ARM<br />
assets/META-INF/AIR/extensions/org.goa.ane.DeviceIDExtension/META-INF/ANE/extension.xml<br />
assets/META-INF/AIR/extensions/org.goa.ane.DeviceIDExtension/META-INF/ANE<br />
assets/META-INF/AIR/extensions/org.goa.ane.DeviceIDExtension/META-INF<br />
assets/META-INF/AIR/extensions/org.goa.ane.DeviceIDExtension<br />
assets/META-INF/AIR/extensions/org.goa.ane.DeviceIDExtension/catalog.xml<br />
assets/META-INF/AIR/extensions/org.goa.ane.DeviceIDExtension/library.swf<br />
assets/META-INF/AIR/extensions/org.goa.ane.DeviceIDExtension/META-INF/ANE/Android-ARM/library.swf<br />
assets/META-INF/AIR/extensions/org.goa.ane.DeviceIDExtension/META-INF/ANE/Android-ARM<br />
assets/META-INF/AIR/extensions/com.pozirk.AndroidInAppPurchase/META-INF/ANE/extension.xml<br />
assets/META-INF/AIR/extensions/com.pozirk.AndroidInAppPurchase/META-INF/ANE<br />
assets/META-INF/AIR/extensions/com.pozirk.AndroidInAppPurchase/META-INF<br />
assets/META-INF/AIR/extensions/com.pozirk.AndroidInAppPurchase<br />
assets/META-INF/AIR/extensions/com.pozirk.AndroidInAppPurchase/catalog.xml<br />
assets/META-INF/AIR/extensions/com.pozirk.AndroidInAppPurchase/library.swf<br />
assets/META-INF/AIR/extensions/com.pozirk.AndroidInAppPurchase/META-INF/ANE/Android-ARM/library.swf<br />
assets/META-INF/AIR/extensions/com.pozirk.AndroidInAppPurchase/META-INF/ANE/Android-ARM<br />
assets/META-INF/AIR/extensions/so.cuo.platform.admob/META-INF/ANE/extension.xml<br />
assets/META-INF/AIR/extensions/so.cuo.platform.admob/META-INF/ANE<br />
assets/META-INF/AIR/extensions/so.cuo.platform.admob/META-INF<br />
assets/META-INF/AIR/extensions/so.cuo.platform.admob<br />
assets/META-INF/AIR/extensions/so.cuo.platform.admob/catalog.xml<br />
assets/META-INF/AIR/extensions/so.cuo.platform.admob/docs/packages.dita<br />
assets/META-INF/AIR/extensions/so.cuo.platform.admob/docs<br />
assets/META-INF/AIR/extensions/so.cuo.platform.admob/docs/so.cuo.platform.admob.xml<br />
assets/META-INF/AIR/extensions/so.cuo.platform.admob/library.swf<br />
assets/META-INF/AIR/extensions/so.cuo.platform.admob/META-INF/ANE/Android-ARM/android-support-v4.jar<br />
assets/META-INF/AIR/extensions/so.cuo.platform.admob/META-INF/ANE/Android-ARM<br />
assets/META-INF/AIR/extensions/so.cuo.platform.admob/META-INF/ANE/Android-ARM/firebase-analytics-impl.jar<br />
assets/META-INF/AIR/extensions/so.cuo.platform.admob/META-INF/ANE/Android-ARM/library.swf<br />
assets/META-INF/AIR/extensions/so.cuo.platform.admob/META-INF/ANE/Android-ARM/platform.xml<br />
assets/META-INF/AIR/extensions/so.cuo.platform.admob/META-INF/ANE/Android-ARM/play-service-basement.jar<br />
assets/META-INF/AIR/extensions/so.cuo.platform.admob/META-INF/ANE/Android-ARM/play-services-ads-lite.jar<br />
assets/META-INF/AIR/extensions/so.cuo.platform.admob/META-INF/ANE/Android-ARM/play-services-ads.jar<br />
assets/META-INF/AIR/extensions/com.freshplanet.ane.AirDeviceId/META-INF/ANE/extension.xml<br />
assets/META-INF/AIR/extensions/com.freshplanet.ane.AirDeviceId/META-INF/ANE<br />
assets/META-INF/AIR/extensions/com.freshplanet.ane.AirDeviceId/META-INF<br />
assets/META-INF/AIR/extensions/com.freshplanet.ane.AirDeviceId<br />
assets/META-INF/AIR/extensions/com.freshplanet.ane.AirDeviceId/catalog.xml<br />
assets/META-INF/AIR/extensions/com.freshplanet.ane.AirDeviceId/library.swf<br />
assets/META-INF/AIR/extensions/com.freshplanet.ane.AirDeviceId/META-INF/ANE/Android-ARM/library.swf<br />
assets/META-INF/AIR/extensions/com.freshplanet.ane.AirDeviceId/META-INF/ANE/Android-ARM<br />
assets/META-INF/AIR/extensions/com.freshplanet.ane.AirDeviceId/META-INF/ANE/Android-ARM/platform.xml<br />
assets/ChefJudy.swf<br />
assets/icons/icon_114.png<br />
assets/icons<br />
assets/icons/icon_144.png<br />
assets/icons/icon_48.png<br />
assets/icons/icon_512.png<br />
assets/icons/icon_57.png<br />
assets/icons/icon_72.png<br />
assets/icons_ios/ChefJudy1024.png<br />
assets/icons_ios<br />
assets/icons_ios/ChefJudy114.png<br />
assets/icons_ios/ChefJudy120.png<br />
assets/icons_ios/ChefJudy144.png<br />
assets/icons_ios/ChefJudy152.png<br />
assets/icons_ios/ChefJudy48.png<br />
assets/icons_ios/ChefJudy512.png<br />
assets/icons_ios/ChefJudy57.png<br />
assets/icons_ios/ChefJudy72.png<br />
assets/icons_ios/ChefJudy76.png<br />
assets/icons_ios/ChefJudy96.png<br />
assets/igaworks/adpopcorn/res/adpopcorn_loading.png<br />
assets/igaworks/adpopcorn/res<br />
assets/igaworks/adpopcorn<br />
assets/igaworks<br />
assets/igaworks/adpopcorn/res/btn_close.png<br />
assets/igaworks/adpopcorn/res/ic_back.png<br />
assets/igaworks/adpopcorn/res/ic_bottom_faq.png<br />
assets/igaworks/adpopcorn/res/ic_bottom_lock.png<br />
assets/igaworks/adpopcorn/res/ic_bottom_logo.png<br />
assets/igaworks/adpopcorn/res/ic_bottom_mail.png<br />
assets/igaworks/adpopcorn/res/ic_bottom_powered.png<br />
assets/igaworks/adpopcorn/res/ic_close.png<br />
assets/igaworks/adpopcorn/res/ic_close_video.png<br />
assets/igaworks/adpopcorn/res/ic_download.png<br />
assets/igaworks/adpopcorn/res/ic_hot.png<br />
assets/igaworks/adpopcorn/res/ic_info.png<br />
assets/igaworks/adpopcorn/res/ic_list.png<br />
assets/igaworks/adpopcorn/res/ic_message.png<br />
assets/igaworks/adpopcorn/res/ic_more.png<br />
assets/igaworks/adpopcorn/res/ic_more_01.png<br />
assets/igaworks/adpopcorn/res/ic_more_02.png<br />
assets/igaworks/adpopcorn/res/ic_more_03.png<br />
assets/igaworks/adpopcorn/res/ic_more_04.png<br />
assets/igaworks/adpopcorn/res/ic_more_05.png<br />
assets/igaworks/adpopcorn/res/ic_more_offerwall.png<br />
assets/igaworks/adpopcorn/res/ic_n.png<br />
assets/igaworks/adpopcorn/res/ic_new.png<br />
assets/igaworks/adpopcorn/res/ic_play.png<br />
assets/igaworks/adpopcorn/res/ic_point.png<br />
assets/igaworks/adpopcorn/res/ic_premium_non_payment.png<br />
assets/igaworks/adpopcorn/res/ic_premium_payment_01.png<br />
assets/igaworks/adpopcorn/res/ic_premium_payment_02.png<br />
assets/igaworks/adpopcorn/res/ic_replay.png<br />
assets/igaworks/adpopcorn/res/ic_second.png<br />
assets/igaworks/adpopcorn/res/ic_share.png<br />
assets/igaworks/adpopcorn/res/img_slash_black.png<br />
assets/igaworks/adpopcorn/res/img_star_full.png<br />
assets/igaworks/adpopcorn/res/img_star_transparent.png<br />
assets/igaworks/adpopcorn/res/logo_adpopcorn_video.png<br />
assets/igaworks/liveops/res/btn_long_normal.png<br />
assets/igaworks/liveops/res<br />
assets/igaworks/liveops<br />
assets/igaworks/liveops/res/btn_long_pressed.png<br />
assets/igaworks/liveops/res/ic_arrow_left_disabled.png<br />
assets/igaworks/liveops/res/ic_arrow_left_normal.png<br />
assets/igaworks/liveops/res/ic_arrow_right_disabled.png<br />
assets/igaworks/liveops/res/ic_arrow_right_normal.png<br />
assets/igaworks/liveops/res/ic_check_normal.png<br />
assets/igaworks/liveops/res/ic_check_pressed.png<br />
assets/igaworks/pluslock/res/bg_360x640.png<br />
assets/igaworks/pluslock/res<br />
assets/igaworks/pluslock<br />
assets/igaworks/pluslock/res/bg_progressbar.png<br />
assets/igaworks/pluslock/res/btn_switch_off.png<br />
assets/igaworks/pluslock/res/btn_switch_on.png<br />
assets/igaworks/pluslock/res/card_dropshadow.9.png<br />
assets/igaworks/pluslock/res/gauge_bar.png<br />
assets/igaworks/pluslock/res/gauge_bg.png<br />
assets/igaworks/pluslock/res/ic_close_video.png<br />
assets/igaworks/pluslock/res/ic_download.png<br />
assets/igaworks/pluslock/res/ic_more.png<br />
assets/igaworks/pluslock/res/ic_pluslock.png<br />
assets/igaworks/pluslock/res/ic_replay.png<br />
assets/igaworks/pluslock/res/icon_camera.png<br />
assets/igaworks/pluslock/res/icon_cardArrow.png<br />
assets/igaworks/pluslock/res/icon_download.png<br />
assets/igaworks/pluslock/res/icon_join.png<br />
assets/igaworks/pluslock/res/icon_link.png<br />
assets/igaworks/pluslock/res/icon_play.png<br />
assets/igaworks/pluslock/res/icon_pointBox.9.png<br />
assets/igaworks/pluslock/res/icon_pointBox_xxhdpi.9.png<br />
assets/igaworks/pluslock/res/icon_unlock.png<br />
assets/igaworks/pluslock/res/icon_unlock_guideicon.png<br />
assets/igaworks/pluslock/res/icon_unlock_on.png<br />
assets/igaworks/pluslock/res/img_pluslock_reward.png<br />
assets/igaworks/pluslock/res/img_pluslock_reward_gauge.png<br />
assets/igaworks/pluslock/res/img_star_full.png<br />
assets/igaworks/pluslock/res/img_star_transparent.png<br />
assets/igaworks/pluslock/res/lock_reward_bg.png<br />
assets/igaworks/pluslock/res/lockscreen_ic_close.png<br />
assets/igaworks/pluslock/res/logo_adpopcorn_video.png<br />
assets/igaworks/pluslock/res/offerwall_help_01.png<br />
assets/igaworks/pluslock/res/unlock_arrow.png<br />
/data/data/air.com.eni.ChefJudy062/cache/app/9561ed26-ddf7-4535-a704-14dc3c0ff989/assets/META-INF/AIR/application.xml<br />
/data/data/air.com.eni.ChefJudy062/cache/app/9561ed26-ddf7-4535-a704-14dc3c0ff989/assets/ChefJudy.swf<br />
/data/data/air.com.eni.ChefJudy062/cache/app/9561ed26-ddf7-4535-a704-14dc3c0ff989<br />
/data/data/air.com.eni.ChefJudy062/cache/app/9561ed26-ddf7-4535-a704-14dc3c0ff989/assets/META-INF/AIR<br />
/data/data/air.com.eni.ChefJudy062/cache/app/9561ed26-ddf7-4535-a704-14dc3c0ff989/assets<br />
APP_ASSETS/telemetry.cfg<br />
/data/data/air.com.eni.ChefJudy062/cache/app<br />
/data/data/air.com.eni.ChefJudy062/cache<br />
/mnt/sdcard<br />
Accessed files<br />
/data/data/air.com.eni.ChefJudy062/cache/app/9561ed26-ddf7-4535-a704-14dc3c0ff989<br />
/data/data/air.com.eni.ChefJudy062/cache/app/9561ed26-ddf7-4535-a704-14dc3c0ff989/assets/META-INF/AIR/application.xml<br />
/data/data/air.com.eni.ChefJudy062/cache/app/9561ed26-ddf7-4535-a704-14dc3c0ff989/assets/ChefJudy.swf<br />
Accessed URIs<br />
android.resource://air.com.eni.ChefJudy062/raw/mms_cfg</div>
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.com0tag:blogger.com,1999:blog-5046096073918528715.post-19629001498626794262018-03-19T20:08:00.000-07:002018-03-27T22:34:05.258-07:00Red Drop - Android blackmailing spyware samples<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: inherit;"><br /></span>
<br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">Research: <a href="https://www.wandera.com/blog/reddrop-malware/">Wandera: RedDrop: the blackmailing mobile malware family lurking in app stores </a></span><br />
<br />
<span style="font-family: inherit;">Sha256 - see the list of 267 samples below</span><br />
<span style="font-family: inherit;"><b><br /></b></span>
<span style="font-family: inherit;"><b>Malware source URLs</b></span><br />
<br />
hxxp://sdjflsdflsdshfds.medailo.cn/mvy/32085.apk<br />
hxxp://sdjflsdflsdshfds.ninshuohua.cn/mvy/32085.apk<br />
hxxp://sdjflsdflsdshfds.hbzs88.cn/mvy/34021.apk<br />
hxxp://spert.huxiawang.cn/mvy/34021.apk<br />
hxxp://sdjflsdflsdshfds.qoshi.cn/mvy/34021.apk<br />
hxxp://ospert.huxiawang.cn/mvy/34021.apk<br />
<a href="https://1.bp.blogspot.com/-eVaEY_HlHLc/WrBwkPOyjAI/AAAAAAACay8/iCgmg264Dxc_6Yl8YwUCmKh4rY5SfZVPgCLcBGAs/s1600/reddrop.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" data-original-height="155" data-original-width="120" src="https://1.bp.blogspot.com/-eVaEY_HlHLc/WrBwkPOyjAI/AAAAAAACay8/iCgmg264Dxc_6Yl8YwUCmKh4rY5SfZVPgCLcBGAs/s1600/reddrop.png" /></a><br />
<br />
<a href="http://contagiomobile.deependresearch.org/reddrop_android_samp.zip">Download. Email me if you need the password</a><br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<a name='more'></a>SHA256 list<br />
<br />
009171beead7c3aab73b5a2fe6512cee4fcca3ae6c4516d68cd62c8d4f09b266<br />
028292ec44d53b3d0c57bc024c33b069823e5bfe1f228943b548b0c823445ba7<br />
03bf40f154460e245fd242c2f297170eafd1417c1de0f9ac8356d29f8855fe54<br />
0424a3ea557793c2f44b4d39c2efef8a2d13ae744ed540b78a815af3f3efcb9a<br />
04c171a159b28a456d6b85f5938dfae29e9e3bbd9781beaec6fb182006dfdaa2<br />
05f4da1e218af084bec6a16fedca1872ef71bfd61bb119bc03598a0833ed5574<br />
06f0105682a3d1dd21e02d6c3cabe954b0bf1cc78388c62e08a06e26bf5faf29<br />
0b41181a6b9c85b8fa5c8e8c836ac24dd6e738a0d843f0b81b46ffe41b925818<br />
0b8bae30da84fb181a9ac2b1dbf77eddc5728fab8dc5db44c11069fef1821ae6<br />
0c05e5035951e260725d15392c8792a4941f92f868558e8b90b52977d832a70d<br />
0c291277fafd145527ca42f234a24c9f42de8161bd823c3e064d2d7a7ca1e784<br />
0c40fb505fb96ca9aed220f48a3c6c22318d889efa62bc7aaeee98f3a740afab<br />
0dbfd8dfd0e0529735a2983de28314b7f524196ebf92c071a22c59c25aba9e6d<br />
0ec03f322efe0a85fc42e6d623d0544c102b546749e49d25c23b27977f10b339<br />
108bba347f9286f2331f3eb09b4c63acc6b29e2ab4c4c02adba294ce17e57197<br />
10cc4afb46c7abf1cb122ec1332091b6de4180d5a8eb6fd7df354a013dbffa08<br />
13b429f269cb6521af559ce2ea9a45857c49925d61eb2e9ce417a73724b93eb3<br />
140f9ab00487824a532056c8d4dd0c803957e1526c88a7a6e65fbd5ae21c7418<br />
14d0c4538e1e7c70ee4194b75323532a8fbcaffe677fc1fa053deacc14a0fc7e<br />
166b398c36aa8626d6d3b12d4d023282d2d631d7b28cf56bf787c369c1cbec0b<br />
173633578b197ff0c0295d501e0de7aba3f109c201c76ecb27990374ac94e684<br />
18028a5210a3fad7ce62e31696510922b00261b31aaed38ab3b973bc46f905cf<br />
182312fac609e9e30d6201b51a1ba7cec246496fecc1bd66c6fed0b79325f799<br />
19fe13280d12e37dd880d029afb5d40480f31eb5d633032df42d45074d80fafd<br />
1a0561babd2028ba318f64896fd051e778fb530120cd8fd79d2a78ebd1e1f591<br />
1a1f80c408debb808afbbd452e89beb1036a2910e7d8ae86a39257bcd277fe46<br />
1a9adc2617b683b99e8be9540af3c7a984626b014828822929573116166f180a<br />
1bd7b95304aff6581f2a4866887245ab4fdbf65bd498769f5f4ffa8cb59aa1b7<br />
1d7d9631b831270526dd519b680663963da1c234bfd1b84e3c71e4fe2e702834<br />
20a1004e9da3feaac248638427ba8bb6079175b0e987f42efeef704fd2a06cfd<br />
20e385a36968f19afe7e0365494a59573b097545b717b43016dd2ef8ae603fdd<br />
217bc0b73cce325587f3f0134f0d3e9d25c87776b1aac71cceb72d25cfb46628<br />
22f3d68dbb0c9931486934042484bb036851586fa42296526ba5a30d8e38780e<br />
238b22eea28874fba084f9177dcf53c07e0788184e6b740319a059d7c648039b<br />
23e79cf859614ea981229ee1278de8b2a0343b68dcdfad781315a866e28c1a67<br />
25f247fa05bcd52574ec0462552d309703c97e6770b4ccd8ce7ba8b18a3be8b9<br />
26b587e01e06eaa2fcac5795da8ca483c06ddef6a11a3d41aea4445e6774297d<br />
27425908220ea265f7401b45cbe30e716b59badd817581ce590764c37e3d62e4<br />
27d4e398d2a73f7d8ed6b92e7b767d7ffbca6f6ccbf705834800f062a32743e7<br />
27f56777328c322b484af8fb1d24f0ca7722543461467b9fc4e5e82bd041628c<br />
2854dd33ddf715f681664a1b82ee09280d5cc3d9e502cac2d412af6ff947f43d<br />
2986ccb87f5a255baec06483d24d63edcb605f650527382ac7f61d01f0cd2ceb<br />
2ac2fc0f3f058843a0a450fdc7eb10feca97c4140295a87288e6c64ed304d982<br />
2b1e078fab2da06285415a3798b918a1b130d14dc954b68dee7c0d63ba9776ea<br />
2b71331180a1880473eb3492c0a5df0a7cd9d168f36f6c2209b104d6e201cf3d<br />
2bbbf9bc73333ebe506ef860af33198e3e8e4470b4f7980919f383108a4ac65a<br />
2bfeaf282a199d542f0036c92c510e78bfb83eb087606cde8ca5dd9d5bca9e87<br />
2cfc58e2e5f8f9365b323bd23f55aa764d5168d67a0e1eb0b24e86fcbe28bdb0<br />
2d7e81b9882bd4fee52031380880b68b43aa3f9659cb981c2648fceb535d1c50<br />
2ed08586fd4acefccfdc192932b3105d34fe59fefa0926e4fd05db3354368e37<br />
30b073832389b9c47aa3cb38826c64f96f8f3352bbd8277146cfeecfb933b81a<br />
30b860e276906daee3ea163bfe87209a4d261fb620a4881bb30f50e02b626975<br />
30f9643107e03805fbeed9f53769b1e09b0e6f2968b1c2df47ade2a882405375<br />
3134d4657802a9856fbcd7e1e505075cee55793a82628560dc47af289c7ee6dd<br />
3238e263f8a3047e5a2e0d4fce353aaebdc9e4c5deaa586c41729e1c6f8f9d8a<br />
340a78595881a1d001758ec7794aeed6c687d2584b4762ef35f08fafb53fecab<br />
3456c6ca29e307b65c3b8753737ed7d31a0057af4e215790eb8cc4e7a43efb28<br />
35b118ff5b72a27836a68237fdfc009b70fa393d04a0bc605fe8db771269bb33<br />
35cadfc3c5a773b6b04db108a2c5f09fe36a8be07522c71c49ee985e017893b6<br />
3762f66450c6946fc22d62159099eedbd3874a54dae5ce4785b14e643a413276<br />
395175c24138ba1bab57a21aa574ab0c40b027f512b2ff4251af59d24a17e754<br />
3985d03bd8c54b7b719438abad65ee7f3756a27d6a1845bd9055dc0e32caf127<br />
3aad96aa70707ea41a549fd4225d4b907d9c22a90eee80fa67d2f2f528643673<br />
3ba62d1e78f98ba81f64c42d95b79af251450b02fb1182ad0d9e5b6582cf36d9<br />
3c000bb2e8f175f760623b9de1385ae041657ad5735b7155f0e7c948936f34d0<br />
3d0ede2a0c029a83a3edc35ea6cdc006fee3a19f7990bf8c8c70b9c2499a1a07<br />
3eddb91fac53961a1b1f6026ac71fcf1fd99c5524a8dbc496adf0e02aa53cc78<br />
3ef7b30ef39880782c09bd510a9c56adc6d59443cb4e451227d4792036f342a2<br />
3f83389e5379286c7d4d852f6a52b68409a339d6b57048de0f72c77335445c5e<br />
4175d8b58d480de1389a96192816a2deaadcf9d149bc6f547b3e81aee748967e<br />
42f3cb8a1dec8d1e438fed9d7761c171871a001e43eaf0280dab1dc1ea014067<br />
435b7011c40c590036a2489837e416e4dec61250ce684796d8b4d2296bd78191<br />
43d84f06e7df573f5fda5caac37adbaa2282bfc5e07a82d3d92b7946ae95f280<br />
4414fd4d8d1492d0176fefbaf260974fd3010fc31c062819030c7839ba766c74<br />
44b2a2b072722f47074b81822206944c7094eb3a39072bdc68358fb8b7927c47<br />
44dbe90ab53f8a057ce946bf8dc4a59a663d2f4a0611ea52136378070c8925c3<br />
4538d3c25e81a19fcb75a5103bd4d0fb9012e543744f116f99b9ba18eb78cb1b<br />
454cda9fdf1d3e4cd6e37dea0a723e8177e019dc42b590fde268e57dee644858<br />
4602971067667b782a15739bf21f19f79772c3fc56843ac9e47c92fd68899dd0<br />
4901fe8dfb6a132f29c64ba6719bb493d1d52225866014115153a1535bf401dc<br />
4a0b4db606813fcc60fbcbb293fabd59cecc9b1d940272be635c5b784b4461a8<br />
4a5cc6453f180ef80e3c335743ecfc743b2dc9960f1de1136d2da789e6979663<br />
4a61578e3038202ebf45f17a65d2d35934e68d3acc20a92b860a08e3a46c8159<br />
4b17b6f1bb8094c23f5d09315b08ef7817d9601e552419898edd8c255d34aaf6<br />
4b26b785c03372067f9a13e8935f1e74603ee7a1c49066ce077cea4ab544dda6<br />
4b4d94824db3299949866aa07d98e7953dcae450b00e6bfce9b3771a8d00697a<br />
4c5c5661b6465963c8b99322d2a0b106b5703cd459c3e88c9611378e80064db9<br />
4d4d40acf9617c51a6878092203b6818549b896a76339dfd54e48c1bd3abcb80<br />
4e34126ecbbb3619d8cce729fefea1498a043efcaeef880eab42492c630c5e6d<br />
4e6a1879b7eb1218a5b9bef9bf59dddae826b475c6efd405d4743cbda282e27a<br />
504fd293383d8382ea80363c7a0ecdb6a7a481fdae83729cbb0f4f5ffc24a57e<br />
505ecb22ff936a2033e8dd6cccab64855f47b0b888e249e76cb429c8eee2bde9<br />
51ecfbe1a308d30260e918df31351ba9af3a33c8cc575ce0622088c72bfb640e<br />
54a7df5384c73c9c7a8510b8c4e901befda43d5be8b1cfa59503aced086b0cd1<br />
56e1fc223524b44b5a7249a0f860129a3a3c533feb6d14584c855e788ef878cb<br />
58055d7269bd2188141c3a70da31be373f781ea528ef84cf12f59b079f7c7ef2<br />
5cd80da0e24ffdbe4fbde4670d9d229cfc211dd2f1595385ce7f32768d3772dc<br />
5d93f61fc8db6404d2b4da580ca997397838d672205fcd292e590410c7acae2b<br />
5e351b65d2686733650c1d715c8ce09a6fe7c8683223a4999d6700f31d4c0d69<br />
60976c2e35907e9ac4af36c482472a9318321ee1d96b72c2559192a76a94f4ca<br />
60f5d2e979e361812dacc27759f666f8cc3670bf01248e8035973fa77cc33879<br />
636705b62b5eb1652181f364c34e72b54feab9150a8628db7de134b99645b716<br />
64b46366b3a04fb3dd289b3c85b08cc5e6e7d08a8765f6f7365c845daba8df30<br />
64f2b3da5a251c8083914e70d11ee022843762e5518cfff11069bbe8a1681d47<br />
6528038c1ab59db405dea5ed72b4e92d604936e00f2a5eb6f1acfa5908b4fc29<br />
6561d89ceafa96bff00a72a0a36e0a725c6464ea0eb0389b8f906731e3527fd3<br />
67ce51b2cc1874d885321e0f44208ff185f05b80ba116d90d69f76c9716643fe<br />
6997564afa130bc0ab4e2150c5f56b70727d62f91eb8c29ff05b7a4e405c91cf<br />
69d7ff52ae40661a45f836582c78fddb6df5bef46fe7542eedd9f8a07f57403f<br />
6ac80b7bd7e0aa37ee532d62c90110b859342827387a21e4480c8a3d959a237f<br />
6adfd7f9f5cbb10ee9531870c7296ba07774cc887bb22fa152160f02740faf10<br />
6b14324548e73f108712310e73124034a0fee0fd0070035d1da0dd5be2a0b64a<br />
6e54159ebbcdead2e57ef64c4b99b8093217f5f37922d87c7318bd749df455a5<br />
6e7fa785439452e284886ee6db9ec32d6624aeb23bf950fab3f238b602da8539<br />
6f2c6acd5d385bbc345beaa79c23876a9d53ffa2606d3bc28ad0ed1eb285d22f<br />
6fef7ea61b2a1fa513d20a0dd935b647e9c6587801ef77477ed70bf0684ec529<br />
70084fee954fe2486aed72b2f409f9dcb3576d5fafba94941746e9da2591a765<br />
708667c3757c57b231adc585e93da5a0d49df4ab54096970d0b8b4721a1e78c9<br />
70ddf6ae317e78301e80ce31c77b05c04027595e7dab77fff28492539331a874<br />
70f2950a1cf71874f7dbb7ca6f9f2858fa575cf491b675acc88de9e4ee1e3f3e<br />
72074c51c2eb78168cec3c94f91113787c616b12f89db6e10da3c8d30f67aa23<br />
7223acd1abb728d107814b709087030c0600e500b5efa94312d78d8364b74c9d<br />
73da1fca195662f0230568701ad0eaf05a9ca6124db1eef18eb21e5272ea243f<br />
743f3e60b4bd164b23e9465ad4c7620aebf7fce137fe4db547c04dbda4aa7acd<br />
7a6d59fede2fd2aac5ff35a63a1c7d7168abde77a8262eeb12cf2e30745e7adc<br />
7cd00e009bb852a5f089e7304e57aaa4cd65a02eede2bf734cfe7b49019bf624<br />
7d5689ba1e389e5635b629c9894414dc1c32c1d3cde26af7487c2a8bbd18f709<br />
7e9dd577a2d27f599f86a1090e234b723f6e5c846cb7d0c050d9cee76a63cd52<br />
7efe96d594dbac798824d8a2f8a3cfc96cc4737e60e367a01619ed77d74d9b24<br />
7f11cdb1882a54e033cba6478ec9a54b65e2a890cbc63b3ab2f0f04dee841db4<br />
7fabce67a2ff39c341ccc28429e62bd32ac24c740cb336eb1f47b9de42b292e0<br />
8027d16505f79a41d5e52634d3476c9abbdab83623d46d7ba094bdb9211d2641<br />
817210ba22aea105aadcde0f0fd571d496b270e3694b9d3ad64b01510b9d37f4<br />
81a1828c00ee46bf2a854b3582487a4a85f5a4b2dbb89c9abb7ca5521d780e5f<br />
81fdcf9d255e6aec6a5993169376d6e2b291a07670ba7817d0248add34d4bceb<br />
82243f4a3aa0e4cd96f3541b97c094e580c71c821a550aae397cda842741f10b<br />
835260ec9c52e09b05105b7a02e8ad795b6ebf26a77848cb672bb80e8465e104<br />
835cce801863b29023ac0cc00f9a4c9426a89fbc549add750a6f3712b99a4c6c<br />
83f82e2941fff786edc9ca3d7380ae3a87a6994ac49c80149e325595c8d09331<br />
848b556c5343885e75faed8759e12dc40d8c1e388ac902f752a09c410a1fdce2<br />
86b44d02c39e65db7d6419d1a769210bba44365d0c739b2b6932470364979ee2<br />
8765777d76e819300eed3e12f304da27dac973fd29195798db52c871d0ab77f0<br />
87786c33e1316422884aff329c7cf8f403f063642b7ade4e0f504593b555267f<br />
87e00afb11c4accf19f142addba0c899d3965d36962e364848811ac7cf30f17d<br />
88a0029232881ec3a33a412fe28d1dcdbfc0b1fff36d5da1a9c0be1aa65a4812<br />
88ac0374290a505949e650e29ddbe9967985e3e3ecf5bfb2d34c0f3fef70edda<br />
88b796faa614d34d51273d3b2d55f9723402c208eca107e7cef40102c09231d0<br />
890d225aa441b75ab5692dbca50002c2cc71b67a39441a273566bd88b5bcef8f<br />
8941ad54ed0e41b9c0e7dd240944f17da33cd3da63dcdf00349f290a5fae0767<br />
8a0f1af218de1fbbc4f247dc49f7f869dcd153083cb3f3cff409df80d373d46a<br />
8a39b53fd8685f4cf5bb9e97d5b53829fedf6ae35760320568bd880df6cf0947<br />
8aee5f96c0b0bdbe874ca5212784ad67e456b501b59d58f067c34d3c6cf66ceb<br />
8b956ea16db50f404e99331e271f6cca48a4c0780a7d32fade18ab0b38d26b42<br />
8baa038de39f7c5f6946c545d600cdf0bf018dfe880b857ef8d1e9ac3e9522f5<br />
8d92b4c799bca8f16d9646b105403a88b8cfe2faa6216ede5b820d94f48ff051<br />
8db0ad18c5d681dfd78a7ca91de63791ebeed0aeab5773965cc1422e6dded635<br />
8f5b6a254668cb3be1b04388e64a778158d2695a9c985b4f2f03c8fbe466b90d<br />
8f8e68bac1366fc2b88073798aa4ce822e24e021c005cafc503d64e3bb00cece<br />
8fb0455f5ef23762692faa94ab9c85652cb6953f9dc16eaf063a9531be225763<br />
904ff226f7b895304563a637a82ffb95afbdf4f804c6bdc57ec909815e7f4a2b<br />
9223437957550e9df4ede18521a918b269d38168f659675e27c96aa56d373b1c<br />
931707c7bede190c1d94dbcb100c08de6ea7021101a0f99512737ccea944a390<br />
937fecaeb836b8fac6bd4bd15038aa54d4b9bfb1a8349fa33e4b1e89863b2c3f<br />
9595d0cb267f010988a3393fa6ed79e0757cb9d8ec50cde1db06dbc1b50ba3c5<br />
981a5713d2a4798b34afa0c9f014d555c034a5b9d49011a8bb7a6966849f0bd8<br />
988c9e92c34b6d850f3b4ac5779f818b769b4eca6a22c1b04d1e1b58efbd0d74<br />
98e3b6ab1dd0d1b4dbbda960e9acd8c4c94e8cf51877014840bfa36f7d32078c<br />
996454449d2218f6de15154a93bde5c64d873beb914037e8ae2dea3f8fe8878c<br />
9ad00204675847b06c698fd347ad3865ec17a6c1e39ae7329c07283a5fc4f672<br />
9ad31cc69d594bb405759e81aaf7c66f3cc57fa0869ef17a36008b1cfb4cea64<br />
9b2679336b2b38652fba214ed329a8e0b2023de681eed7dfed5e51634fd2a7ee<br />
9b40392415c1b074df04dee3baf0ef6ed1f373227e8973487b4c4ee864034eb9<br />
9b518c668a972b72ac835dafefaee8e120b3eed6cbea1245ee8a2480e449059d<br />
9c2902980e16eda8c0819184c672ff1f78b135b8edd208d4f5daf951d4899d03<br />
9d7815260a52675eb82bf1f04443b81d6ea680176e7f050f6b253504e6091dc0<br />
9e416835a316d52b994ed05e395f92db417d99786174d5386b921e33e9cbd285<br />
9e512dcb93c13b8fe19e85c6d1134a85de58950f59a39d28ac1ce483100a7d79<br />
a0cf769c5f8d43109d19237f7c503b5d6e239eb7e69edc1d1da312b3304ecb26<br />
a4264de15d792ce232900254979fc9b77413f398bf02e7cfb1f53dac5698e9d7<br />
a6b74626dc52897ffa5587123bddcabb5e77f5d517ee9255452421947ec76b17<br />
a994956c225bf7f402cfe35fd34c551d90040efef1ac7f455b3939dc1b545542<br />
a9cfdb9e048c2e705fe5a7eb46f32447991e9a70e649bb0248f47ff23ebaf33d<br />
aa1a2f249b6993d76de1d4ae1145cfe21faddeeeccb735890c3cacbf3881461c<br />
ab5e4722a3eddc8c60d345fb1e22ea8f1882149ce7ead616856375e053108f48<br />
ad6341304e1509aaec20af9750052b7f185321b01e297ed39d2938dae0ac1785<br />
af769447d942f5cff9e0b3eaa9319fc6bdbf48074c376bd573b1a2b9132841a1<br />
af9331b8115b6681395ea11e5a63c8cc1062961b9b2bc2da9efe4d328e04d595<br />
b35dba433740cee2a053dd34001834a3cf5d45fcb614c55fe8c5434acd45ab5a<br />
b398871fdfd6c2e77d3bebe49a76936633c246bce681961095b5c5cf8d6bd92c<br />
b39daeaf313bf6b90d88b06bccc9b988d9176cb5b9bc1998ef0dc542d17e9e3e<br />
b49e25e9e6fc0229d64692c016d674693d5aeb7529a0ed1193f7be97d973d729<br />
b681c67859d9489735008a745d4ff3fbc4726a426e9e999ffb0f074dc933fdbc<br />
b683863c5489dec202fa46f763c69de320f504bab17650cf8668a6918ca6d288<br />
b76b5cbe2725315059f617aa5a41b5fe0f6db0981abd68676b393118c9598b56<br />
b90c126f1b158f25939d2e43e655eccc2dfa11623dcae31a6fddd05f88a93665<br />
b90e557fc2a3e012785b50006525523473748ed7deacb9c8be93f6acc5f28fe4<br />
bb7151556eecb67733c6df2d6baa1df9a90a7e5a3b962aa1b6be1cf8a5f810bb<br />
bc54e35db36bb719fa3f12af5f0203b6144b5ff2f978e4fb3dd851f1ba4272c0<br />
bd79110a40a51d0e0934a97f33aaea965aa44cbd1dab0d4ce1b35ce029e6f358<br />
bf2304328c99ae3874db252dd19f2e4e75ee02a9b2fedd3064507a9831b0d1ec<br />
bf4efcaea4e363b82f4311167295b093633911e56d16a0a0c462ae19a30ab718<br />
c165de35a3440f606fcb50e1526e6cb932700aaf7fb2e2f04628ea10ffcee938<br />
c16d7fb836c36bab01f98bd06b6c3c26b1c02f24c5ce68185e8a664e7d83a73a<br />
c1cbedfbd8bbac65746da335638008c4ce6b23796566aaddf30ff28bcb948c9b<br />
c32d2a74507dfb5f8ff4814ea7ef131cd096a81d8ab5e77876d222fca4fe0d05<br />
c349185a0792abec84a0322c5ba1d6a56d062207e7e37e4e92f50f0e3ca8b416<br />
c4cd601e1a422ce66ef24210f5d797f8e66cb050781a53eea371530ad10a5e9e<br />
c4de2a5597e0b607e72ef5e295cfa4e9c1c503ad474ab40d377dbf6a509a00ab<br />
c68dc7f83c402661862ae17dcc6bc18254ed8bd3fb2c2ded440a40f636b83664<br />
c6b58cac9f9270a1b287d0a16fed2a42435f730b12123c53335f1de0b37a45e6<br />
c706938ea65170176dfd2e516bccc9c695314d0e6218d2ee2d11a541648231f1<br />
c7e781b9aa4d186ff6ae19395fbf538e95c0ee2d037ca95800e87ab1795c1fce<br />
c9009b945b48684a31a23a1592547c483977a6532b8798e0efe6b8be8b1684e6<br />
ca2b7d1ed3e790dd305a23c8b9aa2e71f292b9d04308f78d2d7c983ec33078c4<br />
cab80996e927ecbe27a0bd48ff3d22f7d28d043914981c3b4832e3414a0ede36<br />
ccfbe91f76ad89282daf433424698cfed1d58c0293921b1730c8960a26bf3ef9<br />
cd0dc388c6d12b4738fb8119f03adc30d372f8296e6b184b48828a536b71425b<br />
cf267521203f4b006a4e358a7746f3015b1f3f79aa51eeaeac736635b98519dc<br />
cf5613340ec8768f4f1c57409d138534a36fbb38b80a2fc656d22e3b427f133a<br />
cfa1765d1476b31ea4db9dc93bc6d50f40ede28bed8749250add9639cd4c950c<br />
d0874368f99cd6752b6fcd9d0e8abd5de6f148ed38d7ba035ac98270c5c92c04<br />
d0a5b06d49cc8c1da06b460d6bb884d9ef48c209dc5d6b8ce440bd66f555c40d<br />
d116bf7bee0ad328b766183b2970b8bdbe5dec1518615e85bdf831902fe0f139<br />
d314ee97abecb5b174fd3e3a1c55ba41cefdd0eba06c6754e9d027796beeffa2<br />
d464891b41678db183141df1ec3e888640b22de3fdc8cfe40202bf7755dfef7d<br />
d4f736eaad470d2b119192832276a64f1e80947210b9042acd115f44d3ebcf0b<br />
d5a5f5d99918af36a879db293eb5dd5018146522ddbe6d1e8ae1f3bcfa983584<br />
d68ec6fd5af2f326cbd405c50892d8fc787ab886c91fca6ebadc10b7c213f6dc<br />
d7f500138f2c73029ac24e695fe0c2d598f7c966c79266f20de6db5b960dee93<br />
d90a753a83a14868ac76675066aeca40f0a3c883339ac3eb775a842a4f95b7ad<br />
da63c51ebf79bb5d9cca9686fd689d631a6f10471005aebce323ca25289f1259<br />
dd84efb1d0945a18d3d3100d752cd38fea98675f0da066aca5ff4b5317c06a99<br />
e0c2fd7b8e352c33a4f36360a5d7d7f1be44cacb2c86a1566c069ee6297559ea<br />
e2d589f67e0c19e2a36799328f4585fb953b5a1e411e4658864595aa0fc1e4c3<br />
e3899e0963e0b0da32f19721a1725a6029ebb46094cafc2862065871d1b4abbc<br />
e5a7620978fac531cb8c1eac391ac7731dd620c1eb23e72569c2468d93611cec<br />
e5c35400dbf8ee75bc650ebfba6ee94936468d34766dd176f9f38afb8c21d3ed<br />
e5cfc9beccb93625b8190a332944ca69b5a89a8a46602d753bd3f3a1cd3aad15<br />
e6430a80bf3baa4d5e63503a4093c16a08b4abb5e5179051578756dac2880328<br />
e6d8c02071ae06d16fe9fa00dbc166ca5b8996d32aa039ab68ea0ac4d76b8c2e<br />
e7645489fe2e5f2f02c767044c016a29edf84202f0258ae624e86d68e248d7a4<br />
e879fc06104d1f71185593bea2c252b4a4f7ad30312b17eb9afdd0c74ccaf286<br />
e8e6a52d0a887e272341249b407f35d42a9bf15f85ad045768bad7651d3c09d5<br />
ea510a50f812fe83e4c1d7cb6a68db4b51585f3a5d81d9c681919eca3ff92397<br />
eb3aab65209d3af85b9142cfd5979e59fc0e9f40e8b7fdcd0b62520d2be453f9<br />
ed5d5ed70ad7a8955fa3b846389b2abde6afe38b71287211797c56cdd247e948<br />
ee5aed5707146e4039d8fb85fbdd50e3986a7e5e70f47ab74a69f119bd6d1a61<br />
ef10100fd9090ba350754f5937bf4d35833eaf7afe6923c08e8062e0722e8bfe<br />
ef393c1789269d2935c467f3d2afe494c669fcb0e08690bd3f728eb6c09f3c4e<br />
ef74d76b65a148a9eed08a9f46d65b5c72f9ea6bc3cd24e4f7b6cfe0155a2e6a<br />
efa8f2d9a8e42e3476506863b665099ff52ef5df83dab72d57a02b8079469c95<br />
f38bcb3cd71379c159f0a311c480b5119dd8f63978d911fc84189f9d31e8bbda<br />
f3dcbfbe05136c9261aecd5a36973906c859b95cfd82b14fcc2e8f76fef124a7<br />
f4c3713a8d83c846ef6322a425dd086e4edfaf451c26464d3891394d5d01a721<br />
f5282d2416b190d8d0adf352e067b8ade00d918561ccbac857fc4b4114b9f2ea<br />
f55fa30df9417ce609685f2f02f0ca5eb47b2ee168539a55e3b313c612c6c2fc<br />
f6432f7d23641afd8adced05fad45c17857d76216e699d46fba44d5e697ab9ad<br />
f7016a0229e42095352dcdf117e6e11f44dd3d6cca1511a281b57586a91e3a94<br />
f739dd44c86eebb88c29d4c6f60c6b8484f115f05933a1acff10ecbcf7e21b58<br />
f7a63447bbfc388fbbae476fdae54f774eb5bedf444f3050c466200e4aa08b0d<br />
fa033ee949a3b85f14fe7fab2245c253bbf3056b7b78f0180579639c264f9ef5<br />
faf2e0a517307bd2fa2f74a2cec4221de95f48687cd8163a248e37252a262dd0<br />
fb9abe0dfb67a7ae7a19a3339137bdcfa7c8a605f59aff5d80811ae6a488267f<br />
fbfadddaf6f423d5b2fb258cc2451e5cdef4a86e99ad0d57bb0360137623e50c<br />
ff57780b89e393d57c23404acaf9f20521a11743c8651093bd34282a5ab006c9<br />
ff6581555d6cfef99a674896adcfdf046b88562e96d4da0ba49110c32215a181<br />
<br />
Sandbox results for f0544600ad501754478e929886ceb34a<br />
android.permission.CHANGE_NETWORK_STATE (change network connectivity)<br />
android.permission.DISABLE_KEYGUARD (disable key lock)<br />
com.android.launcher.permission.UNINSTALL_SHORTCUT (Unknown permission from android reference)<br />
android.permission.READ_LOGS (read sensitive log data)<br />
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)<br />
android.permission.INTERNET (full Internet access)<br />
android.permission.CHANGE_CONFIGURATION (change your UI settings)<br />
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)<br />
android.permission.SEND_SMS (send SMS messages)<br />
android.permission.RECEIVE_USER_PRESENT (Unknown permission from android reference)<br />
android.permission.RECEIVE_WAP_PUSH (receive WAP)<br />
android.permission.WRITE_SMS (edit SMS or MMS)<br />
android.permission.ACCESS_NETWORK_STATE (view network status)<br />
android.permission.GET_TASKS (retrieve running applications)<br />
android.permission.READ_SETTINGS (Unknown permission from android reference)<br />
android.permission.MOUNT_FORMAT_FILESYSTEMS (format external storage)<br />
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)<br />
android.permission.READ_EXTERNAL_STORAGE (read from external storage)<br />
android.permission.BROADCAST_STICKY (send sticky broadcast)<br />
android.permission.CALL_PHONE (directly call phone numbers)<br />
android.permission.WRITE_SETTINGS (modify global system settings)<br />
android.permission.READ_PHONE_STATE (read phone state and identity)<br />
android.permission.READ_SMS (read SMS or MMS)<br />
android.permission.VIBRATE (control vibrator)<br />
android.permission.SYSTEM_OVERLAY_WINDOW (Unknown permission from android reference)<br />
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS (access extra location provider commands)<br />
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)<br />
android.permission.RECEIVE_MMS (receive MMS)<br />
android.permission.WAKE_LOCK (prevent phone from sleeping)<br />
android.permission.CHANGE_WIFI_STATE (change Wi-Fi status)<br />
android.permission.RECEIVE_SMS (receive SMS)<br />
android.permission.RUN_INSTRUMENTATION (Unknown permission from android reference)<br />
android.permission.MOUNT_UNMOUNT_FILESYSTEMS (mount and unmount file systems)<br />
android.permission.RESTART_PACKAGES (kill background processes)<br />
android.permission.GET_ACCOUNTS (discover known accounts)<br />
Activities<br />
org.cocos2dx.cpp.AppActivity<br />
com.jy.publics.JyActivity<br />
com.payment.plus.sk.abcdef.jczdf.intf.MActivity<br />
cb.diy.usaly.UncmAct<br />
com.mobile.bumptech.ordinary.miniSDK.SDK.intf.MActivity<br />
com.yuanlang.pay.TheDialogActivity<br />
com.yuanlang.pay.TheActivity<br />
Services<br />
com.jy.publics.service.JyRemoteService<br />
com.jy.publics.service.JyService<br />
com.y.f.jar.pay.UpdateServices<br />
com.yf.y.f.init.service.InitService<br />
bn.sdk.szwcsss.common.az.c.service.WcSer<br />
com.amaz.onib.FSrvi<br />
com.mn.kt.rs.RsSe<br />
com.comment.one.service.DmService<br />
com.wyzfpay.service.CoreService<br />
cb.diy.usaly.UncmSer<br />
com.wps.pay.pmain.service.SmsGuardService<br />
com.yuanlang.pay.TheService<br />
com.yuanlang.pay.JobScheduleService<br />
com.android.k9op.k9op.k9op<br />
Receivers<br />
com.y.f.jar.pay.InNoticeReceiver<br />
com.mn.kt.rs.RsRe<br />
com.comment.one.receiver.EBooReceiver<br />
com.wps.pay.pmain.service.PayGuardReceiver<br />
Service-related intent filters<br />
com.mn.kt.rs.RsSe<br />
actions: com.door.pay.sdk.app.action<br />
categories: android.intent.category.DEFAULT<br />
Activity-related intent filters<br />
org.cocos2dx.cpp.AppActivity<br />
actions: android.intent.action.MAIN<br />
categories: android.intent.category.LAUNCHER<br />
Receiver-related intent filters<br />
com.wps.pay.pmain.service.PayGuardReceiver<br />
actions: android.intent.action.BOOT_COMPLETED, android.intent.action.PACKAGE_ADDED, android.intent.action.PACKAGE_REMOVED, android.intent.action.SCREEN_ON, android.intent.action.SCREEN_OFF, android.intent.action.USER_PRESENT, android.provider.Telephony.SMS_RECEIVED<br />
com.comment.one.receiver.EBooReceiver<br />
actions: android.provider.Telephony.SMS_RECEIVED<br />
com.mn.kt.rs.RsRe<br />
actions: android.provider.Telephony.SMS_RECEIVED, android.net.conn.CONNECTIVITY_CHANGE, android.intent.action.BATTERY_CHANGED, android.intent.action.SIM_STATE_CHANGED, android.intent.action.NOTIFICATION_ADD, android.intent.action.SERVICE_STATE, android.intent.action.NOTIFICATION_REMOVE, android.intent.action.NOTIFICATION_UPDATE, android.bluetooth.adapter.action.STATE_CHANGED, android.intent.action.ANY_DATA_STATE, android.net.wifi.STATE_CHANGE, android.intent.action.BOOT_COMPLETED, android.intent.action.SCREEN_ON, android.intent.action.USER_PRESENT<br />
com.y.f.jar.pay.InNoticeReceiver<br />
actions: android.provider.Telephony.SMS_RECEIVED<br />
Application certificate information<br />
<br />
Subject<br />
DN: C:bh, CN:vtpqxo, L:fr, O:rsvnua, ST:rj, OU:ecqvgw<br />
C: bh<br />
CN: vtpqxo<br />
L: fr<br />
O: rsvnua<br />
ST: rj<br />
OU: ecqvgw<br />
validto: 09:38 AM 10/01/2020<br />
serialnumber: 4c59be53<br />
thumbprint: c6343651022a48f01bea86e47a9076d807410bd2<br />
validfrom: 09:38 AM 01/05/2018<br />
Issuer<br />
DN: C:bh, CN:vtpqxo, L:fr, O:rsvnua, ST:rj, OU:ecqvgw<br />
C: bh<br />
CN: vtpqxo<br />
L: fr<br />
O: rsvnua<br />
ST: rj<br />
OU: ecqvgw<br />
<br />
Interesting strings<br />
<br />
http://<br />
http://%1$s/dc/sync_adr<br />
http://10.235.148.9/middle/mypageorder.jsp<br />
http://118.85.194.4:8083/iapSms/ws/v3.0.1/mix/billing<br />
http://118.85.194.4:8083/iapSms/ws/v3.0.1/mix/validate<br />
http://118.85.194.4:8083/iapSms/ws/v3.0.1/sp/validate<br />
http://120.26.106.206:8088<br />
http://121.40.109.196:8088<br />
http://139.129.132.111:8001/<br />
http://139.129.132.111:8001/CrackCaptcha/GetCaptchaValue.aspx<br />
http://192.168.10.194:8080<br />
http://alog.umeng.com/app_logs<br />
http://alog.umengcloud.com/app_logs<br />
http://biss.cmread.com:8080/etl/client<br />
http://cf.gdatacube.net/config/update<br />
http://client.cmread.com/cmread/portalapi<br />
http://log.umsns.com/<br />
http://log.umsns.com/share/api/<br />
http://pay.5ayg.cn:30002/sg-pay/zhimengzhifu/notify?channelId=<br />
http://pay.918ja.com<br />
http://pay.918ja.com:9000/init/error<br />
http://pay.918ja.com:9000/versionpatch<br />
http://sdk.qipagame.cn:8088<br />
http://vpay.api.eerichina.com/api/payment<br />
http://wap.cmread.com<br />
http://wap.cmread.com/clt/captcha.jpg?t=14461<br />
http://wap.cmread.com/clt/clt/registerNew.msp<br />
http://wap.cmread.com/clt/publish/clt/resource/portal/common/loading.jsp<br />
http://wap.cmread.com/clt/publish/clt/resource/portal/v2/home2.jsp<br />
http://wap.cmread.com/clt/publish/clt/resource/portal/v2/newsDetailData.jsp<br />
http://wap.cmread.com/r/%s/%s.htm?cm=%s<br />
http://wap.cmread.com/rbc/p/tsfl.jsp?vt=3&timestamp=<br />
http://wap.cmread.com/sso/p/logindata.jsp?layout=9<br />
http://wap.cmread.com/sso/smsautoLogin?e_l=9&client_id=cmread-wap&response_type=token&redirect_uri=http://wap.cmread.com/r/p/myspacedata.jsp?vt=9&aaa_flag=1&rm=<br />
http://wap.tyread.com/baoyueInfoListAction.action<br />
http://wap.tyread.com/goPreBuySubmit.action<br />
http://wap.tyread.com/gossourl.action<br />
http://wap.tyread.com:8080/jb/AudioDetail.aspx<br />
http://wap.tyread.com:8080/jb/PackageMsgList.aspx<br />
http://wap.tyread.com:8080/jb/UserOrderPackage.aspx<br />
http://wap.tyread.com:8080/jb/UserOrderPackage_result.aspx<br />
http://wap.tyread.com:8080/mh/AudioDetail.aspx<br />
http://wap.tyread.com:8080/mh/PackageMsgList.aspx<br />
http://wap.tyread.com:8080/mh/UserOrderPackage.aspx<br />
http://wap.tyread.com:8080/mh/UserOrderPackage_result.aspx<br />
http://web.5ayg.cn:30000/sg-backend/apkConfig/getApkConfig?gameId=<br />
http://www.zhjnn.com:20002/advert/info/userActions?appId=<br />
http://xixi.dj111.top:20006/SmsPayServer/sdkUpdate/fuseSdkIndex?<br />
http://xixi.dj111.top:20006/SmsPayServer/sdkUpdate/fuseSdkTest?<br />
http://xixi.dj111.top:20006/SmsPayServer/sdkUpdate/new_index?<br />
https://<br />
https://cmnsguider.yunos.com:443/genDeviceToken<br />
https://uop.umeng.com<br />
https://www.baidu.com<br />
<br />
The file being studied is a compressed stream! Details about the compressed contents follow.<br />
Interesting properties<br />
The file under inspection contains at least one ELF file.<br />
Contained files<br />
This file is a compressed stream containing 154 files.<br />
[+] assets/dERlZG ZIP 104465 Bytes<br />
[+] assets/jypaysdk.md ZIP 88149 Bytes<br />
[+] META-INF/MANIFEST.MF unknown 12072 Bytes<br />
[+] META-INF/TEMP.SF unknown 12193 Bytes<br />
[+] META-INF/TEMP.RSA unknown 924 Bytes<br />
[+] AndroidManifest.xml XML 16876 Bytes<br />
[+] assets/gd-sdk-a_j_3.0.0-34-release_lang.so unknown 147420 Bytes<br />
[+] assets/hlkk/DialogNo1.csb unknown 4072 Bytes<br />
[+] assets/hlkk/DialogNo2.csb unknown 3972 Bytes<br />
[+] assets/hlkk/DialogNo3.csb unknown 4108 Bytes<br />
[+] assets/hlkk/DialogNo4.csb unknown 4104 Bytes<br />
[+] assets/hlkk/DialogNo5.csb unknown 4044 Bytes<br />
[+] assets/hlkk/LayerChoice.csb unknown 5956 Bytes<br />
[+] assets/hlkk/LayerGame1.csb unknown 9524 Bytes<br />
[+] assets/hlkk/LayerGame2.csb unknown 7236 Bytes<br />
[+] assets/hlkk/LayerMain.csb unknown 9032 Bytes<br />
[+] assets/hlkk/LayerSmear.csb unknown 5292 Bytes<br />
[+] assets/hlkk/LayerStart.csb unknown 3708 Bytes<br />
[+] assets/hlkk/font/life_font.fnt unknown 1528 Bytes<br />
[+] assets/hlkk/font/life_font.png PNG 948 Bytes<br />
[+] assets/hlkk/main/effect_bg.png PNG 203 Bytes<br />
[+] assets/hlkk/main/gamebg.jpg JPG 22038 Bytes<br />
[+] assets/hlkk/main/mainbg.jpg JPG 67413 Bytes<br />
[+] assets/hlkk/node/AniLight.csb unknown 2120 Bytes<br />
[+] assets/hlkk/node/AniRound.csb unknown 3000 Bytes<br />
[+] assets/hlkk/node/AniSmear.csb unknown 3832 Bytes<br />
[+] assets/hlkk/node/AniStar.csb unknown 2560 Bytes<br />
[+] assets/hlkk/other/adqllsdf3.plist unknown 4184 Bytes<br />
[+] assets/hlkk/other/adqllsdf3.png PNG 62065 Bytes<br />
[+] assets/hlkk/other/asdqwed2.plist unknown 5033 Bytes<br />
[+] assets/hlkk/other/asdqwed2.png PNG 54357 Bytes<br />
[+] assets/hlkk/other/ddasd1.plist unknown 4428 Bytes<br />
[+] assets/hlkk/other/ddasd1.png PNG 102589 Bytes<br />
[+] assets/hlkk/other/ddasd2.plist unknown 6075 Bytes<br />
[+] assets/hlkk/other/ddasd2.png PNG 216081 Bytes<br />
[+] assets/hlkk/other/ddui.plist unknown 2550 Bytes<br />
[+] assets/hlkk/other/ddui.png PNG 105125 Bytes<br />
[+] assets/hlkk/other/dsasq1.plist unknown 2790 Bytes<br />
[+] assets/hlkk/other/dsasq1.png PNG 27697 Bytes<br />
[+] assets/hlkk/other/pomyd/bg_box.png PNG 40800 Bytes<br />
[+] assets/hlkk/other/pomyd/text_jiao.png PNG 35087 Bytes<br />
[+] assets/hlkk/other/pomyui/btn_return.png PNG 2062 Bytes<br />
[+] assets/j_config.properties unknown 125 Bytes<br />
[+] assets/mytip/icon_quan2.png PNG 1746 Bytes<br />
[+] assets/mytip/icon_quan3.png PNG 1516 Bytes<br />
[+] assets/mytip/icon_quang1.png PNG 1423 Bytes<br />
[+] assets/mytip/icon_quang2.png PNG 1938 Bytes<br />
[+] assets/mytip/icon_quang3.png PNG 1552 Bytes<br />
[+] assets/mytip/icon_tool1.png PNG 1266 Bytes<br />
[+] assets/mytip/icon_tool2.png PNG 770 Bytes<br />
[+] assets/mytip/icon_tool3.png PNG 834 Bytes<br />
[+] assets/mytip/tip_jiao1.png PNG 1723 Bytes<br />
[+] assets/mytip/tip_jiao10.png PNG 1754 Bytes<br />
[+] assets/mytip/tip_jiao11.png PNG 2250 Bytes<br />
[+] assets/mytip/tip_jiao12.png PNG 1843 Bytes<br />
[+] assets/mytip/tip_jiao2.png PNG 1386 Bytes<br />
[+] assets/mytip/tip_jiao3.png PNG 1669 Bytes<br />
[+] assets/mytip/tip_jiao4.png PNG 2007 Bytes<br />
[+] assets/mytip/tip_jiao5.png PNG 1423 Bytes<br />
[+] assets/mytip/tip_jiao6.png PNG 1218 Bytes<br />
[+] assets/mytip/tip_jiao8.png PNG 1704 Bytes<br />
[+] assets/mytip/tip_jiao9.png PNG 1988 Bytes<br />
[+] assets/mytip/tip_quan_draw.png PNG 2363 Bytes<br />
[+] assets/mytip/tip_quan_win.png PNG 2917 Bytes<br />
[+] assets/mytip/tip_siyi1.png PNG 1672 Bytes<br />
[+] assets/mytip/tip_siyi2.png PNG 1796 Bytes<br />
[+] assets/mytip/tip_siyi3.png PNG 1652 Bytes<br />
[+] assets/photos/1/1.jpg JPG 44174 Bytes<br />
[+] assets/photos/1/2.jpg JPG 50590 Bytes<br />
[+] assets/photos/1/3.jpg JPG 63238 Bytes<br />
[+] assets/photos/1/4.jpg JPG 49928 Bytes<br />
[+] assets/photos/1/5.jpg JPG 46306 Bytes<br />
[+] assets/photos/1/6.jpg JPG 44331 Bytes<br />
[+] assets/photos/1/7.jpg JPG 33080 Bytes<br />
[+] assets/photos/1/8.jpg JPG 35687 Bytes<br />
[+] assets/photos/1/dress.jpg JPG 14957 Bytes<br />
[+] assets/photos/1/no_dress.jpg JPG 43244 Bytes<br />
[+] assets/photos/2/1.jpg JPG 99030 Bytes<br />
[+] assets/photos/2/2.jpg JPG 77581 Bytes<br />
[+] assets/photos/2/3.jpg JPG 72103 Bytes<br />
[+] assets/photos/2/4.jpg JPG 69295 Bytes<br />
[+] assets/photos/2/5.jpg JPG 72984 Bytes<br />
[+] assets/photos/2/6.jpg JPG 62678 Bytes<br />
[+] assets/photos/2/7.jpg JPG 54661 Bytes<br />
[+] assets/photos/2/8.jpg JPG 95538 Bytes<br />
[+] assets/photos/2/dress.jpg JPG 19660 Bytes<br />
[+] assets/photos/2/no_dress.jpg JPG 79590 Bytes<br />
[+] assets/YL_ChannelInfo unknown 64 Bytes<br />
[+] assets/config.ini unknown 2911 Bytes<br />
[+] assets/hlkk/font/btn_round.plist XML 4143 Bytes<br />
[+] assets/hlkk/other/flow_star.plist XML 4153 Bytes<br />
[+] assets/libyunsvc ELF 17696 Bytes<br />
[+] assets/mytip/icon_quan1.png PNG 1431 Bytes<br />
[+] assets/mytip/icon_tool4.png PNG 1307 Bytes<br />
[+] assets/mytip/please_jiao.png PNG 4055 Bytes<br />
[+] assets/mytip/please_quan.png PNG 4919 Bytes<br />
[+] assets/mytip/please_siyi.png PNG 2882 Bytes<br />
[+] assets/mytip/tip_jiao7.png PNG 1921 Bytes<br />
[+] assets/mytip/tip_quan_lose.png PNG 2247 Bytes<br />
[+] assets/pay unknown 37328 Bytes </div>
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.com0tag:blogger.com,1999:blog-5046096073918528715.post-69331474917747342852016-07-09T12:55:00.000-07:002018-03-27T22:43:52.202-07:00Pokemon GO with Droidjack - Android sample<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
Research: Proofpoint. <a href="https://www.proofpoint.com/us/threat-insight/post/droidjack-uses-side-load-backdoored-pokemon-go-android-app">DroidJack Uses Side-Load…It's Super Effective! Backdoored Pokemon GO Android App Found</a><br />
<br />
<br />
File Info:<br />
MD5 d350cc8222792097317608ea95b283a8<br />
SHA1 561ae708f234f46dbdca1d7f2a38d854d9bb60df<br />
SHA256 15db22fd7d961f4d4bd96052024d353b3ff4bd135835d2644d94d74c925af3c4<br />
<br />
<a href="https://2.bp.blogspot.com/-xpD3dcj_h1Q/V4FWAZVAJUI/AAAAAAACX58/A5jmhyhOM8kdZwltWSlmjFVOt1pR3viIgCLcB/s1600/app_icon.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://2.bp.blogspot.com/-xpD3dcj_h1Q/V4FWAZVAJUI/AAAAAAACX58/A5jmhyhOM8kdZwltWSlmjFVOt1pR3viIgCLcB/s1600/app_icon.png" /></a><br />
<a href="http://contagiomobile.deependresearch.org/droidjack_androrat_android_samp.zip">Download. Email me if you need the password.</a><br />
<br />
<br /></div>
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.com1tag:blogger.com,1999:blog-5046096073918528715.post-17248986512512598082016-07-03T13:45:00.001-07:002018-03-28T20:21:43.098-07:00Overlay banker malware locker <div dir="ltr" style="text-align: left;" trbidi="on">
<br />
Research: <a href="http://blog.trendmicro.com/trendlabs-security-intelligence/fake-bank-app-phishes-credentials-locks-users-out/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Anti-MalwareBlog+%28Trendlabs+Security+Intelligence+Blog%29">Trend Micro: Fake Bank App Ramps Up Defensive Measures</a><br />
<a href="http://blog.trendmicro.com/trendlabs-security-intelligence/fake-bank-app-phishes-credentials-locks-users-out/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Anti-MalwareBlog+%28Trendlabs+Security+Intelligence+Blog%29">Fake Bank App Phishes Credentials, Locks Users Out</a><br />
<br />
Also see:<a href="http://contagiominidump.blogspot.com/2016/07/whatsapp-sberbank-android-banker.html"> http://contagiominidump.blogspot.com/2016/07/whatsapp-sberbank-android-banker.html</a><br />
<br />
<a href="https://2.bp.blogspot.com/-rNFAxVQEHOI/V3l4ZquIFKI/AAAAAAACX4Y/1nXe8GqZk9AaG67Uku2hkswZn7mNVVCrACLcB/s1600/ic_launcher_base.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://2.bp.blogspot.com/-rNFAxVQEHOI/V3l4ZquIFKI/AAAAAAACX4Y/1nXe8GqZk9AaG67Uku2hkswZn7mNVVCrACLcB/s1600/ic_launcher_base.png" /></a><a href="http://contagiomobile.deependresearch.org/overlaylocker_android_samp.zip">Download. Email me if you need the password</a><br />
<br />
<br />
<br />
<br />
<br />
File information: SHA1<br />
<br />
<a name='more'></a><br />
<br />
00F74E3435E2845667AE05BE94C4BFB5F3A3F31E<br />
052DB48B8D0A1F67198263C712141477CDC09D79<br />
0A2C68C40453625EB2676023B97894E621C4AF23<br />
0EF7BC8F6AB7264E70ECD3B04486D3D34BDE2532<br />
12D57ED44D4DE42FBB06BE091D964D9AF5C5E8E3<br />
14EE027B4DF5C4031F6B78B3BAA5602AAEB34E5F<br />
1600E2773A9BFA80478FACC3107F75E115FF8876<br />
17561EB2A0E07B5F5361994E952EA4B79CC90C4F<br />
1CBB0919441AE19B3B9FCCD6D31E737036F74F90<br />
1D5774C06E483E1BA4160D63334385178AE42162<br />
20EAA48D86129FEBDFEE80B0CCCD484FE589A2BF<br />
21266E72C8BECBB439CB6D77F174B5ECCEFA2769<br />
23549741658E6B1D52654691F974B01E7ECA5F24<br />
2C77AAB581983C33EEFA65D867F03E54D3105611<br />
3065EBD6658A50262869277FF29B03DD621CA1C6<br />
30DFC598D7C3E60D12695F5827F6507F6C1FEEAA<br />
312C111D3E6CDDFA7F8F782525D792DE0776EC72<br />
31EBA30C1B7120EAA23BA23F7DCE3BF5F41D5F4A<br />
388C84DF0A057321F5BD6DFA9A8F66E6F95D2779<br />
410C995EBD564A1010ED12108F53CBB2A495D7B4<br />
45293E19012648EBB25D84AD259C097F6DAD7C5C<br />
4728CDC4D652F6E7682D660CB72E21479E9183A2<br />
4D258A710BAB46600DCD56AEB3080CC86C90C03B<br />
50C62996453422C438DC1282E646F30233CE6E6E<br />
514152082315816E91049B3DA6F95EA376555445<br />
5359D2F33FB072609D589B054FBE9BF0BA14FBFD<br />
571B5082341E75D908FBE5C7A8DB6DFF8A67E650<br />
5DD722C5FCE53C8C26ADF522641E5FACFE976BC7<br />
6C2FB05FA6D7083FBB5587C226C37E05466F9573<br />
6FD9C0C65EE41B2E46A246AF0DD93B72460C0089<br />
714F062E798DCA9A136B9A7C408846BE90B3CB45<br />
7524E300C17E8B96ACA6EC09C345424FC4AEDCE4<br />
78FCACF076EB0540AB0079E3B04BC515643ED10E<br />
7BE86AC234A1DCE5063F45BCA341337C3CADC450<br />
7C3F693D0B0EA6C6FDBB078E56D7E71FFAF648B8<br />
83E56809B1662BE002F4E1C4BCD3AEF90D060D8F<br />
856823203A29B767D473BD6C850ED0296CC41A52<br />
91B59AB5BFA7366A6EADA67103D9598CCF1CFDC5<br />
93BB6B7934080541985A7BDF0EFE34136C1650D3<br />
9887AF7E945EF3491880AE66FB6B07A2796A6CE2<br />
9E36414341E4DBAA113980F7D900E0AC4BAA4103<br />
9F931499765E85954D468FB63072A29A7E193FF7<br />
9FD0480FA11FE7760311F6775D4DCAA6B94BA792<br />
A08A1E3AB778C5A83F017FDC22DB181EE1C906E9<br />
A1587F10849162156591BE75E705D586AA8EC74D<br />
A2895B80515FBC7C1B9EEA3D39A214FC777BDBB2<br />
AD6154BEC63F5FAE6F948AA6697CD087B4B1F60C<br />
AFD36FC8ED8A432A44695D29FABA440558A3AF24<br />
B8FF0570024FE488252D917732BE75431C1D76FF<br />
C27055B9B75569205A1CAFAE8762ACD2F05DA712<br />
C2FBF01ED6E8B348A831FDA0F7C3509B29A2FEE8<br />
C3C3D3F3636005CC2D4E2D258BAF9C1EF63F23A4<br />
C5898A64AFD1A2E21B0898AC8DF68B996AC200CF<br />
C74F2AEF00C80CABEE05631886705CCDAEB935DE<br />
C971E8425A2F3616222AB1AF552E4AB45FC8AB99<br />
CA5680A4EE9D0B6847FE20F297A98D3539FDAF2B<br />
D1C5F6889A09CB05BFEC4045A50D73F5F5FE7783<br />
D46D478EE483D481806FFDD7122E2DE9AC8467DE<br />
D553185A2F581E4B71AD80924F4D2E2D7D19BB97<br />
D770BAE185476523649A5768B7BBE7F7605656AB<br />
DCABC0DD585BB4D918AB6B7B062D50C222E94709<br />
DE06A520DDFBEB972C29DAC995422C7E91B00424<br />
DE585C41B3236ED3BF29298A0732876A947BE47F<br />
E625902B39DFA649F0FCD732E9680226B2113AB6<br />
E6FE44B2F20AFF67EADECFAA85EF729834B3FB13<br />
E8F84AD2731E303659F9864323FD814412033BC1<br />
EB655DEDA3A33D829A4DD617358C10D029A4B0F0<br />
ED73B2FE3F5F726F029961434A8C599A91011564<br />
EF15F1705B83C575CC8AA716D4695C073C23B5CF<br />
F36DD6A0858DFBEFD860A81EB76A07E7BF01A6F6<br />
F3C1FD573943C0481991A1AEEDDF74FDA84490C5<br />
F3F8BD1F7EDCEE5C60B303EABD1B9591B7264C07<br />
F49CC6DAE2576C2A5EAB3034C644D1C396E8A90D<br />
F53332B0F1B01D0DD282346C4E69DA964EDD137D<br />
FF844A8BB40DA72B5C9F3A8C3CDA7C9D051921E6<br />
<br /></div>
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.com0tag:blogger.com,1999:blog-5046096073918528715.post-46590104153838243232016-07-03T13:27:00.000-07:002018-03-28T20:36:20.160-07:00Marcher overlay Android trojan<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<br />
Research: <a href="https://exchange.xforce.ibmcloud.com/collection/Marcher-Android-Bot-eeede463ee5c2b57402fc86154411e65">IBM XForce Exchange. Marcher Android Bot </a><br />
<br />
Sample credit: Marc Rivero López<br />
<br />
<a href="https://2.bp.blogspot.com/-Bzga6kOjkAE/V3l0IjqAHuI/AAAAAAACX4M/DAWR3W6fFxgQr2NcwhomY6LNBOnuDoDoQCLcB/s1600/ic_launcher181.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://2.bp.blogspot.com/-Bzga6kOjkAE/V3l0IjqAHuI/AAAAAAACX4M/DAWR3W6fFxgQr2NcwhomY6LNBOnuDoDoQCLcB/s1600/ic_launcher181.png" /></a><br />
<a href="http://contagiomobile.deependresearch.org/marcher_bot_android_samp.zip">Download. Email me if you need the password</a><br />
<br />
<br />
<br />
<br />
File information:<br />
fafaebe042ba9c59b2c3f65f43774cdb5369f838469e133a7c26e824f6d20cc6<br />
b8b9868a24898c8cb39d90c6d38233efabff5b0daf67bbbb54d1e3d0751dd4cb<br />
9d76af8c314e9904906218974c6ae6eec055932aad0292de3554bf5a86371b5b<br />
0de832302ec11bcfda465e903fcd66b2a0bcc8c2b627b43196ef76ca02899765<br />
fd988b737500c564d143095972b20f6a0acd5a4f16a0e10fec8c4bb776469601<br />
<br />
MD5s<br />
56ED9C77571C81C208BF49FEF4422E8F<br />
58FB8F875F3C9ACF0FD0C4EE3C0A002A<br />
5B0EA09640C86C25DD2AEE85515B8AA7<br />
8B9044C22485A84831B14FB8E63AD349<br />
FBF3348F3137DD673745677FFD8E91FF</div>
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.com0tag:blogger.com,1999:blog-5046096073918528715.post-20423256224475815722016-07-03T12:53:00.000-07:002018-03-28T20:43:39.158-07:00Android Triada modular trojan<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
Research: <a href="https://securelist.com/blog/research/74997/everyone-sees-not-what-they-want-to-see/">Kaspersky: Everyone sees not what they want to see</a><br />
<a href="https://securelist.com/analysis/publications/74032/attack-on-zygote-a-new-twist-in-the-evolution-of-mobile-threats/">Attack on Zygote: a new twist in the evolution of mobile threats</a><br />
<a href="https://securelist.com/analysis/publications/74032/attack-on-zygote-a-new-twist-in-the-evolution-of-mobile-threats/">The story of the small Trojan that could!</a><br />
Checkpoint:<a href="http://blog.checkpoint.com/2016/06/17/in-the-wild-mobile-malware-implements-new-features/"> In The Wild: Mobile Malware Implements New Features</a><br />
<br />
Sample credit: Tim Strazzere<br />
<br />
File information:<br />
<div class="p1">
<a href="https://2.bp.blogspot.com/-x_iSsOuTHcE/V3lr-2x7tZI/AAAAAAACX38/_jZmGVGZL6kBfvZZ4LQpWosh8NCL04oAACLcB/s1600/ic_launcher.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://2.bp.blogspot.com/-x_iSsOuTHcE/V3lr-2x7tZI/AAAAAAACX38/_jZmGVGZL6kBfvZZ4LQpWosh8NCL04oAACLcB/s1600/ic_launcher.png" /></a>MD5 592fa585b64412e31b3da77b1e825208 </div>
<div class="p1">
SHA1 3689a276f85fd94750dc063860097fdc28ec527f </div>
<br />
<div class="p1">
SHA256 4656aa68ad30a5cf9bcd2b63f21fba7cfa0b70533840e771bd7d6680ef44794b </div>
<br />
<a href="http://contagiomobile.deependresearch.org/triada_android_samp.zip">Download. Email me if you need the password</a><br />
<a href="https://www.dropbox.com/s/9t0upxihpvtlok0/Triad_592FA585B64412E31B3DA77B1E825208.zip?dl=0"><br /></a>
<a href="https://www.virustotal.com/file/4656aa68ad30a5cf9bcd2b63f21fba7cfa0b70533840e771bd7d6680ef44794b/analysis/1457591162/">https://www.virustotal.com/file/4656aa68ad30a5cf9bcd2b63f21fba7cfa0b70533840e771bd7d6680ef44794b/analysis/1457591162/</a><br />
<br />
<br />
<a name='more'></a><br />
<br />
AVG Android/Deng.DSS 20160310 <br />
AVware Trojan.AndroidOS.Generic.A 20160310 <br />
Ad-Aware Android.Trojan.Triada.A 20160310 <br />
AegisLab Troj.SMS.AndroidOS.Agent.rm!c 20160310 <br />
AhnLab-V3 Android-PUP/SmsReg.ff6c 20160309 <br />
Alibaba A.L.Pay.Popr 20160310 <br />
Antiy-AVL Trojan[Backdoor:HEUR]/Android.Triada.2 20160310 <br />
Arcabit Android.Trojan.Triada.R 20160310 <br />
Avast Android:Triada-C [Trj] 20160310 <br />
Avira (no cloud) ANDROID/Triada.A.55 20160310 <br />
Baidu-International Trojan.Android.Agent.BKT 20160309 <br />
BitDefender Android.Trojan.Triada.A 20160310 <br />
CAT-QuickHeal Android.Triada.B1e19 (PUP) 20160310 <br />
Comodo UnclassifiedMalware 20160310 <br />
Cyren AndroidOS/GenBl.BCA0D997!Olympus 20160310 <br />
DrWeb Android.Rootkit.20 20160310 <br />
ESET-NOD32 a variant of Android/Spy.SmsSpy.AU 20160310 <br />
Emsisoft Android.Trojan.Triada.A (B) 20160310 <br />
F-Secure Android.Trojan.Triada.A 20160310 <br />
Fortinet Android/Agent.ANZ!tr 20160310 <br />
GData Android.Trojan.Triada.A 20160310 <br />
Ikarus HackTool.AndroidOS.RGenius 20160310 <br />
Jiangmin Backdoor.AndroidOS.cjj 20160310 <br />
K7GW Trojan ( 004d2c811 ) 20160310 <br />
Kaspersky HEUR:Backdoor.AndroidOS.Triada.b 20160310 <br />
McAfee Artemis!592FA585B644 20160310 <br />
eScan Android.Trojan.Triada.A 20160310 <br />
NANO-Antivirus Trojan.Android.Agent.dywqdy 20160310 <br />
Qihoo-360 Trojan.Android.Gen 20160310 <br />
Sophos Andr/Triada-A 20160310 <br />
Tencent Android.Trojan.Agentb.Auto 20160310 <br />
VIPRE Trojan.AndroidOS.Generic.A 20160310 <br />
Zoner Trojan.AndroidOS.SmsSpy.A 20160310 <br />
<div>
<br /></div>
<div>
<div class="p1">
<b>Required permissions</b></div>
<div class="p2">
android.permission.CHANGE_NETWORK_STATE (<i>change network connectivity</i>) </div>
<div class="p2">
android.permission.READ_LOGS (<i>read sensitive log data</i>) </div>
<div class="p2">
android.permission.INTERNET (<i>full Internet access</i>) </div>
<div class="p2">
android.permission.SEND_SMS (<i>send SMS messages</i>) </div>
<div class="p2">
android.permission.WRITE_SMS (<i>edit SMS or MMS</i>) </div>
<div class="p2">
android.permission.ACCESS_NETWORK_STATE (<i>view network status</i>) </div>
<div class="p2">
android.permission.GET_TASKS (<i>retrieve running applications</i>) </div>
<div class="p2">
android.permission.WRITE_EXTERNAL_STORAGE (<i>modify/delete SD card contents</i>) </div>
<div class="p2">
android.permission.GET_PACKAGE_SIZE (<i>measure application storage space</i>) </div>
<div class="p2">
android.permission.READ_EXTERNAL_STORAGE (<i>read from external storage</i>) </div>
<div class="p2">
android.permission.RECEIVE_BOOT_COMPLETED (<i>automatically start at boot</i>) </div>
<div class="p2">
android.permission.ACCESS_MTK_MMHW (<i>Unknown permission from android reference</i>) </div>
<div class="p2">
com.android.alarm.permission.SET_ALARM (<i>set alarm in alarm clock</i>) </div>
<div class="p2">
android.permission.BROADCAST_STICKY (<i>send sticky broadcast</i>) </div>
<div class="p2">
android.permission.WRITE_SETTINGS (<i>modify global system settings</i>) </div>
<div class="p2">
android.permission.READ_PHONE_STATE (<i>read phone state and identity</i>) </div>
<div class="p2">
android.permission.READ_SMS (<i>read SMS or MMS</i>) </div>
<div class="p2">
android.permission.SYSTEM_ALERT_WINDOW (<i>display system-level alerts</i>) </div>
<div class="p2">
android.permission.KILL_BACKGROUND_PROCESSES (<i>kill background processes</i>) </div>
<div class="p2">
android.permission.ACCESS_WIFI_STATE (<i>view Wi-Fi status</i>) </div>
<div class="p2">
android.permission.WAKE_LOCK (<i>prevent phone from sleeping</i>) </div>
<div class="p2">
android.permission.CHANGE_WIFI_STATE (<i>change Wi-Fi status</i>) </div>
<div class="p2">
android.permission.RECEIVE_SMS (<i>receive SMS</i>) </div>
<div class="p2">
android.permission.CLEAR_APP_CACHE (<i>delete all application cache data</i>) </div>
<div class="p2">
android.permission.MOUNT_UNMOUNT_FILESYSTEMS (<i>mount and unmount file systems</i>) </div>
<div class="p2">
android.permission.RESTART_PACKAGES (<i>kill background processes</i>) </div>
<div class="p1">
<b>Activities</b></div>
<div class="p2">
com.good.sunsine.FlashScreen </div>
<div class="p2">
com.good.sunsine.MainActivity </div>
<div class="p1">
<b>Services</b></div>
<div class="p2">
com.android.system.UpdateService </div>
<div class="p1">
<b>Receivers</b></div>
<div class="p2">
com.android.system.PopReceiver </div>
<div class="p1">
<b>Service-related intent filters</b></div>
<div class="p2">
<b>com.android.system.UpdateService</b><br />
actions: com.android.system.UpdateService</div>
<div class="p1">
<b>Activity-related intent filters</b></div>
<div class="p2">
<b>com.good.sunsine.FlashScreen</b><br />
actions: android.intent.action.MAIN<br />
categories: android.intent.category.LAUNCHER </div>
<div class="p1">
<b>Receiver-related intent filters</b></div>
<div class="p2">
<b>com.android.system.PopReceiver</b><br />
actions: android.intent.action.BOOT_COMPLETED, android.provider.Telephony.SMS_RECEIVED, android.intent.action.PHONE_STATE, android.intent.action.NEW_OUTGOING_CALL<br />
categories: android.intent.category.LAUNCHER </div>
<div class="p2">
<br /></div>
<div class="p2">
validfrom: 06:55 AM 05/25/2015</div>
<div class="p2">
serialnumber: 6B36CE51</div>
<div class="p2">
Issuer</div>
<div class="p2">
DN: OU=98yudodaqe, CN=98eyu1982ey98eu</div>
<div class="p2">
CN: 98eyu1982ey98eu</div>
<div class="p2">
OU: 98yudodaqe</div>
<div class="p2">
Subject</div>
<div class="p2">
DN: OU=98yudodaqe, CN=98eyu1982ey98eu</div>
<div class="p2">
CN: 98eyu1982ey98eu</div>
<div class="p2">
OU: 98yudodaqe</div>
<div class="p2">
thumbprint: 41775876A2CD11B4D1B85C9D73D49B187EFFA1D2</div>
<div class="p2">
<br /></div>
<div class="p2">
<br /></div>
</div>
</div>
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.com0tag:blogger.com,1999:blog-5046096073918528715.post-45959392883458629452016-07-02T22:58:00.002-07:002018-03-28T21:48:05.478-07:00Android overlay malware - credentials stealer, banker <div dir="ltr" style="text-align: left;" trbidi="on">
<div>
<br /></div>
<div>
Research: <a href="https://www.fireeye.com/blog/threat-research/2016/06/latest-android-overlay-malware-spreading-in-europe.html">Fireeye. The latest Android overlay malware spreading via sms phishing in Europe.</a></div>
<div>
<br /></div>
<div>
<a href="https://2.bp.blogspot.com/-RmWVqR4W17k/V3iWNl2_2NI/AAAAAAACX3k/0IAbncDzY0o8Gf3SLelZTWxrqeEi65bVwCLcB/s1600/ic_launcher.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://2.bp.blogspot.com/-RmWVqR4W17k/V3iWNl2_2NI/AAAAAAACX3k/0IAbncDzY0o8Gf3SLelZTWxrqeEi65bVwCLcB/s1600/ic_launcher.png" /></a><a href="http://contagiomobile.deependresearch.org/overlay_android_samp.zip">Download. Email me if you need the password</a></div>
<div>
<br /></div>
<div>
List of files. </div>
<div>
MD5</div>
<div>
<div>
035D1F3B7FB532A33DE7A8445F9FA325</div>
<div>
036258E2C51E21C140B5838CE9BFB4F8</div>
<div>
05131969AF2AE6CBFDDF789512F02AA2</div>
<div>
06E74DF867E9CB5C1BAFC98165C6C248</div>
<div>
...</div>
<div>
<a name='more'></a><br /></div>
<div>
152F626EB92676F940ADA4B7077ACF16</div>
<div>
1B9E1CD2C7F8E227B2AE5FB5BC735536</div>
<div>
20F4CD2BAA09E0BD5E12DAB50C0898CD</div>
<div>
228A4B723BF3D8ADC53A69DD0F36C746</div>
<div>
23988ABAD7C7B2ECDDA23AE7194B7A0D</div>
<div>
265D37013E1EA39B868515CCE157DFEB</div>
<div>
2B90FCA41272BEC8B8FFEFBB2456C001</div>
<div>
2C055D7B5199604CD5CF3441073B36B3</div>
<div>
2F4D81EF1B10BF72D0DBA0FDF354527F</div>
<div>
3841ABCEF2B1B37AA7E2D47C535CA80E</div>
<div>
3F2017A5ACB3E57801E2771341287001</div>
<div>
40449A2EC48C3E630B2EB8C8089828CF</div>
<div>
49DAC3B35AFB2E8D3605C72D0D83F631</div>
<div>
542F8F77E101D4E8E5D1EF34A3F0DF1C</div>
<div>
6A300DED487671EF39388B8D28927A83</div>
<div>
6E93A7F7911B3E9B522BE4B8F950CCA4</div>
<div>
6EB92667EBBBCB2C7DDF6230462222FD</div>
<div>
701D57504444344B8D5E79BCABCD3DCA</div>
<div>
7A99B60349703AED3AB28F498320F247</div>
<div>
82B1006A5F45A6D2BAF69544414ADA81</div>
<div>
82D89319FABD998328CC6D4EFC4DB863</div>
<div>
88B23B6A5C1B72AEFF2FC42E05C173A7</div>
<div>
8959513F65BCCA6F16FAEF59AD2D152F</div>
<div>
8D0A03981DAA93210E184E7FFF02883C</div>
<div>
93922EE5FBD149F31B0161DECA76DF77</div>
<div>
9762441D52BDEC725EFF6F2F65E721E9</div>
<div>
97C2D04AA0F3C3B446FC228C1DBC4837</div>
<div>
9E9D9A3717EED4D558A3F5EDDB260901</div>
<div>
A18818CB3FB6F189560991CEF6D1F929</div>
<div>
A72AA534973EEAF0782A246D502107A3</div>
<div>
AF7A8D32865E8CAF51A99C52834D4422</div>
<div>
BEE3746684B072867A5B202BFC5527DD</div>
<div>
BF7B72DBB2A9155DABC4EDA31D273B92</div>
<div>
CFA92CBCB0674429CC9CE216CC008902</div>
<div>
D0A6BA40E05047DC2CFF12935C4CF4FB</div>
<div>
D33B718737DE5AA685672A2004E0FA3C</div>
<div>
D70296D3DC4937DEDD44F93BB3B74034</div>
<div>
D73D54F6F86C58030477CC9A96EEDB85</div>
<div>
D83D833092A4FA5ECC436D4246C2F7CE</div>
<div>
D84FF5A7E7C0C33DCFA237299869BC34</div>
<div>
DA222D4B7993A62665B9EAEF10C1846F</div>
<div>
DBA6B4BBF61E054FB978ACAF70C3D849</div>
<div>
DF53B59E354462CD0E704B7B21A750F7</div>
<div>
E1D79608B649C22004AD7CC1CD049528</div>
<div>
E911DF33F1D156B3309A4AC220C52070</div>
<div>
EF5C9B15755719597481C501F6B603CE</div>
<div>
F1C8A3337CBD56E01E478774F5D55278</div>
<div>
F4B8D64AF0A53472901B50621F19D6BF</div>
<div>
FBDDE37D41D12F21C049C570C9BDA3DE</div>
<div>
FCB4EF63F1D8A3A044AC6F8A7C262546</div>
<div>
FFE98D97E7D827AA19ABB968A528F3FE</div>
</div>
<div>
<br /></div>
</div>
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.com0tag:blogger.com,1999:blog-5046096073918528715.post-78222947458894344722016-07-02T20:03:00.000-07:002018-03-28T21:57:35.455-07:00Android spyware for Viber app (Beaver Gang Counter)<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
Research: <a href="https://nakedsecurity.sophos.com/2016/06/30/beaver-gang-counter-malware-ejected-from-play-store/">Sophos: “Beaver Gang Counter” malware ejected from Play Store</a><br />
<br />
MD5<span class="Apple-tab-span" style="white-space: pre;"> </span>65065b53381ebc971160a91ef81dec99<br />
SHA-1<span class="Apple-tab-span" style="white-space: pre;"> </span>433293e2689e8377c890940ed77f8fb9db24a53e<br />
SHA-256<span class="Apple-tab-span" style="white-space: pre;"> </span>a707cb76e566321c08b8ba8f5c89cb0cf41125468366f5b8fdad8c6fa526deb4<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://3.bp.blogspot.com/-SIcf1ldc0FY/V3h8joBLAaI/AAAAAAACX3U/go1E4loZu0Qdv1aPlUtvqKtsDImSDtDkACLcB/s1600/ic_launcher.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://3.bp.blogspot.com/-SIcf1ldc0FY/V3h8joBLAaI/AAAAAAACX3U/go1E4loZu0Qdv1aPlUtvqKtsDImSDtDkACLcB/s1600/ic_launcher.png" /></a></div>
<a href="http://contagiomobile.deependresearch.org/vibleaker_android_samp.zip">Download. Email me if you need the password</a><br />
<br />
<br />
<br />
<a href="https://www.virustotal.com/en/file/a707cb76e566321c08b8ba8f5c89cb0cf41125468366f5b8fdad8c6fa526deb4/analysis/">https://www.virustotal.com/en/file/a707cb76e566321c08b8ba8f5c89cb0cf41125468366f5b8fdad8c6fa526deb4/analysis/</a><br />
<br />
<a name='more'></a><br />
<br />
android.permission.READ_EXTERNAL_STORAGE (read from external storage)<br />
android.permission.READ_PHONE_STATE (read phone state and identity)<br />
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)<br />
android.permission.WRITE_SETTINGS (modify global system settings)<br />
android.permission.ACCESS_NETWORK_STATE (view network status)<br />
android.permission.INTERNET (full Internet access)<br />
Activities<br />
gr.georkouk.kastorakiacounter_new.ActMain<br />
gr.georkouk.kastorakiacounter_new.ActPlayers<br />
gr.georkouk.kastorakiacounter_new.ActGame<br />
gr.georkouk.kastorakiacounter_new.ActStats<br />
gr.georkouk.kastorakiacounter_new.ActHelp<br />
com.google.android.gms.ads.AdActivity<br />
com.google.android.gms.ads.purchase.InAppPurchaseActivity<br />
Activity-related intent filters<br />
gr.georkouk.kastorakiacounter_new.ActPlayers<br />
actions: gr.georkouk.kastorakiacounter_new.ACTPLAYERS<br />
categories: android.intent.category.DEFAULT<br />
gr.georkouk.kastorakiacounter_new.ActMain<br />
actions: android.intent.action.MAIN<br />
categories: android.intent.category.LAUNCHER<br />
gr.georkouk.kastorakiacounter_new.ActStats<br />
actions: gr.georkouk.kastorakiacounter_new.ACTSTATS<br />
categories: android.intent.category.DEFAULT<br />
gr.georkouk.kastorakiacounter_new.ActHelp<br />
actions: gr.georkouk.kastorakiacounter_new.ACTHELP<br />
categories: android.intent.category.DEFAULT<br />
gr.georkouk.kastorakiacounter_new.ActGame<br />
actions: gr.georkouk.kastorakiacounter_new.ACTGAME<br />
categories: android.intent.category.DEFAULT<br />
<br />
Avast<span class="Apple-tab-span" style="white-space: pre;"> </span>Android:SpyAgent-WD [Trj]<span class="Apple-tab-span" style="white-space: pre;"> </span>20160701<br />
Cyren<span class="Apple-tab-span" style="white-space: pre;"> </span>AndroidOS/ViberSt.A<span class="Apple-tab-span" style="white-space: pre;"> </span>20160701<br />
DrWeb<span class="Apple-tab-span" style="white-space: pre;"> </span>Android.Vibleaker.1.origin<span class="Apple-tab-span" style="white-space: pre;"> </span>20160701<br />
ESET-NOD32<span class="Apple-tab-span" style="white-space: pre;"> </span>Android/Spy.Vibleaker.A<span class="Apple-tab-span" style="white-space: pre;"> </span>20160701<br />
F-Prot<span class="Apple-tab-span" style="white-space: pre;"> </span>AndroidOS/ViberSt.A<span class="Apple-tab-span" style="white-space: pre;"> </span>20160701<br />
Fortinet<span class="Apple-tab-span" style="white-space: pre;"> </span>Malware_Generic.P0<span class="Apple-tab-span" style="white-space: pre;"> </span>20160701<br />
Kaspersky<span class="Apple-tab-span" style="white-space: pre;"> </span>HEUR:Trojan-Spy.AndroidOS.Vibleaker.a<span class="Apple-tab-span" style="white-space: pre;"> </span>20160701<br />
McAfee<span class="Apple-tab-span" style="white-space: pre;"> </span>Artemis!65065B53381E<span class="Apple-tab-span" style="white-space: pre;"> </span>20160701<br />
McAfee-GW-Edition<span class="Apple-tab-span" style="white-space: pre;"> </span>Artemis!65065B53381E<span class="Apple-tab-span" style="white-space: pre;"> </span>20160630<br />
Sophos<span class="Apple-tab-span" style="white-space: pre;"> </span>Andr/Spy-AIS<span class="Apple-tab-span" style="white-space: pre;"> </span>20160701<br />
<br />
Avast<span class="Apple-tab-span" style="white-space: pre;"> </span>Android:SpyAgent-WD [Trj]<span class="Apple-tab-span" style="white-space: pre;"> </span>20160701<br />
Cyren<span class="Apple-tab-span" style="white-space: pre;"> </span>AndroidOS/ViberSt.A<span class="Apple-tab-span" style="white-space: pre;"> </span>20160701<br />
DrWeb<span class="Apple-tab-span" style="white-space: pre;"> </span>Android.Vibleaker.1.origin<span class="Apple-tab-span" style="white-space: pre;"> </span>20160701<br />
ESET-NOD32<span class="Apple-tab-span" style="white-space: pre;"> </span>Android/Spy.Vibleaker.A<span class="Apple-tab-span" style="white-space: pre;"> </span>20160701<br />
F-Prot<span class="Apple-tab-span" style="white-space: pre;"> </span>AndroidOS/ViberSt.A<span class="Apple-tab-span" style="white-space: pre;"> </span>20160701<br />
Fortinet<span class="Apple-tab-span" style="white-space: pre;"> </span>Malware_Generic.P0<span class="Apple-tab-span" style="white-space: pre;"> </span>20160701<br />
Kaspersky<span class="Apple-tab-span" style="white-space: pre;"> </span>HEUR:Trojan-Spy.AndroidOS.Vibleaker.a<span class="Apple-tab-span" style="white-space: pre;"> </span>20160701<br />
McAfee<span class="Apple-tab-span" style="white-space: pre;"> </span>Artemis!65065B53381E<span class="Apple-tab-span" style="white-space: pre;"> </span>20160701<br />
McAfee-GW-Edition<span class="Apple-tab-span" style="white-space: pre;"> </span>Artemis!65065B53381E<span class="Apple-tab-span" style="white-space: pre;"> </span>20160630<br />
Sophos<span class="Apple-tab-span" style="white-space: pre;"> </span>Andr/Spy-AIS<span class="Apple-tab-span" style="white-space: pre;"> </span>20160701</div>
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.com0tag:blogger.com,1999:blog-5046096073918528715.post-36113569406706778462016-07-02T14:33:00.001-07:002018-03-28T22:15:53.504-07:00Godless Android root exploit samples<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<br />
Research: ‘<a href="http://blog.trendmicro.com/trendlabs-security-intelligence/godless-mobile-malware-uses-multiple-exploits-root-devices/">GODLESS’ Mobile Malware Uses Multiple Exploits to Root Devices</a><br />
<a href="http://documents.trendmicro.com/assets/pdf/goddless-mobile-malware-uses-multiple-exploits-to-root-devices.pdf">http://documents.trendmicro.com/assets/pdf/goddless-mobile-malware-uses-multiple-exploits-to-root-devices.pdf</a><br />
<br />
List of files:<br />
MD5:<br />
32DCA26EEE9B8BEDE8C27278A77F031B<br />
3B1C1D476EA80BD58F3EB1BBB32C42FA<br />
48AB87DE9DE719A08F3F70AEF4642C02<br />
5ACEB560AC3F56956F2F4F29AD227A91<br />
633E34627FC5068C52DF2314D0DCF735<br />
844BA4A0564CA7FF99E5C85CAA926AD4<br />
A5A36007625371C5C828B938796578CA<br />
B98988B42F5E3EC92A557A1F31DF333D<br />
BC5D697E9217FE06194E565C4E031517<br />
F95457DC6FE0BC142D541FEA47D7CF1D<br />
FB04E52C9C93E65F980876C767D003DC<br />
FC27A200F241D42A46786ADEA05B0339<br />
<br />
SHA1<br />
44E81BE6F7242BE77582671D6A11DE7E33D19ACA<br />
50450EA11268C09350AAB57D3DE43A4D5004B3A1<br />
57795C32F75A02A68B9A8ACB5820EB039C083A16<br />
5900FABBE36E71933B3C739EC62BA89AC15F5453<br />
5D2A08D7C1F665EA3AFFA7F9607601FFAE387E8B<br />
74A55E9EA67D5BAF90C1AD231E02F6183195E564<br />
7809E1B6F85EE0FA7F0C2A3F1BFDC7FA668742BB<br />
7EBDD80761813DA708BAD3325B098DAC9FA6E4F5<br />
84C444A742B616BC95C58A85C5C483412E327C50<br />
A3E84C4B770EF7626E71C9388A4741804DC32C15<br />
AED8828DC00E79A468E7E28DCA923CE69F0DFB84<br />
D57D17EB738B23023AF8A6DDAFD5CD3DE42FC705<br />
<br />
<a href="https://2.bp.blogspot.com/-m2osAys7zGs/V3hnlD-OBsI/AAAAAAACX3M/njQlZUyvRm4CmhEkduVRxcqmA9Es_iJmgCKgB/s1600/common_ic_googleplayservices.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://2.bp.blogspot.com/-m2osAys7zGs/V3hnlD-OBsI/AAAAAAACX3M/njQlZUyvRm4CmhEkduVRxcqmA9Es_iJmgCKgB/s1600/common_ic_googleplayservices.png" /></a><br />
<a href="http://contagiomobile.deependresearch.org/godless_exploit_android_samp.zip">Download. Email me if you need the password</a><br />
<br />
<br />
<br />
<br />
<br />
<a name='more'></a><br />
<br />
<br />
<b>Commercial
Name Sha1 Package name </b><br />
<br />
<ol style="text-align: left;">
<li>[UNAVALABLE] Geometry Dash 01b3e575791642278b7decf70f5783ecd638564d com.robtopx.geometryjump.admobplugin </li>
<li><b>Mobo WiFi </b>7ebdd80761813da708bad3325b098dac9fa6e4f5 com.foresight.wifiseeker </li>
<li>WiFi Anywhere 34b7b38ce1ccdd899ae14b15dd83241584cee32b com.foresight.wifianywhere </li>
<li><b>Mobo WiFi</b> 84c444a742b616bc95c58a85c5c483412e327c50 com.foresight.wififast </li>
<li><b>Mobo WiFi</b> 50450ea11268c09350aab57d3de43a4d5004b3a1 com.foresight.wififast </li>
<li><b>Mobo WiFi</b> aed8828dc00e79a468e7e28dca923ce69f0dfb84 com.foresight.wififast </li>
<li><b>Mobo WiFi</b> 44e81be6f7242be77582671d6a11de7e33d19aca com.foresight.wififast </li>
<li><b>Mobo WiFi </b>d57d17eb738b23023af8a6ddafd5cd3de42fc705 com.foresight.wififast </li>
<li>[UNAVALABLE] Geometry Dash 17e5be80a4ed583923937e41ea7c1f4963748d1f com.robtopx.geometryjump.two
Mobo WiFi 9f586480fbc745ee6b28bfce3f1abe4ff00d01b1 com.foresight.wififast </li>
<li>[UNAVALABLE] Minecraft -
Pocket Edition 888f10677b65bf0a86cf4447a1ebc418df8a37e8 com.mojang.minecraftpe.admobplugin </li>
<li><b>AndroidDaemon
Frame</b> 74a55e9ea67d5baf90c1ad231e02f6183195e564 com.android.google.plugin.dameon </li>
<li><b>Minecraft -
Pocket Edition</b> 5900fabbe36e71933b3c739ec62ba89ac15f5453 com.mojang.minecraftpe.admobplugin </li>
<li>[UNAVALABLE] Remote Exploit
Live
Launcher
e70b1084e02d4697f962be4cc5a54fdb19ce780a homescreen.boost.launcher.fre
e.small.theme </li>
<li><b>Lock Screen</b> a3e84c4b770ef7626e71c9388a4741804dc32c15 com.iodkols.onekeylockscreen </li>
<li>[UNAVALABLE] 多多每日壁
纸
671fa9291bf465580ec1ea1e55ce8a5ce2d848c7 com.dotools.dtbingwallpaper</li>
<li>[UNAVALABLE] 多多每日壁
纸
e10efdecab3998cba5236645b5966af6ff4162f1 com.dotools.dtbingwallpaper </li>
<li><b>iDO
Calculators</b> 57795c32f75a02a68b9a8acb5820eb039c083a16 com.ibox.calculators </li>
<li>[UNAVALABLE] Live
Launcher
c74eb5fa1234620297330874bd23605158a890d2 homescreen.boost.launcher.fre
e.small.theme </li>
<li><b>FlashLight</b> 5d2a08d7c1f665ea3affa7f9607601ffae387e8b com.foresight.free.flashlight </li>
<li>[UNAVALABLE] Easy Softkey 416b1fe39eaaa4d83c7785d97e390d129dbea248 com.oeiskd.easysoftkey </li>
<li><b>iDO Alarm
Clock</b> 7809e1b6f85ee0fa7f0c2a3f1bfdc7fa668742bb com.dotools.clock</li>
</ol>
<br />
<br /></div>
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.com0tag:blogger.com,1999:blog-5046096073918528715.post-49234348698356787452016-07-02T14:33:00.000-07:002018-03-28T22:22:35.826-07:00Hummingbad - Android fraudulent ad malware campaign samples<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<br />
Research: <a href="http://blog.checkpoint.com/wp-content/uploads/2016/07/HummingBad-Research-report_FINAL-62916.pdf">Checkpoint. From HummingBad to Worse. Hummingbad Android malware campaign.</a><br />
<br />
<br />
<a href="https://2.bp.blogspot.com/-QGPyaK0C4R0/V3gw7akHSrI/AAAAAAACX2w/Qnhr3oEQxXM3zDnzUGBWiDpQn3caIRrPQCLcB/s1600/ic_launcher.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://2.bp.blogspot.com/-QGPyaK0C4R0/V3gw7akHSrI/AAAAAAACX2w/Qnhr3oEQxXM3zDnzUGBWiDpQn3caIRrPQCLcB/s1600/ic_launcher.png" /></a><br />
<a href="http://contagiomobile.deependresearch.org/hummingbad_android_samp.zip">Download. Email me if you need the password</a><br />
<br />
List of files - 590 files<br />
SHA256<br />
005f9964b813844a6c6af354456cc7da6d23055fde896b38b04ef094acc20f09<br />
016c6836f756c08755f4aee13d35b4bbf7310fc13a9e5715fa53f315d83d1249<br />
01758cb79e08759d6414c9dd18ccaed4b337adf4b059165d5096dd4f5b79f673<br />
019a0d62a989c8315ad07474027ed91665a6b18413409bd0d714c2e3bcb1558c<br />
01b87d63826e9cf4b5c0a6e4ade6772494817f4bf9ae820b0625a54567b675b2<br />
02308963dbc8827533d03f4274502701fb94b5190ddcbe81672f868e744a9580<br />
02d781a16a7975e7cdd0303f85fab0490ced3e13d86af32207e229469c78ec83<br />
031cc7ef3bf3f380e2902fb199df489d4afb56134215747b36a4da243f405001<br />
031d2ece2d2207d522463bc2674eb6e131b3d58bc2b969d6ef3b2c2c9be5a6f0<br />
....<br />
open the post to see the rest<br />
<a name='more'></a><br />
<br />
0357097aecc5d1af1629783e8d43217a05be930ba86a68bdc2a89d7ed5776e30<br />
039ebe507ce750008fba86215ecc150256e64a1a6294d0833c21551bae90c962<br />
03a42218e051323ce14682ee27b861d3565a9601c29a8e84ee4efce31d5dd176<br />
043de9602441650e353e305d9b97433bb0776b0a7511102092022971fe7a1040<br />
04b46bab97f8fa21a6a62b5f7fb8ee74ef0df7f5ccf051776c6593232841fc20<br />
04d12fc2431558d3f934a6d599428821bb2d23b8cf6fdcb1648634d721fc1317<br />
0542342e831956360e035bc95385925d1590cd1cac1d82a45f57926b80b52629<br />
05a4a64e2a2a0ee1dd767d8a93edc81e53295051f0a82801008ccd9d804a46fa<br />
05df81ac521015dd0b88aa82a938e05ada40333a17e4671d88d6c0bb67068153<br />
05f4484a7134c416123ec0b59dc19ffc74dde8f80bd32469ce714206101c9efc<br />
068ca97e3f71486de6a0aaa67bfcc287a6a9bff6beb896c66d4d2d287d8ef665<br />
07012494579a1a0073cd02d1cde352af7194e82496f92af7361393612414aa0c<br />
0706ee8abec041bd4f8c5162d2df9ede788f2c02774c0ce51b132fecabd19967<br />
074ee29c42dc26e9ac539ac931c58e561b3449a7d541e82a7bbd62db48ec0194<br />
0781b07fd519b1e11c4fb2d2f002457f174a5b29f847171396bfa0c05641e757<br />
08978be36025981c6aabd62562d79492c4affdf057b2d988c304a0846d7066bb<br />
089e925f50796bb3b4450a5d155c6b1b694145974ba1712f6d52a6f94d6faf2e<br />
08f72597b574b9c9941925367b58cdf68da8c51f7f664e21b340776b6ceac6d6<br />
08ff10fd0d171c30f34007cfce1c2a590b9ec0086b91222a7bfdff04424523ca<br />
09df23511aa116a05b10bc17a92099acdceaff635a0a34f6ea133f0a118ddedf<br />
09f0db49f5744c5eee95b427a3d2e1311ed44918cc4198cbd861a00e84bf768c<br />
0a20d02efdda74f50a14601a2011c34c3f68545e196265dec36666ba67f05a3e<br />
0a2944721582df75475f46a931e5436662e42b48a1ade23880183fd9b6a26549<br />
0a3bbf092b5b36074eeae18601aa915c4ede8ce6fbd1caccf599d19aabcd3604<br />
0a4c8b5d54d860b3f97b476fd8668207a78d6179b0680d04fac87c59f5559e6c<br />
0a56c201d0161f8f231d5d4535c204ee5bef320803601288e627d8d2dda16afe<br />
0b49d40e7e2effffdc906adae1a58017ff6e63cd9a14f6770e089e13a434b777<br />
0b5909f393cab5c59731d87baac67eb0069632affd128c91faca37288bc9d5b8<br />
0bb20f5a9b2e3f29f27eb3f7edec58938eb27e3d9adae2d738d7d6a02992b740<br />
0c22670f87a6aaf0ede2a994d40b2187a8c7dc3d613511403f75bca4d5b81868<br />
0ca45284cc7fc2ed3acd2c8e45be2b4d760b544d2fd4d295d1aa85ffecf28c6e<br />
0cc5b32bd9a4db650b6909652317e0b6dab214379dcba51ee68fcf9a697a3fcf<br />
0cf6f921960daff6fa4219e29e833b01386bb9790fdb4e9402cf80d75710b363<br />
0d9d9ce8906c3d1b663ad67ffb189de25d09558e7429acc39e5dd9736c032ae8<br />
0dd6c5e3522583ce49869aec9e54563a3abc203b4119acb7843c7a706464ad9a<br />
0f51553b3ccb06b645f1919f994ce7c053701c88dcf0b8cb74e27a415eff511f<br />
100ab48f46ae03be916aa20c6d4b318abdc2f1f3bd05fa99db5b51a900144d17<br />
104e4885bab2dc47dd8be982f6e3a5e4f67b882c39ca5ecc8299ca9e0872d360<br />
10f1d35d2c0a8bef653a30123def4d16666ae7e027530e13327799f575fde371<br />
116efa7d50c1424023c897addcdf9e083e22c1226df557a31f23c0ee366bc562<br />
11a6d6ae4322f1f7a021fd63c889319bed27660036562cccad880ed8f1ca2a70<br />
121260bc6ecd23e7f5bb6b4b8151f510b3aa53c9b19e6899629475bd56b4b267<br />
12bb776eda2e28e79ba18e0f7b927f6eeefb6966299417dd0cda50eef7fdc088<br />
142cc39dc7b50c5f349cbd7d4d3742c278ab3f33a98758793746f04580729de9<br />
14a4bf54ae7f8c4797162c979f1ced37d23088397195bb2da56d1545fe52db21<br />
14bf867ee6cabde8d569eca27b8c8fcd50bbd1815d3c8f93d0179f96ab77e3f4<br />
14d355c590500b5630983a354dfdc1d1392cbb71bada1c64ee27ea99b7b9c4ec<br />
15b4b86419a14f10a89160181d4d94b825556585d359dd2828abbbe36f989e26<br />
15b64cb7829c876dd753517be7ad68b89e16de66a87f6fe535e90e5d0bbafcb5<br />
1601987a1b86cf03cf3b5dd37d25f2533cb727fa5215f453d98403a59297e265<br />
172de5e890fddac14308895e0e11ed284c58432f028c46dcd76489809017e590<br />
17958818bffd2d2c15fcec4ff263bae5a9fd1cb1bc9243fd6ddec39a5a4f94a7<br />
17b52dd1bc55b436fc8847a3c74c22b1c8aae822ae4eb02741627d8f88e64e7f<br />
18fbb0657c647f227481a8e40b5cc87a35032a33b7fc12f71c80ae70e503a763<br />
1948fe04ede7886b5ff82d39d561d1baa04e5433e34a09bd9a09cf5e8b6a0eda<br />
19ccf5569583ff0c498d66dc5a95f701847927bb1f5f77ffbfb9b74bdea0e8f8<br />
1a058d86d815566cc9a05253405b131dc5a5ae35d2554d1af80d2502e504478d<br />
1ab9a8f8435e506254ced4313924f7abca5193f47a22a6b050fc06eee6b18da7<br />
1b794132d88a32883b28de608abf96248ba6eb4a00ab8f55db7db377a1e3b19d<br />
1bf48b4af946db4920bf66d976cfdc526495230bbfbbd6db5afcc4da81b3245e<br />
1c51cb114797e7a0e8b0d96d68e5d5ff09fdbf01cd885e90530a4edb4cbdac3c<br />
1cb368f16aaa37e111f5a762a489e97d2473898aac36aeed0b39d3d81edcd4d9<br />
1d32876798371c88e9cab8c94b87750ef310731fbd2cd55715153b586ae21a87<br />
1de2b4bb451d02159a03c6f2dc10e574ec5ce0b47ef1ef03245e64477413eb3f<br />
1e30b42f009624ff4abebad2730afede5ebc7e54898501aec05402090e0e85f2<br />
1e4a54520093e4c159542e337f1e5b613bafef1d732f2b6f1a996326d7a2cbcd<br />
1e710b21904d9c342b49709c372192c50cef3204cef965cb804e5548ba637bd8<br />
1e84048982c05d1eaae513899af8640ca93cb4054e4f00614c2f946393e24c9b<br />
1e8fbec652c58cefce96b140f354808e8b2ca531c7e1c0813a0fb7978f6af244<br />
1efb836def7f0f0cb860afb83f08c00986736d812ba95c8e77a03f3754615aa4<br />
1fc0dab3e69363b722644a2d56d54668ff606e4b6542caff23615f8aab9aef97<br />
1fc97d427e3f9af81954d7cdb3075cc70d87271724c9d45e379e08aa9ad77fac<br />
20027addcba5a7ec2d54e9742816891a1d75d1d08f085fa7fe935ff6f96a2ef5<br />
212ab6cf17645b52b96d22cdf353ce03e556ed4db3e5d0ecd1be671bf417bb7f<br />
2150594147fe43abd5f754dbb2a3ad5832a7faad13b519dabbdc3eba8e9fa87c<br />
2176978ffebc7422de99feb41897fd65642d7631883f579d0ff6e4d632b3fff9<br />
21cb5aa19044995d0ef197126cb3a28a0566a2a4f480eecef1e7c3c87f085047<br />
22111bc34ddda1783fee827ebff73fa5c3bc7759532c1bb9d1de51eac3e85699<br />
23c17ed4680d86f0c1d955ee043596ed9759c3bf53f4ad10c9585de64e12c230<br />
23d63c70d63b6a8961a29b66dcecd0d72dd6c70c68fee28adabb65c0a3421716<br />
25394565deb94d8e02ac9b36daad9433c71ec6d08bf80287fcd4d603728ddd37<br />
256e4fc2068050df84b78e01b181252c3e2fce12e8dbc407b6d283afe65eff6b<br />
259f458300d64aff5676c68a216e9efbecf2e865b029fb3c1dd1cf5d2fb5a4bd<br />
2601ff11d3a0ca6792ead02eaff565f69ee5bf4fd293622c1808515f086b9325<br />
26add5736400442e4eb9352f12ebea2edf3a4d2f1059c0a4ad6088377b3f6d22<br />
274136452f5bfc32efc30f5ee445c28de21157f2fde9bf28c8df11b99ada3560<br />
27c16394d39d51d6b3151761e4666e7fb6e3fbdf007e483f2d566f55e85da5e7<br />
27f9fb0ac030e1f0611f3f153def9097a427d24a580437b7c1258e8af068e10f<br />
280176499c1000b00aafbd704366332b6270c5cdbc2f67d7ff308b86569e4f12<br />
28543c0c80f141bc6b71799c8aadd15be93539942665a9d6e6608f58d00293b6<br />
28d954ac619e93a3f193fc5873a398000198cca12e1a06e10d103105926144f6<br />
29042b84add04e0147be3a6a5e63b530c0a0341ca836643e48bc2c34b516d188<br />
291961389041bc65cdd9125af38fa6c25b6e34e67df1b9f2883c017869d37737<br />
29c7a41811435d0fd4a032fecb267ed66d91dfeb327db522af0e3a5fbbc4b82a<br />
2a3a17ce942b2c632bc96dc505e7ac5c917c37f2df7ebef5a51904d1e26e6fb8<br />
2b2c817ceebd56992e8df41d8f74a9c828733f676abb159c84a1a39a9c699783<br />
2bf72b59b69b12d40d5663a58b75ddfc1f09194ea9135e0362aee75fc46bd3e1<br />
2c510b0b655a2766c0c0a987eff1fe8f25e17af59ad48d8afa1c16fb949795c9<br />
2cb5672c097dca537806d932c4093cf1b3284c4b23c360b9ab1a94575ae95987<br />
2dd01b8a1d0dbb837f42fbfb1587646605b43b862f2fd1992c52ba8d1465ebe6<br />
2de3e9130bbbaf755050867e40faa45f9fc71d0844b32a58c07e52fd68733b81<br />
2e204eddc54b7f97b0d4081a04e516c366a52d19cf8cc4c2f865d4ae5d81737b<br />
2e314952b5f7acfbb98dfa55472fa98e018f83556c6ec0d9851794934b444492<br />
2ebfd1db6d2bbaf554e45be3cfade9c370e379b97f6f42c52aece661348b812e<br />
2f1c4faa961065ca67f5d42809fb0008c7defe9c848bea79bb8fec8ce31971f9<br />
2f390913307a57b0bedc74e40d6ae3ac20ff0ea6f9020511085d89238e39ea04<br />
2fba2f84c080510a48e0a2bf4fd50c7992e50318396588db64f78dc48e8cc685<br />
303d681bbe698077b355b4c87628cef6c604ffc06ef4c16ffbb651c07d72cb5c<br />
3048bd071e9100e6e43f4af93189ce6ff7a2035c47d0b2eb431beb04538697a9<br />
30b139bbc1654891fc2890a93d9b29bfca77eb959f09392ebb6e6649a3f8919a<br />
30d894619d24f68d85a9d7a927c552d5aa281cf0cfc4f23cfab80f11c55f161d<br />
30dd6eb62cfe148095a3455cdd9ce7458387867d3767c31fbe06bbcdbf8790a8<br />
311607acfd989e4482362e4910d2b11697a12883dba7d605c9f184db35540bbe<br />
321b74ebc8840e17c1dd5ee6ef423a1c9b53d4fae7e9b52059a8e28123aad911<br />
323d0c5ab28124361c96f2d337b2576216e076ab0e7cbc8cf981acae15916ee2<br />
32736f56d8eec2267fa3421e5eb9e43bd03312c12a91a3e39375476e970b1425<br />
32a25f2f339b70601a33d5577a65424eca25e526222067699702f406be9aa027<br />
32c78b131280b39c13485e18af1b331529a81e8ff8a6d7d7ede0a939716a6950<br />
3334a81052ab8f550cab08284c5268729ea6fefb9f2a38f564856dfc5cbee7bb<br />
3342a082e28d8a6c4cd4e4f0eb088fef9ea704b7180021b70d0354c64ec4d08f<br />
337c18c22d8f535ccb1c19b92c32a6e32393657eded11375c6d216871a156479<br />
350264c236b8223b14d0a695a8c9a42a1bcf9148edb8871e610642318aab29e4<br />
3556a03373284e161517fb7a1c8089bd25b7ccc74a4ac63bc16ec9c003a8d87a<br />
3592913703592043fbc02d778571145ace54a23346c46b7c65852bb1ae9e90cb<br />
35c9e951704d12ab652dbd23db3ee5ef4cbb8dbb26cfdb9871a28fb45595b36c<br />
35df18484fe64b90c7790abae428fb40f26279f3bb8df2e4c34c779d6fcc623a<br />
3603abdb3a307872b8bad338640095b65ca59439a34a372584073ff794a306e3<br />
365baf2ef1465d6612b6adfe58c3d01b9b30f120386caaf377b16d6c6f0aa6bf<br />
3685ea7507713689bf43cfa2d179c9a0f6dd774a8e0bfa5aca4cfad73f6aa498<br />
36d199ca69d09867e878b1abb64f3873e30cee574ba41d568952fa19d7dfcba0<br />
372fe30f9b40bf71dbb850ea0cffa84bbe423561d6a0ae43949ccbfef27d6126<br />
37f8422e6a868980806129a9746d3be53600502f1353e57ff915373630dec4ff<br />
38f94f8803274c8dd7a4113b4b5f54fb1563ed6e49c455c467848f3f09285fcd<br />
3980f8c12ae579a8d38a61e309579325e9dc228c4296d0ec2f2516a44a91b32e<br />
39d86564f4eadc36148790fa51922b1d363b5913e004986925baa83d05db6fe9<br />
3a61d9de3b7a64844513dfd9f39fe2daed7909b7dfb97259a57278c7bd4a5bfb<br />
3a7350332387287360c9a599f5877a862d2fb37e68d9cc1e34e6ae0d044b3080<br />
3ab62d45ddb4eafdd2650be19559a89ad47724d28fef50caae3002199430f4b0<br />
3ad301bdd5595b81d5bf2ad612a08bbdcb15c34f1395beb217fb3365c2eccb40<br />
3b590c6f3c96787fc288ce7400664c7f7045c834d079b64491c59dfcbf51c5a5<br />
3cff6afed7a3d5bab00dc92551e6013b17c8c3e00ed0b735407b286b3b36fa04<br />
3d6ff86ba4c260e28264d6f159d3001257935b11b35d9092bf36be84cb91b177<br />
3d89910bede1e19e1203b16dc217c12198a8a63d26c54b9b2edd06017fa54da9<br />
3daa944c4fec38007266986770ca03f884c48eee84368f81b046918fcac0edea<br />
3e2ee250807ceed39ded2a289d0f10f5f8588af98db32b39477c548caaf21872<br />
3ee2fec4b1196471c7050625b6c88aaa0e4f0f66776aa13ef9888e005d83981c<br />
3f0ed24d59dad6a2864ad399c1b0186bde8023f494395e3abc8a28dfae6a9ba6<br />
3f65fd40982d481eed2d044addd1b069af9b461edbffad0d76483ac0c073ee9e<br />
3f7b750147ae07f95be99cf17d54c2903f64dfda2bdb70327b23be9f1dfb22c1<br />
3f87b5e8453e98f70a93623677c67478ddd713517ca647e7fab9dd80ffa5dae5<br />
40159f0ff5a3361294df7aec5906319c9835e1ff80ccbf105f5598ec4c8f1c74<br />
408024f92ab2bbcd96987445947b30670051d6d72d92c33c3a4f4c85c9cacb9d<br />
4091ba291398aacf6a0fc99e390b3a2774ae2ce680b816d0a9cc99e6f9c03752<br />
40b6b7f2cf62e4390d5e8da631d3c0356946f3834466ce19a4e9fbf58427ce4b<br />
40e38da0f1c7cac092bc0a59448670fbead7785780f37321f5a7b9b59b6d6ec1<br />
41434d288a380e46e4deba661551e36895b9035d83e76caa668c83ea45979ac1<br />
415712627d9a599990380663677e0ecb740b8ee1b8e721a363a0d2e8e3099ab8<br />
42457e43af29e5795f41e6e57aee2651d81413783bf94e7b992322d69d7c8849<br />
4246bf657ba15dcd4296cd74adaba34351dce0bff40213d57a82cdd43c602e8c<br />
427d863f50e8a2782e2165b804508c8cf0f4f7332b594c5c50918103a9456bbb<br />
42cd4181e2a89590693c74b1e259456ffe5caa41001c43720e7fdecdc17f1b7a<br />
432f4178d59009fc7489d912c02c15582c33b135a6327ddb2cb74b4f26118ac4<br />
43417407e607fae878ab52273f0133838192c0d74ace5bac8fec9af3463a06e1<br />
43598251910ff5ef2d57f149503a5403257380a579b2123b02e013f43ef551e9<br />
43f59bcaea9ac05ceb903be3dcf5848544ddaad65559dc7d312019fa3ddafe1d<br />
442ffae46ca47d5ae8f8761b386b820f201f0530b8d3ef58d0bfe4452024125c<br />
447d0e3c14a45f9423279ad2b4fe94ffda7ee75de40f1a59c4d4c6d0fa4c7c2f<br />
44c99b4dac2e950947d084bf53db6bf24ab4297508e3a82bfa4a1fbbb1276122<br />
452740b931edb0f8042eb906b1cf403e41074d1ed8840d728666812eeca8f413<br />
45fdeb943e04d118ea981d070749a2f7e3f758c050720987d03ab927e73fc15a<br />
465f4f79dca1b3e0f7f18583deb91e1b3fbd184845e7ef184ed8858a1429958c<br />
466a9fa2a862313666988b6272d91aa8b4bad07e287597ef3941e8506ed20581<br />
470ca29ce73c4b695c430bc01f454dda79ef530208187db582bb15e9c9e489dd<br />
484755d45f92f3ce1eafc6c228bd768642f17bd10471cf3fb90ffd3bed46dcc1<br />
489310c0e330b4ea5dd744fab1926b5126cca75f66801d32211cf4d533baad7f<br />
48c8c6af4f6152e094215507d0251ae6c3df2d2b94bb7145d40ca0e6ee5ceadd<br />
48cbef8c997c303573aa5bf1ee5b3d177de9dd37c64eebecd5fc25099cb6e595<br />
48f357913cb624f7f5f1facc5ea35a7331eb3e21177484c179c931e2e9e09c3e<br />
490707a8d62919f14890ce948c18b2672f7b763040c6208557a6a2da40d07c8d<br />
4908558d1c3abfbdbaa8b7dfa3911fc90d19b4c797a4cfe937beda158df2a319<br />
4922e0a355bab2ebcb4a7725fe4f9158c050611118fa2b797fc3fd4d21b6067c<br />
495ef843aee3145c41f7a4ad1e318bca3fa32dbda46ef8a5e7da38e0c81b2b7e<br />
4978f184b16fa0ba88e7c6603215e112088679d61fbf707891efe0a8eef39152<br />
49bcbfbc4139c0eca8210f0b0de392cbc296d9a8c34269d3ae2312135f39577d<br />
4a81eb1e1480c22199cae63ce387ac6103db95037a7d8dcd99b254b6c775ad62<br />
4ab83e0292edec091b8e9d9afead8ff4da2db7d74dbb5416e8bf887e381188d2<br />
4b2dcbccdbbf7cf8db868cd4ff103d335a13a847fa2794de23e0ced4e971a0c5<br />
4b353d449205156494fb2e90c638fb9c8091dca9ef2b5105f1f6b64648885604<br />
4b6edbdff6b01170340bafac4ec9fbe18feab8f1f34c4507aebdea17b26d546a<br />
4b810a1723febd69686df3c662d748fd8c42dccda0031aedfa668e04ed760f05<br />
4c177a743baaf92d103185eaa13f44ae76678e96179fe805defa7e10c662abe7<br />
4c87f0c3246c72f003d77b1bb97bf415d8153d591797f69532e3e815477dbd89<br />
4c9db1538f1f59a5b8aad94d7100c116e4aac3c05615c7d010fafbbb986cf9e6<br />
4ce890663c0e7bd3271eccd60b47d4e54b3cc39a5453050b21a9921890740261<br />
4d107319a3e32917184a9f3583a1e4a445a828d4e9fe1f20284a31f2d3eb527d<br />
4d19833ede04fddf95a334667c46060a01c0fbc87f7c4f788dd41beb50cf2365<br />
4d35635ac6444601ce50d3dc965a412a2c46d7474f8782641db5195536e4b841<br />
4d9a4605434e48e2a62980d0e2720f968d4d879b5630b8d292dbee5df6f99fad<br />
4db60432781873914516bb0b5beccb3ec4d89568d9f0be63395ffa1e2683f574<br />
4dffe0e4e36f4c6ff8908b862bcfc2d1aed8b83e596c324a1cde15e1357f5633<br />
4ee0886246279387e66db2ae03c8fd1ced81a5114a8480911c018a18e65ebf63<br />
4f028b763bf72b86a79a7e08d2cf4a764bbecfdd0cec1a8a0b1074afe8721193<br />
4f063db4cc4ea5a025dec11704c9c40642b86ef528e7b61683021f9a8b8ea62b<br />
4f3663b2a405c1d975e0362ca61af5fcf0119fc407760ec9ba770afa5bd9fb46<br />
4f8c773c390c053506dd626db311ed381819ada82fabfb9f6dfe719a278f1f71<br />
4f9dee15e7660c6c596ff5c89edd47fb13674ecdd3c452dff3829ed2ab21d6e6<br />
51550825cf81c5041e7a3fe82c7405d17b1cf356c28cdc1083b2285ddfd30fee<br />
5175939c21965b529ccb1a949d855136f9a05b23f4dceafe98e3792f10e68447<br />
51a4e8c25822305ac731d11c29ce634c4cbf0510772131e7e0b38420aa4578fc<br />
51e6a78c1bdb0c93f9b0cc10ef40e5261ecb9389fddd90d24d9d55ba952fa819<br />
52044c336bfc25ca365377ee3f07fa445fc61d40647493abac0d11a92690c670<br />
5246b358f7ad33622730dceeb0dfa8d5e8dfa631911457b6ff04a8909e4e8c88<br />
5247156f9d643fc42da0c1fab1bf204fd47cb3c4651ba466b941f72e79d75b90<br />
5272f72fa9131ce40612e3bfc0d37383e5b4983261db56f6d75ae4b0e1366ded<br />
52c073ef52312049182773b3c4f3d275b2f3419e8d16d3dbdb5ed3446c09b439<br />
52fa24efce0b602d5ba4ced035b5f5414941f0a1402326a3257bc1d0d1675881<br />
5328a5421c699eea6063f27ca7df1bae7b92a6812f8876062d4ceb8369246c32<br />
53712687d1bcbb99bb75b2f3ae2dcc99668597dd2539c645104b42007bd29230<br />
53c800ae6ec0d4ec9c1b52d7bbf72fbdee9b7ba489f9936864dbd94ec1d5dc69<br />
53e43f0b6e91047faebbc1c3d3678dc67ac897083d2d1028ec5ce816dc4621e1<br />
547f86f8a07d1b3b39f4edc2510056af75689d75b1b71214b3c533ac3bbbe4df<br />
54b9875b4b3e835c9d7440ce2d694e60ab624a138ed7b155c09bcd87048a9074<br />
54bc0f19c2fe8585cf837f659725d2ae1dec2a226f811ebb3839924ce62e5677<br />
54d165a04c70bc6819c1492b533fe9a499e985f3ee050ea8a383eb2f2270ac53<br />
56ade39f9eb7ff22d76e42fe120db1f7e16c61e336a8c5783b7fd8c5b72c08f7<br />
56f2828cc59c204df8710fe83e87f190ce4c2c9549e4857605126b71fa6795f0<br />
57fadf56a9a09e2110121fea277f00dbe147c7489c4b269fc379f582a9fcf1e2<br />
5847718957e67c4cd70fe6215dc4a1e9113196a9129e6ac05a1e916edb44a02f<br />
59173528ebb747fd9b33d087f3326f3f3041035e2b2566d9e71ad1afa4ce2595<br />
5b5dd78f8c1775eab4c9e1a614bc566c9a17e024ee0b2c4eeeaf0015d83a6e1c<br />
5cd70485750bb599fb71a4b866994069f92751d1feb8ca3414d1a875efdfaff8<br />
5cef1e0dfbc671aa03cf0d8d740cd8c068c9d91d0941369a2e1a9ce569b52b61<br />
5cf4342ea72377a4ee0c33e4a3101fd6554aa66c1920de05472f6595346faaae<br />
5eacfcd99a926e9dd646ef900273fbe7fb7f4681cdce7d5c3008db0d9e0d572f<br />
5ec04269a75c37779865137c8a34e347fabbbf43e1c8b634a4918c7c5b503fe5<br />
60bc7b73d5d8843a64ae54e3345cc93dc0799068f4af4282fce70656f3cddd11<br />
60e349c21199f2fe686094c55f6ed19a0c57613ad2108d3b64ab62942c94ed82<br />
630a41b96545c5ed70613bf056d647487f0e0821005ad34d5772c8d50fe64c73<br />
636c8fee2b0662b16bf25e70124b4f086a8b5772dcf71f31f0b7719551c49b21<br />
64239bffa86851b12026c108d9cef52606ab570b3741aaf56a5640f20d029208<br />
642767b5ec42805a2e4ea7b7e5015d8a9f0beba130c2bf39934ea7e6dfa013b1<br />
647f981e74738474642b3f8da1007b192528c584404a96627fc29bf69fe410e1<br />
6502b173685ff9e9fdc697e6d7cd39e6ccacf3e959172b7e986c52ea36f24f08<br />
656aeb70720b7b29da279868761cb8fdfdd24091c58b229b3ce38bf2333f5f8b<br />
656b911225dde78a42d421750557db2c5c1218b97e0053c4c500658db5c81ee7<br />
65bf84793e4b1299650301137f226a92aca499cfc2827909a888b15e4b8c3d1e<br />
66463fcdacd40bc58be4aa997f5e7b0dbe6af97c85b92b8fe7cb6dbf1d512624<br />
66e4b0131494d12a02c7bfd8e308c1a0904edd025578850a5ec85af67761c277<br />
684e76468ab14a5e6febd91fac6b1c705abf976111b37688fb042fc012a40d93<br />
686062571d35fec52e79b42eef08e3b543b0406d90ef0982032f09c5918c31ac<br />
692c3027a7cabbaa8d40a0d664efcd2410dca41a5535b83636b61c24518d0532<br />
695bcdb699dea69b87c7820bd281d6d04dd9db9630a7905b14c8db72819d0711<br />
69a6291b7bd3613a1131039d838d0d8310b363493cf89057874c8e98a91c941c<br />
69b10020cdc1f2773aa5d82f9906877ec6a909de1c9f1a6e927941a69dc20dcf<br />
6a116a42a33321887480582a2e06e41e431881ec3c43e321e91fafd5edf79b4d<br />
6bdfd539e05d3f5a8ad9562cb9e1ccf82765d3500da7b911bb0c248330e27f87<br />
6c88184ae6b8378f99274e1d23ba4c0c99f270510fd95bc16a8f09a13b5ca42b<br />
6c9c13dc41add17f9e357c32fdda6356d7f6711b62ac47b0fba622c628ff1455<br />
6c9e2495cd521e463b4cfd57cf08e6a7a62f6a5ea88e17da7f8c0f44970f5aa8<br />
6ca68828b64cdc5d7497dc3dbcfc427da2d9318517825f72231d0ac882a12279<br />
6df404ab1cffd23582b2f1b634f6c3642843b17925b908d61ce120da288cb10b<br />
6e36891b77d9cefee1bd7f3ceee7760d7705643db24b46cc52676078dc69ed12<br />
6e4c5630e18ef95d5f66ce407af5f84fd0d570153ee8eee862d3fc299f55b380<br />
6e7570639c778146e8e09faf828f37af5c89bd22ebd9a6611d8aeabb75c4624a<br />
7065ce56c0999b8cfe3b18cf3145d039050d18f15e92107aefae836f630bbd02<br />
7183d340f207e5500c0eb50924383653fb8d1d319758b54c4a935fa900cd5035<br />
71d5f03ebdb8eead4dbefe532b768fb6caa4a1a482b2ebcddbfbb1d58b380a49<br />
72568bccd121560fc973d74cd65d66fa6b1b49d169f007cb5728604770ba2b0a<br />
739d25649d6f210f4e9a64c2db7c9a62c87fe401498e65c9e5c5a1bbcad8ed04<br />
73b7c822b4303a66873361006287ad448150bd6b80bd1687db524a4d375ef470<br />
73daf029323fb9b46bc202844beb32e88cd2531a81f757cdbd989e6f4390e6db<br />
7428cfdf79722ba97ff750869dd6586273ac333a4646ebecc2366a5482080c92<br />
74517ab69b69756f1b26392a722a295fefe665a5347ff58fe6865065c8b123b5<br />
7486e165e6b0f139adf4892fb2466cab94c4d8e57690186b225e6e3c8d49d503<br />
748cba032a4e2333cf5fe74e128373d5142d0b7bb30d2371a268e352bb5ead29<br />
75147b4e9eff3dbd26f44af11ddb8ce11b97bbc0b08d7a81160885a91d7251c0<br />
769ed0ba44b168f6969a6b701811595bf3044b6120345377b0c042d04023f682<br />
76c6293bfcdb0410d6e5bc992d4b8acbae80646666b3b757e95a7f569adab398<br />
78148ea1f3f3bf709c2b9b12dcf148953ca8e0b66e168e3400fec0547abe6819<br />
783ff6ec13f08f4765e288cede4182b3436572f136f90146fd24f1678bfa5775<br />
785d588633584dbe8820b91963b3d023e4e92e443a0dd1cff69c96d4658aae08<br />
7948f397bf358ce591d3816bff1991529a378d6439fc2ddf2124bdd54bfd2e1e<br />
79dd258232b6e95c39157a73a2a466a777dfae766daae589f195ba8dd6ae53be<br />
7a668d9340d624936e7a518e94287f83f54d3229f7f4bd76e0c03c8cbc25da87<br />
7b3807d3984ca27bc54dc7b33208687a0dd2f7f98dc9db54184491e12f27f072<br />
7b3ba3766f6c4291107e2cb81badea1c3e1b5a3f0613f653ff489ee8d0293f13<br />
7c139789bac1f7120b2f91dd3f2aed0c0aa4901cde50679ee2fe1eff9d910ca8<br />
7d11016f38ab572c6a2990336a754cc75f21fcef5437f0bc5b632e77b2c217db<br />
7d55d07bb8c06ce851441b45cc57c9dd2d889fb0bcbd9363332372a7d2754e16<br />
7db8daf8d6ee4d718e676b3cc98884816374667e24331f92ea7b809bb7df6e9b<br />
7e10fb6b049f114d833d770430aec37a92301f5112226e1fd8cf873e0673520f<br />
7e3197dc6de3605fbf464baa71f90ee8540055fed341969f5176dc50ccc6102e<br />
7e93a391e63e407d6dd9616ac15076b74595fdbdf67f948beb1eec1411f11d90<br />
7e9c347f347c332e83789b9b8d51ffe029a676e95e74f9bd07cce5a01f066221<br />
7ef336c7a241648fde8a098a56c7a9887a344cfd0cdbf0048f0a88f0741bae39<br />
80ef3fbcf6b4bfa38204b2db8c370bba509a6790de15309e96ed74f6f5565d42<br />
817ee81e9a3a9aeb884a24b00c8349f3630ce2bc972b119603039fdad1e9f500<br />
81b13a383e6869bb0b598255306f2afef266876534a59581f9411561dd4e8d55<br />
8230711412e21eafd71b071b67c3251ce4064e9084de55cd9d1735fb5a81268e<br />
823785873125f0eb57f345c9ec45aad1ec503b62b5576045a2121c96de6b13d5<br />
8243f21220bd868951b3760e349b62b6aeb1588b29e134acd3af589fa697d4be<br />
830b3f0bea1a90c172e1e91baba6a601b22603084aae1d4bca8f4f35f83c3806<br />
837984e1defaa5e4d46221d188a52e78b529fa6e8c5534016dfd37ebe9e7a2d2<br />
83a2607e7f472dafdbe80ec87ed213f39da2a3307b782d469542d01e68b7f282<br />
85d11065f981895df7c22c6c33813cc161b7e6998d6430e8050178a356d3e9a5<br />
86e6624c381056ddf67cec046cf74604f228f601b2ec5deefa173abf7b6a3658<br />
86e73105bb2d643500995a06040b052ef80176e22c12422f4a0735f7f14a7226<br />
871c17d7fc0b0a271d3007acfb5e8b234535e745e8ef811bbd347d54fcebd283<br />
87321fc5ae77fcd7afbc6595a042545460e0eee398b66bb15952af0d6fe71c51<br />
8777cd208f0839d08979519db753cf389578544e997534a6e625b81161d7df69<br />
87cdb5f019b5a83dd92c326bf2e9b133a3f1f6a590d752ba2d41f6d60543305b<br />
87dbfa13e699d400800642acd9afe5c4e2bd303ef4d83d0a34d3fecf796c052e<br />
883687a8448fb7df66c9f823b8485fb2093476b1ddadea6d4348c26340aaa39f<br />
88615f5d7549ec2db4b2186a2c3483bfd2561e3cd7174d14659e1a77396bb8aa<br />
8923ef45147e0d6f3e329e9676ddf5e7d5de51362c739272afb293abbffe44c7<br />
89bdad3922f3234aaee1c46fa44544bd399e7c6d023c4d2ae463e6cd3d512a79<br />
89f6216a3f86bf6a9be520a380dcca69ebe1ac704cc340b9144c0b4c09d6f788<br />
8a7b7f95e5d6f5dbd00c908ef19663a919f5a07be480b4c35942f3beb66434df<br />
8a97eadb44aca37bbb562c3353f5a2d345875b7c605e1b916dd653162c4c2e8d<br />
8af16cf4e3850357683eec93078a8736f7d0e81a3fe0c5ee9a70702c500de72a<br />
8af49f61ec0f7993d58dd84d9c1be3e295e0cfa39acc1adace0557312a993f7c<br />
8b20ce3b103643a07b66f669010a7c302524dfd832850e55cab0b8229f319df9<br />
8b501e2e8ab8765989d45cb15395144961336f138f4c697bf1366558fc9f9cd0<br />
8bac36fa2cb744e2617abfb17d76a4cf891970f9f4ec5114d445870af31bac0f<br />
8c48834e4fc9ab2767ff5b13657c15e01145064d1f5a8f16c936371042b4a09c<br />
8ce910692aafbe25897db81e57f1c091c73947adc7872703dd35ac1dbc4428d0<br />
8d4bb28d93a288d9e79bee8630e1f91ed811dcabbaedbd3d64a396998d220579<br />
8e7a55a52fafd8eecbea76eb1ad8d98eecd7072196691dabcae626d4c3d86bfa<br />
8e8f13455dfe6085baf5dd8eada926ceafaf912a96327d90369dd23009bfd135<br />
8ea5b422561b2c7d8e4a77d0f1e942aae9e65de1ab6e05ba28ce4a63c393178e<br />
8eb51d636cf7626225ec485b6ac4a57a75c1ae1d137230ee8e968af37c19fe61<br />
8ee11b256405a531e587458c946ea17e556a78f46e1bb44b54388186af60db8a<br />
8f2f309efb1c80a9179ccb1c8b421f6bfa5f557606413e0b7260a8b53335a601<br />
8f48c61e48c63076b271c638e6e99b1be7d014fbc8a0bcd67a1ee44d8e9a5eb1<br />
8ff071798989ec5bf23154a4b1c6802e991e12b3c235c72dfef5430f04b57594<br />
8ff4913742ba7eb627357c45d367af79d66ea0ada48f306718d24bb37fd16145<br />
902e3a5f7604f29b151df12ff789b4a7f77e1d2fc7a2715d525321be8e091b14<br />
906645a4fac2387c10a797253cb5ee341e3959da3ce78d24fa7432f7e83d09d7<br />
907973589246703aed35fc1cf1b9f571cdf36c77ecd98735692b5afd44c4826e<br />
914d72e913dc56235f8275679a151b9fbc8b63071bd99abbacf110b454c2f723<br />
91f3054ec3f95386deffbba3d1f01be13214802da5a1b46663dd9df813ea4446<br />
92693e1524cefc2fab98ee183825b5887ae2bdee3a14a165e1a27c068f93d106<br />
928320fd6090af19d99903c2a14f46f94e93447520773ffb6ed325423fe38bb8<br />
9287b69285f7ed5bf9a9468e7ca86e5d1997e7fa6211e77a3ed8a7188735275c<br />
933b92add94af43e054127fd2cefd2d0df0b3efa4f7feebc7fd9f33b176df7de<br />
9340f22ce9720f5846d785adb439b25362ea767413bd8dab542506ef37dbdc96<br />
934d9a29a655cc1bc932c86392304c7092579b04d4bb82a89851d3eee3588c99<br />
9388434509f6fde24540151297bd870c2edb401cfa09546629b17ef90b67f4d1<br />
93b08d96d427393e3e6b033b7ee928d1ee989a4e69bf8c584b9cb29b2160768a<br />
945c3e6bdf4f59c8a7381b34c93182479247768801a1e566e41e3654b7f94543<br />
94684ccd6d2f4481135143e3beb14fa249f69577278a36447db5ac11303399c7<br />
9522cc6be3b370e63b814471879b52770af30345315d4dc04cc734d6c6e1e35c<br />
958899ba2510f8ecdb1a3ff246139cc2a91984bd99380222a170c010929ede0a<br />
95f543562d1b9c0883b04142a314f72365c70dbd8c7163d745ee42bddabe151e<br />
960fcff9266c986933997676253245a8fb8b34b296c405d2342b6936ba085fac<br />
9618c73d77cdad8a0d51347781967fafb893525cac0ef1dbe0fbcc7c95609bd1<br />
96f21c86b46829dedfb7daa476c8f9464ba0cbe545024ec43752dee446e2457f<br />
96f9d0145dba546cf6961916e45570a392d0e144412cad8030bb3791d54efcb9<br />
97b0bf951aa8aefd799a20baaf10355ca7dc2aebb6f297fea77007ba62d226aa<br />
981dc5ef5ccc8359523fcae7e3a92b184e95b79e8ce1846fb9d3794028996ef9<br />
984d2f68c38338c0de8edb8282c4390bc38c0fb742028d4375c5fe97c4a78bd6<br />
989e8243f56df8a65dfa8af315b28070f917044dced0ce87f6dd215061b384f8<br />
98a01bd62210bf1c818ecf64acb55fd3758a892310beaf4df28565f7df063d83<br />
993f7213821c622579c155dfdd550998672da78ca4f592507e1064ea0d6f2f73<br />
99ef85127eb271a8365294745f11ba2ecd74aa19340267ee30723783f8607a8e<br />
9a91715bef98951a2760850025b868ea72e8d4ce2b66f00ed23b50db255196c9<br />
9a9f4bcf72c21bc438a4093f2e8efa4263815c0a2c63edd00b2890d428d8399b<br />
9abd6b0b3b530a534558f0d26429bb88d625bf9764667136fd1e0314f0033746<br />
9b6cc6d7cdd4ed9dbaeff1a88ce3bcbc5a0c1ceb8390dafec76096a4350959f6<br />
9b9d717b91b0ac7d5c3b2fde31efc58598b6649b80e0e83b2f635e1e5b32e401<br />
9c5d0ea7c7eb7c131a1d11b968797f7687e34813cde9322e2f6b6d2642be2a61<br />
9c5d39d8bfd0748ea07cc58567bef27811105155cabdb49e31c2e62e4f965505<br />
9e62ee071792a9daf0bc1caaed2a7c5a40554f125d53c939fb467509ee8e3c47<br />
9f506b9092766e1cf8fd4d2d488f4d9df4996aa6fb82091224b597e372b9d9cb<br />
9fc4305116c2683e0588e8c618e4b02778189cc1cc827f8265d8e5117846424a<br />
a045aedc97234205a9d4963d94b90361a868f9300823154dcb56ec2223e2fe49<br />
a058d958d7ecccfec194144a65eb76c288386fea3b74d61fc3ad5ac24591af77<br />
a081db2cffd4ec777fc2834d121c83ef38a41ada0e4f09ea3e2a80811ac97db6<br />
a19df03dde49d30265e99d4066ee7c8cc92e87f4ab6c4b5db7b9d7e9230fad39<br />
a1c64c293a4fe8c0019cca8b674da333d0d029c51d8e18b51ce8845e058b468d<br />
a23fdc7a003f0979e501e8b3a6edb09a00b525989911682de5dd35ce0132a96b<br />
a24a5d6934bf44c62eaa119ae00e4ea3d503002a6b4eb4696deb3ce0dc4bab59<br />
a2650cf1320fd796f99b3bfc1cb518d4edebd3b6bc8121c0c0c0f74082afe7d8<br />
a27047c11e798df933507aeff68526644649957720076c80a3fbc139af5150a5<br />
a27282aef5e5dc7f51d70d0841fd9039619d9b6183d85c86a9b2b8c9b384be46<br />
a30fdff6ecf6b95e25736613fa41bcb38f56b058577add7c45f78418a1e83311<br />
a3a4dae94868165842f7128bb1c95368c145bba2eec15be792251cdd8c52dbd0<br />
a4d1ac29b3cbc7c85813f295d4f03b02d32366c5a64d2e3964d0bf0f65908b61<br />
a4dad180edee3ff1a44a8435f2dad21ba4edd5e123c8dbb14fcbd0488b1b0e03<br />
a4e60f819e814892cd42027d432cdac97dabff617384bad71e92610654248ef3<br />
a619ab14eaabb4c7fa84743af952c7c83011b6246e088c4fa58ac31ca1b3643b<br />
a64b9a2a37e13096d0ef654d3a31df597fdc9fb8e81b8da6caa6718442d6dbb7<br />
a6c666be1766e9f14a4fc350028f651f1efcfcf1f51d254b767da16eb5de9529<br />
a72eecbc8f6c247e939e7b85ff701522ca669c6a7dfc8332e84a3bc799465e70<br />
a87c80b5200dac742d06e033313b9ddbe0d6b299e4cd51e54c355599220cab19<br />
a881fda34dd603e388461e466584a4eec57c787c0d380d7eaeef640162665d0b<br />
a922f8990952c9635fb649dd735056999b0d1374f50ade15e2408d2be8a20057<br />
aa0461112eb017b0d12d8a176ad6217036f2bd71b179482485f0736212f28088<br />
aa68f7f93921a89ee4fa0ff767200b91dc8e1dd942af2ffe7f33738ee06a0587<br />
aadb1b9f1a9cf721a0ed12bbac89b43357cee7e8910480e513056439a4fafa8c<br />
aaf5369c4e8805e78d52649635f0aeba0d0afcf4fe5afc7ef3ca16b8893326f2<br />
ab0726833e80d49bf8a20d40f8ceb0b4f261e753f30b7e6fa46fbb9dba0069b0<br />
ab696e8a95220039f964dba01fdea2d33a637f9ab1e9d21b8c9ab36803ec6b77<br />
abdf1bcc39a6ade56ec3a64dea815da4c8a39bf8a6d40ca8c9900b4d135539fe<br />
ac058bb86f4d19b2b1d4b73e1500a98a3fcafeb97f715167912ce59f1a9cf68f<br />
ac361c3e4f5795aa4b398847a4dd0d5bcbffac676d0e3d7e73ac8678b4f82748<br />
ac4b0d6adee9c81d85d4f5985fc8b19210743d3cbfd5e0be532d14a168395b31<br />
ac974c608922188dbacb0c44b3f69e2d622156f97445e9af8eaeea4fbb849187<br />
acc0d4b14b6e2309476dc705af1ab8a16cf07d644f6ac123b4d190d0905a246f<br />
ad26e2379eb1c6ec751a6551835afa4400de15c2949edad56dd6da4d755b9376<br />
ad5798a9b0eae51b157f0b649a41c6b72dc4ff2b1eead7117c7cce1e2339417f<br />
ad7101d51ea750280d8f640c62948e51107c36669a7a5f0322b179a2959b772c<br />
ad94eff0cbf1ef342a584aca5ff7b287a5dec809fce2437c5c5933ae6d367d83<br />
ae70b7b43a5c6a2f023fb879ee5773b0889bc2ea429a04c8b78edc917d2ac3f9<br />
afb40af17d3434331f223a9f22fee19b3368aee5bc591fc3ed11930331d66291<br />
afca2b50dab80ec547bda83c321dec48124cdb405688bb8d3cd72d3be561cc5e<br />
b0a464e1d537d24ae8055a78cc8cff3022e8b5a1eac6c7c730c793f94209f58f<br />
b280435f948b9642298d610fd06fe978f34979e49a200b93878e8cef4ad3227b<br />
b2f96a056c94d45784fd7d1fbb9b8a569a34a8f82496b6faf71eeebc07e6bf8c<br />
b41e97c995aaa95e7dda9eefa3b7f67153e98e156846b9ed76f79d7ef4d11ae3<br />
b42b1d69a64013c57fedcecb3a2138fcc765d8dbfe16b177560e199c2dc108b3<br />
b4b81f3335431c4c214e5094daec875947c528b04c26194280f4ef2e95d1b455<br />
b4b9ba7641ede82e2e74f42e5519fa89897aebf7c3e306270188d500674b33dc<br />
b5556e46b86a0fc9a034d4c54af2bc0f5af608d11045b22adec25eaa2dfb16ee<br />
b56e44471cd6443077836fedbc35ff0b4d235ef4f238338ca8c4b7d3aa517090<br />
b595733337c3ca5daba1bcb8a7e2a454df2003e4cdc459509bb4b0ce7cbb9e5b<br />
b5e8187264133a4d3af5d2d925f741055a799cd12885396cd17e940f417c55d0<br />
b5f27963071dd045ae2668f5f75c70c55f50699b2a073cf18b93cfa274686c09<br />
b6301b6748a38ac82fad0b904cca150c63558448d964a14800f130f131573bd0<br />
b668406a63401bdf8d1415c129bd3731529b4bc0dc7b0515876911b007c57fd1<br />
b6a14a6480b1585c5c70c5ea383aa76a5d51836dbe0c6f95bfaa1cf6bd6cc3e4<br />
b71e0266984b2ac63ce4122be3a8d754c477988e6544f342eca7cf318ecb0b3f<br />
b72b9c465a1bfabf4ca21525df661ffafa5a4b6cb067adb72c640ca051392183<br />
b72ce2ba039cd63b7cc95dc876cdce203a58c55680487a0075f31e55d8049499<br />
b73dd2042057a119f36a46a98d8558e26b06791451879572fbf4258aef46c5b2<br />
b73f4780fdeead5594f042a51ad90e420bf3c1208ad2e89e928ac265fa4f5c40<br />
b748e623b7c60d23ad741e4adf9e943c44f35fc951574dbed6e7e33a4d76474e<br />
b7aebd4ca1549797eca3309c6c7d145353183198326e64633fa5fb9c97b17d93<br />
b86c18b8c948c92966a998ede389c78c99c8f5e69779d2184fdce2a7974615b8<br />
b8d46d413c0485c5f133b0b1c97528cbd657cf5f4818b8c5b85d4c5ac765f2e4<br />
ba86327ee36b1de5d2c277000eb618e0323b9eeb6bff32406a6ca839e2ca8111<br />
bacf9c0deb6e528c24f63c3be536fefacd3ac36bdeab421909dfbbbb657a9a41<br />
badba3198e55f0bce950560e8d13688416b08b3637573eca67ffb3d5f3e9cbfa<br />
baf7c5d2391b6a0ae5277e7a16d0b81da8ba9c6c8ce8617f074d3f5d53fe8b3a<br />
bb5f0f942b38e1dfbdffa6655146e57a9dd51899b2199a44059e73b7091f30ef<br />
bc6927292d1ec47706de8d3f463204ffed81aa293b88fd7c03c64eaeec307ae6<br />
bc9bcc4143dd1ff6e5a65ff15c5ab30fcd9ead646c749ce9b7a60dbf8f496e24<br />
bddf6068a0adb23e7d3778a8d1613ea3d89b10c47d8daf4714395a8b06a3658c<br />
bfef544c407687441e0f744385e6772a8ea42d9bb6bb9bbebfb4d09664622544<br />
c0fe5fc451d7ff42d9d21728c419c274c86f72c2c63c956bf8c8c49391892f57<br />
c1924152ea41105cf6da84494d9fca9df062d107daf30923dd9df0aefab2c032<br />
c1e0c8853aee90d52d1692e77fddf0766d95fa8dbe09ffd8eca5d20245ad4e99<br />
c1f2a02e81924ec72cee498da32643f6f6f6440ab8338d387ba3200c7f33ae03<br />
c240604c4e14a774a40ecc8527f7ef2ce1e39b5758e357a11fbf49ca743476f8<br />
c243bd7a55095c9b3dd0fbaebc6cbe652705c1454eb8b69f4390eb81577bcbc9<br />
c29d795883e661f5369b3fec2e74d7281231a38f772b87652d0f20132b496a9d<br />
c29fbe3a3274c1dc5f25543f334815f852a4c23ceaa74bf54486b944ef327b44<br />
c2f6b0bb4a1b8011816067e908ed9765432200a004024b6f4f3b77ffc527263d<br />
c33bb15300a24a50a28c73a54107d071579721d78ffa60694e2552a4a41a519d<br />
c39741f5bc5e71c2150bd6104ed11c7421f8fb7525004e946c3f66bcd112a5de<br />
c441ac96e4be253107632d26eea256664303c9c7d9c2fd9377e15100107ce568<br />
c4bb8b83965bbf74dab5942cfd56c5f1a5f39cade043172064c03fa69a2e61c7<br />
c564620ab0a9b77c4b602be8ad4913e166e1c458b1985c017a5ec6bae674e18e<br />
c5a2657554095e6a4c473ef2c13d259dac44fe2371418d602690af6029896218<br />
c612e517d2c93e047ca386d60befc5c0f9bad48e9da8ffeba6e47f7c5d6d0b0f<br />
c6fec48cc7fc186bdcda7972c08fcdd6a50c7dc85bbf6ebb8905346e40d29b46<br />
c73e5ea173b9845b916ce3e36f36a2d3b9423f255f87061ab4adcc8f5bfeb76e<br />
c772605b943605b7d2124d1b137ebe1b507d633fa213884291e7bfae8fcc3797<br />
c8234d24ba2efc4572bc03f45c8d8adab0c9fd51cf1b4e54ae80efe3bc7994ac<br />
c82dc5bb3fbe803e2caa67053b834f6e4ffdbf1b6d8aa8283cf2d3c6e42a1f80<br />
c8d6613c09fbd654d112b26d01446203882ec3db9a20e23c73277cf646755a03<br />
cb04a042013c72cebdce3dedc0c3b69ac32adb0415dd17474a4f5d05069e704a<br />
cb460deb56044dcc2cf25afe48e45c183685e3c2bdc80e35cdf725d663f9cb82<br />
cb49ead547d546f82844c1e439aed76886511ae6386d6fb8ab3e572672454bff<br />
cc0402b36d57b7b84352556e7e3a481bd4841ce4b8aed3b43fb6f2160c3e2870<br />
cc294653372db1df592b597e4d88bdc8eb834edad9833637cff3be676f18efff<br />
cc3a77c3f98e2da9452cd9b1787e1c3f46e6dfc69e77cb32cb05074a9d036854<br />
cc3d8d1163b0f5ae378deb5623ae0c73f63ad5dce6a315011d466311abfbe59d<br />
cd77904ed490a5b96bc5a1da6f83d518dc55a5428e137f8413e5104e3e64f507<br />
cdd499edd649916871af477374869b6299a41d11faff578a959270c985583342<br />
cf5a2ad0c3b278bb4b906b7d132f3086ff46e4740b51a46471da6bbc0cd6543a<br />
cf8cbb8b2cef6acf9b2940f1e260cdd94be0f4c2224e602bfa33c2d934ad1bab<br />
cf8d787d87b7d3ff937fcffe6b384c6473ae017a3cd8d39182ea4e643568726f<br />
d0784508dea2c78b253428a4e6c2692ffdc0a6f18dc3b20483b65e446d4aa339<br />
d0f274faec324785cbc03c6800adafc24dbb8c2c539ff425ce115970e76f9822<br />
d27229a2eb37d16fb50344b993b77211fc59121c279153ef81a149be19e776c2<br />
d32861410999abb9ea2adb91c08cc77349f740ff6da9cef36fc22def42b14747<br />
d337438242724d59183f769845733fc9d514b17512970c87a6a9f45547a00ee6<br />
d414597f75db9a600869813fc47786c67a29ca7aabd3f6632d01664843f376c6<br />
d42a347480f10564b6d7a7404000e56463e5858dddf7b322fbbf3a4ad3f68790<br />
d556dab67191e7489300ca56d87fb0ed64a5be61e4a2f8b755c10b48d182e2e8<br />
d620f12e81ff76c753e869533d34259fb91ef45572efcf70c7537378ea0e836c<br />
d6534cca10423f26ad2d131dbc5483a500380241bb4622517043592c55a0ebaa<br />
d6aa4d63205f815e8c4c1c214978a9824c84357b0730c7da5242ba12495f7004<br />
d701aff8dc52981e7f708c489674725108f226808154898f4a4a5f15ee8a7a66<br />
d722f9c8a0ae3144ebe41178b6478eaa20ca7d90ecf2962f13631cce7f25134b<br />
d7bb421890c7a3d57d248f8731290f9fe1853efb006ae722d322f1e75ac667af<br />
d8183e88d0289414a38615998ba5b082c89430ea5129829b1354a3c05e2c9739<br />
d85df5816ac2c5b45243d125f547727bf2de640165e3c685bc22d9dd525b1c23<br />
d88c22bbd95d92064fa7d6e0556edb98a2a2bc671e3ab3e9d45ad589c1471873<br />
d8bc330413d8803f7a7407933ad15642c0b53b3ae68ff536db4c0c3b6fbafc46<br />
d8e6b6d8c86c19d031aa88a4aac72f27af5871c1047f32eb0d70565adc45bee5<br />
d9952981e8bcfe9d0ef98eacef5ef84514a6e65516c6b80b5e11d346f9ca768a<br />
d9b1d12b635411671fbb6d4a1ca9fec13f69a0d16b492e6c1898a58a9751cbd2<br />
da7c9961b7080e0142be6582db0bb5a6c236ff1295eff9403794242a406a42a3<br />
dab17552493f07a7f571c9456707f768d30b148c6864507b503ebc32c38b10f8<br />
db9d6d5fb1c347394406aa58e21084b5e09818d1798deced3face9450545553d<br />
dbd57873db4b7144d1fa92fc6570ec935560fc687be0e39114269414f7fb0a31<br />
dc109870158f8b67f1f446cad75e9ebf780e678b2662b0a227efc8a2435e8e5c<br />
dc57d937bef526889f2f249582ed88b7b5e1a2bb837c351a842c91527f72e568<br />
dc6d831b8bd96623aef593b255a47fdc97460d7417b90478a55ea6a952b33344<br />
dcd81a41099e07029da1f6661e15131ba736655acc120f590050a78a891f7951<br />
dd8ec41cb42f1431ff05277a7d8613b548140ccb8412add5cf138590636ec186<br />
de587173f4e377416c06d87553da0952c85376c860cd2798af020f9533157311<br />
dec6fa5ba022913e04d5990acbe55ac8c245f7783e71f36bf34bdcd14c815dcc<br />
dece3f64f665fc2f028a48babb25b51a6154c647c5051c5bc4a45dd9bcb9fe85<br />
dedff30b9cdcc411088de6c2b0d23d0871966a37902a6e043829714ba09056e1<br />
dfc67047c0a2843ba8dbf0e243eaea06757a55fa1b3850b64414c3b89ad0d78c<br />
e04566d8b7ef3bae50136f7fc6c865e26616abd17a143ee5afeffdffd9ad0a42<br />
e0a38327a4f4229b03547645124d7538547adcffe8debebda2801a639f125b5d<br />
e17b8f4916d538d493d97483f216776d6a46149446ad180fafcc45201f65c883<br />
e39bf23bbc5c2e935bf6d74bd0f7a296599c6e1ee1afe3b5b567250c7373e4aa<br />
e3f433066d3a23169945df7a90b5d3102365c1d7b29e6637d100fedf33c26384<br />
e5099aa035d4f7f07989e784637df8b823ba5f2610291254b4cfad0fc66b99d2<br />
e546c2514a0286aecfe6a9b366bc3c3d40f769a54dae92e37d3635ee1b9909dd<br />
e64577bbfc9c7ef3ba1a8cb683f5356563615cae11b63fff7127f6db05eeb251<br />
e801a163adb2dd1262941444d5cc0103987d642e5e80cb6a3928fe2e3556cc45<br />
e8f5ba2b7c75728015652c3c5e33f117d7d754fec429d652a54920c7975fadd9<br />
e9fc0ae51a0c6c943edfd1c5700e91ff060c7d0a6325736be4366c4829703381<br />
ea3867d1eec8532de460a057a191bb92158b8a3b49925d2101524eaee350894a<br />
ea79bf9af346b6548f87b3a7ce3dc8b32355b52487acacef2a9c3f09f07a06cf<br />
ea7ad757f4935833a38f1d08e30be32e7bc7d5e47456db0d5bd1c47bbc325caa<br />
ebe0a8d61b20cfe3bee7a2d69f71e6b3227efd1260d58e33d3fbaf864aa37530<br />
ebe4cbfb6c6f63417b8eff4e99d534003c8354435cc5c800afbb10b7493f6a62<br />
ebfb7acf2f9a3849622efefe95c9402433f74248fa2dc5a4129ea69a5c6cad66<br />
ecd7432f1fe05e2b420c19162618eed9b15828a116ea712ac3eb27cfdec670f9<br />
ecd90c093bec4a08f3c418b1480b28ec86843c6f53922a4971d7f5de6534e773<br />
ee10f66feec4a466dd21afed743d5cbb669757fb5b8caf5844b3bf63871f1dd7<br />
ee1a75f065c485e4aeb0375a415df4eb54971a59698afc68292494d191be4e51<br />
ee7fc663a168925f655bb6bdbf7b1f798f4d02fb4f716f093bdeaf7680e0abf0<br />
ee94fa809b43a3f66e1e25f1232e126daa0c0e42f3866d4d75c6b502a85e2f12<br />
eeb206151667800030adeb1834b644ba9d02b99fbfb8cd65676426ad120a8b44<br />
eec3f2298e1477acbd4c8c409cafa76c9998f7c850009a42d9da25c8ffd54c68<br />
f05b38ecbccd0b9b06018758427816302e6d8ce5d2ee1a68c0eebe3d2b62e65e<br />
f060910aa41f2e32faef023f08a3c4b9d320d95d1b249cdc70bf7e8f71e2a28f<br />
f06d072f10d6ced84c0bb8ea9728f4357607e85f26f7e42d001bfe9576f74b2f<br />
f0a0e747fb23f5c309867b4cfb0ffe582ea5eb19c9e8220bc802a6d297910913<br />
f18f48cdfc51d980d8876f5808ddf481233e4c5cd3d1d5f625855b2ba86ff9da<br />
f1d7c301ba77252f7bd17b5b193b30e659c657cc099f22c28836d15cc3e74a21<br />
f25ea40e865a74fbe8b267982bf819a215eb9c01cf304831dc06d72756d82935<br />
f2822417cf08bb7fc700f735e91be1067984d56f9f73f1d111430edc0ee10a70<br />
f32ba54d65aea869070b7190a1a81d6d61244c935308e65c701185818fc1884f<br />
f343d6e8bd4ae4ad77747dc3f6513cad806a2c76a92ac1d4b98461971984308c<br />
f40705085694cb12e4ef1e734584af366acaf01a3d6e58c575dd7caf9117d99e<br />
f52a25d60e5c8929447320d76783fa3fbeb4a4e224da891f38f814d1fb0641e5<br />
f52f21a427d70101d1cde874d6c9a19259b83b41db41caef57ff18f04b53cbd7<br />
f53334214d882457b2d3c0ed10acd419929c06e2430fb008962993b753698fa3<br />
f5339ac47429533bc7075c0768b0754c77dbacde8358742d0f6eb7eb1a224775<br />
f620495a7dcfe83cac7263710888b727fe8aa05a7f7d091fbcedbf712188dd39<br />
f697a7cb753f86039ea86ef72f5faaa9d63cdc0dd8d0e980322404427fa7d61f<br />
f6b1b96ed3b7bf346a5794e7266586e1d30ef178c6aef27ae094a0c446289ed0<br />
f7c09934bae5c26babbe9375365b00e8599ce44577937d4e2d2ef9dd5f8455a6<br />
f83d95f5f7b6428c164bc739b32e8703d13fae93b0567e3b3c2f650362c3897d<br />
f867fef77f373f3450255b3a0a9079a9722d36c588b9d132ce7b437edcd76ea4<br />
f87d88677b0dc7df052bf33ad17a85422e0b08b24a86f390355d785a64665ed1<br />
f8961590b765e815f1fc2ca76373399125f27d2b33daa06b037c486ec4a9bb91<br />
f8cfe57627b0e40f52f763aeb599bca29d6e48e6a2901b7f706ed79aee1dec11<br />
f967cb530e310a8d29258ee50dae4552bb830ab1d95cb01d625f7006249ab39e<br />
fa066f1d7287b6a91d98053af9baadc8b5dac85a98d559e6f66bdb7fd678404a<br />
fa09dbf77fb594bac7f5ecfba6d373c0dfc63a9b4bf07b5ebc91278e74de1814<br />
fb8051ebf22c5464f33b90c3382b4ba8fbb594d3cc58773065625e3992ad4246<br />
fbae2ca55d8b0983b5b3fd912aad95cc1bd87f870f7ae24faf0b3370d07e9a19<br />
fc7cca670e4039d155c42ca102184ea848fb5a4d90b7828f1516d42a0d94b639<br />
fcbe0aa3e1ef1f3a8400bd3d5c7c93dbdd5e7a50bbd262a1f16db99288dcc706<br />
fcd93e47a20b407160fbfa2bb8cf6b8a33d911b199bab69851b87babda3d96c5<br />
fd5989d5b446acb58678e7550dc6ef4ff8b7415d314d2818f7bcdfbb8b1bb291<br />
fd660ddd09193164a7f98ec67d585ff88409ecee1348f492cc15af0b64ef7ff4<br />
fdbe818c0809b4aa9b0a462ad310f72446bacd34fe5364ac488f850e3efe835c<br />
fe16141bcc34da16ec5b2402a15f1e79ba805a6d4eba5a7a682b4d518ec51412<br />
fe70d3c068d0e9133e19db541cd1fa464dffb9de87aa197f6b24c5f7a8269978<br />
ff120262860500bad3236f6e5ba5646f9a4152a9eb4cbfe837eda4776a03f9ef</div>
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.com0tag:blogger.com,1999:blog-5046096073918528715.post-44863592488630258932016-07-02T12:43:00.000-07:002018-03-28T20:31:36.303-07:00WhatsApp - Sberbank Android Banker<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
Research: <a href="https://www.zscaler.com/blogs/research/android-banker-malware-goes-social">ZScaler. Android Banker malware goes social</a><br />
<div>
Also see <a href="http://contagiominidump.blogspot.com/2016/07/overlay-banker-malware-locker.html">http://contagiominidump.blogspot.com/2016/07/overlay-banker-malware-locker.html</a><br />
<br /></div>
<div>
MD5<br />
14F582EB7DBB6BF38FCE331C5D1042EA<br />
19E36E76B58CD49025455AC23CE1461B<br />
1B319EBE6083D273EE14154A1FD89742<br />
21501127972BFBD1C4A89EC39E0AA084<br />
39A5BB63F946F2AF6489456A1281B06D<br />
835576FB19E60F6186F86706CF03AC45<br />
86BF3FAE93B0AE555584860AB4311BB0<br />
C237CF028E46FD07460C289C3FA46025<br />
<br /></div>
Sample credit: Shivang Desai and others<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://1.bp.blogspot.com/--e7XUyT8Hs4/V3gW18dagOI/AAAAAAACX2k/J7SaprYJFD8AK8B4NWiVukVi46ob6EOAACLcB/s1600/ic_launcher.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://1.bp.blogspot.com/--e7XUyT8Hs4/V3gW18dagOI/AAAAAAACX2k/J7SaprYJFD8AK8B4NWiVukVi46ob6EOAACLcB/s1600/ic_launcher.png" /></a></div>
<a href="http://contagiomobile.deependresearch.org/overlaylocker2_android_samp.zip">Download. Email me if you need the password</a><br />
<br />
<br />
<br />
<br />
<br />
<a name='more'></a><br />
MD5 02e231f85558f37da6802142440736f6<br />
SHA1 f79d044fc0530484ddd092a961d58146049ed368<br />
SHA256 9d767c41599325ccd0643d6f432b9075775a85c60df176a845605715be230263<br />
ssdeep12288:1ZhvlM2/04y+2vtiqvtisvti9vtiYvtivvtiacIoIeyQ0OqnV9xJKcQaVGbnAh/W:vhdwXzcIoIdrrKZAh/R8S8<br />
File size 805.4 KB ( 824755 bytes )<br />
File type Android<br />
Magic literalZip archive data, at least v2.0 to extract<br />
TrID<span class="Apple-tab-span" style="white-space: pre;"> </span>Android Package (73.9%)<br />
Java Archive (20.4%)<br />
ZIP compressed archive (5.6%)<br />
Tagsapk android<br />
VirusTotal metadata<br />
First submission 2016-05-23 22:55:36 UTC ( 1 month, 1 week ago )<br />
Last submission 2016-06-24 14:51:20 UTC ( 1 week, 1 day ago )<br />
File names<span class="Apple-tab-span" style="white-space: pre;"> </span>Sberbank_Online.apk<br />
where.exe<br />
krep.itmtd.ywtjexf-1.apk<br />
<br />
https://www.virustotal.com/en/file/9d767c41599325ccd0643d6f432b9075775a85c60df176a845605715be230263/analysis/<br />
<br />
android.permission.READ_SYNC_SETTINGS (read sync settings)<br />
android.permission.READ_CALENDAR (read calendar events)<br />
android.permission.READ_LOGS (read sensitive log data)<br />
android.permission.INTERNET (full Internet access)<br />
android.permission.SEND_SMS (send SMS messages)<br />
android.permission.WRITE_SMS (edit SMS or MMS)<br />
android.permission.ACCESS_NETWORK_STATE (view network status)<br />
android.permission.GET_TASKS (retrieve running applications)<br />
android.permission.READ_CALL_LOG (read the user's call log.)<br />
com.android.browser.permission.READ_HISTORY_BOOKMARKS (read Browser's history and bookmarks)<br />
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)<br />
android.permission.READ_EXTERNAL_STORAGE (read from external storage)<br />
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)<br />
com.android.alarm.permission.SET_ALARM (set alarm in alarm clock)<br />
android.permission.CALL_PHONE (directly call phone numbers)<br />
android.permission.READ_PHONE_STATE (read phone state and identity)<br />
android.permission.READ_SMS (read SMS or MMS)<br />
android.permission.VIBRATE (control vibrator)<br />
android.permission.SYSTEM_ALERT_WINDOW (display system-level alerts)<br />
android.permission.KILL_BACKGROUND_PROCESSES (kill background processes)<br />
android.permission.RECEIVE_SMS (receive SMS)<br />
android.permission.READ_CONTACTS (read contact data)<br />
android.permission.RESTART_PACKAGES (kill background processes)<br />
android.permission.READ_PROFILE (read the user's personal profile data)<br />
Activities<br />
krep.itmtd.ywtjexf.SampleOverlayHideActivity<br />
krep.itmtd.ywtjexf.MasterPage<br />
krep.itmtd.ywtjexf.MasterPage2<br />
krep.itmtd.ywtjexf.MasterNewTask<br />
krep.itmtd.ywtjexf.UampleUverlayUhowUctivity<br />
Services<br />
krep.itmtd.ywtjexf.OverlayService<br />
krep.itmtd.ywtjexf.MasterInterceptor<br />
krep.itmtd.ywtjexf.GlobalCode<br />
Receivers<br />
krep.itmtd.ywtjexf.MasterBoot<br />
krep.itmtd.ywtjexf.NetworkChangeReceiver<br />
krep.itmtd.ywtjexf.IncomingSms<br />
krep.itmtd.ywtjexf.IncomingCall<br />
krep.itmtd.ywtjexf.PowerConnectionReceiver<br />
krep.itmtd.ywtjexf.MasterTimer<br />
krep.itmtd.ywtjexf.UampleUverlayUhowUctivity$MyAdmin<br />
Activity-related intent filters<br />
krep.itmtd.ywtjexf.UampleUverlayUhowUctivity<br />
actions: android.intent.action.MAIN<br />
categories: android.intent.category.LAUNCHER<br />
Receiver-related intent filters<br />
krep.itmtd.ywtjexf.IncomingSms<br />
actions: android.provider.Telephony.SMS_RECEIVED<br />
krep.itmtd.ywtjexf.MasterBoot<br />
actions: android.intent.action.QUICKBOOT_POWERON, android.intent.action.BOOT_COMPLETED<br />
categories: android.intent.category.DEFAULT<br />
krep.itmtd.ywtjexf.UampleUverlayUhowUctivity$MyAdmin<br />
actions: android.app.action.DEVICE_ADMIN_ENABLED, android.app.action.DEVICE_ADMIN_DISABLE_REQUESTED, android.app.action.DEVICE_ADMIN_DISABLED<br />
krep.itmtd.ywtjexf.NetworkChangeReceiver<br />
actions: android.net.wifi.WIFI_STATE_CHANGED<br />
krep.itmtd.ywtjexf.PowerConnectionReceiver<br />
actions: android.intent.action.ACTION_POWER_CONNECTED, android.intent.action.ACTION_POWER_DISCONNECTED<br />
krep.itmtd.ywtjexf.IncomingCall<br />
actions: android.intent.action.PHONE_STATE</div>
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.com0tag:blogger.com,1999:blog-5046096073918528715.post-24473104821541179532016-07-01T11:41:00.000-07:002018-03-28T22:31:59.356-07:00Android Xiny samples Infostealer<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<br />
Research: Dr. Web: <a href="https://news.drweb.com/show/?i=9803&lng=en">Trojan targeted dozens of games on Google Play</a><br />
Lookout: <a href="https://blog.lookout.com/blog/2016/06/27/leveldropper/">LevelDropper: A takedown of autorooting malware in Google Play</a><br />
<br />
Sample Credit: Tim Strazzere<br />
<br />
List of files MD5:<br />
<div class="p1">
<span class="s1">174C652D7595F42211B1BD8E4CD79478</span></div>
<div class="p1">
<span class="s1">20A79956BC5BF362CBD7F91FC23A7891</span></div>
<div class="p1">
<span class="s1">66D3DF032D8C4FED2CBBF88F1293F3E6</span></div>
<div class="p1">
<span class="s1"><b>7683D2F01BF49BED435FE7C2F171A844 </b></span><b> (from Lookout blog)</b><br />
<div class="p1">
</div>
</div>
<div class="p1">
<span class="s1">7EBA711410F80CD405AD9FD1DC590C4A</span></div>
<div class="p1">
<span class="s1">CC881BF76890246559FC83086CFF1A73</span></div>
<div class="p1">
<span class="s1">D3F3B28C00BD903DFC270FBDF457FA1C</span></div>
E75A226995CA04152B0007C96A675989<br />
<br />
Same files in SHA1<br />
<div class="p1">
<span class="s1">1FACB067F3387802DE18DCC43FB9E8ABE964E479</span></div>
<div class="p1">
<span class="s1"><b>3646C8361252876012402878B84763403928B588 (from Lookout blog)</b></span></div>
<div class="p1">
<span class="s1">8832D44BD531C5934A08979B1358A79C99D77C9F</span></div>
<div class="p1">
<span class="s1">8FC5DF9B9C80E4EC833DAA2A2D2B00047A6EEDE0</span></div>
<div class="p1">
<span class="s1">A49156F7F854CEE1727816D269AC5ADA5695ECA5</span></div>
<div class="p1">
<span class="s1">AC1E0BBCE00F33831735B466BF78C4487F7E2C7B</span></div>
<div class="p1">
<span class="s1">B611523D20C9B06A31207559F9E43AB1BC717327</span></div>
<div class="p1">
ED1AE43A0649FB2CE6581E8FE06444FE0868AE17</div>
<div class="p1">
<br /></div>
<div class="p1">
Same files in SHA256</div>
<div class="p1">
<span class="s1">490969e1fbcb78ab7cc948a2d799fe9bc7f194930efadeb5b33f1f1118e72263</span></div>
<div class="p1">
<span class="s1">4cb55a17048352829e5d8fd02be3c334dcf92abfb8e1a697f85ef90f6dd56c3e</span></div>
<div class="p1">
<span class="s1">7f1ab172f109807c794590b14a728a15153b6644b4694c7ec431d61a8fe35ece</span></div>
<div class="p1">
<span class="s1">8e33dfacc5dc1e18d145ecdafe576c22f4dbe012e1969522e6e3f4543c51ac22</span></div>
<div class="p1">
<span class="s1">916211f649695e88dd77f7ebfef9141f25f5ad44f8f1c3052161612e8e9fa063</span></div>
<div class="p1">
<span class="s1">98e9ae7f2c0be9da1a6f2f8d472d586e7d22b1402914ea306371651d5b22b69f</span></div>
<div class="p1">
<b>b9c73175b65beb2641c85831c614ac2da9bbe6d353e3c1625785bad7e40356d4 </b><b>(from Lookout blog)</b></div>
<div class="p1">
</div>
<div class="p1">
<span class="s1">db24b4e142acc6f8c81cba1a5703c6ed8b9e39817ab81a91a065e24266527f5a</span></div>
<br />
<a href="https://4.bp.blogspot.com/-R0Y9AA3eHks/V3a4lzneU-I/AAAAAAACX2I/BQuzEuyZLE4M3XATok0hFgb_9H7OLe87QCLcB/s1600/ic_launcher.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://4.bp.blogspot.com/-R0Y9AA3eHks/V3a4lzneU-I/AAAAAAACX2I/BQuzEuyZLE4M3XATok0hFgb_9H7OLe87QCLcB/s1600/ic_launcher.png" /></a><br />
<a href="http://contagiomobile.deependresearch.org/xiny_android_samp.zip">Download. Email me if you need the password</a><br />
<br />
<br />
<br />
<br /></div>
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.com0tag:blogger.com,1999:blog-5046096073918528715.post-58505292268822139492016-06-23T13:49:00.000-07:002018-03-28T22:38:02.420-07:00Hacking Team / Crisis Android samples<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
Sample credits: SentinelOne, Tim Strazzere<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://3.bp.blogspot.com/-5g1xQJSxe2A/V2xK6Nl97RI/AAAAAAACX0k/LvEjc28mBAI5Gi_HgGFVrNE8mjG-EctNwCLcB/s1600/icon_2.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://3.bp.blogspot.com/-5g1xQJSxe2A/V2xK6Nl97RI/AAAAAAACX0k/LvEjc28mBAI5Gi_HgGFVrNE8mjG-EctNwCLcB/s1600/icon_2.png" /></a></div>
<a href="http://contagiomobile.deependresearch.org/hacking_team_crisis.zip">Download. Email me if you need the password</a><br />
<br />
<br />
<br />
<br />
List of files<br />
00d430877eed07d10c1e730926dcca9f82f282af.apk<br />
0a3ec1fd0256736aeff449a2c9b7b656a6862eaf.apk<br />
0cbcfbebfb33fde66c282fec0248b0d99a829eab.apk<br />
0cc2c8461c78394b186a599c2d5baad364fb41c7.apk<br />
0e8236ddb163e7f3816cfef38b92c6e064887b3f.apk<br />
0ef158c897f91a58aa2a13d25cd3019bc19b9954.apk<br />
153c94a6d464497b07f1ea3511b87206a3621efd.apk<br />
<br />
open the post to see the rest...<br />
<a name='more'></a><br />
156790b2ef37080cdc301324fa3f5a28d4c310d3.apk<br />
232e08bda4856b56e06a45ac5c27350fb30ddf5c.apk<br />
314d66e71040b36ba63ad5a376647dd63ecf3a5c.apk<br />
4d3a1a769255402be23ae5e6b3445d79b7b4b702.apk<br />
4e80480daf4ab573121d839c2c74cc845945be38.apk<br />
55d716895ea0934c4a91e1e2cfbd682dec30cb2f.apk<br />
55e2a4d0d89bc70e84159385ed9f078c5d7d9947.apk<br />
561b37c04e92e1a4aadbc51138c787863408a014.apk<br />
564431a34d65836481741ed83d6cb21c9a9bb7ba.apk<br />
56b70b6d31dc3315cdd3b448416f2e2704a1ab25.apk<br />
574e59a377b696c4bdfb83d4bef5478891c000e0.apk<br />
57e8901381a4e9de94b26f458499c49051b19af2.apk<br />
57f21111f6da9fb9a18af88dff688e59e8e24156.apk<br />
598df80d1d5279e3204ef023dd4dbbe08be6bbd9.apk<br />
5a37e9dd95ffaaae0c29197d2b45fd2afdf77f05.apk<br />
5af738a737ce7ab4005505ab9ca43b08d4e3b503.apk<br />
5c325c70250cbd294fae4cb321b3d8d39f1c1cd3.apk<br />
5c53c9e54294250c0318c35086523449fa917f5c.apk<br />
5cd906b76a1c15373bc7a0ed0d24ef69f84b2c28.apk<br />
5cddd6f6585b0dff93ce1ecc6d8680e83c61e5b3.apk<br />
5d42e63a02548c15801c2da5b16cbcfb33c4230b.apk<br />
5e9a4e1bb7fb4c94bceef4cd2af54bddaf1f1c34.apk<br />
5f0b8bb59061451a5e45241858c3f8ac62569371.apk<br />
5f0ba094e83ee321b331a3acd7252ae92b4d5734.apk<br />
5fdcb3d86a949d73ddbf721640733917dc300d41.apk<br />
60761527bdec07e7cf5fc35c8aaccf4de7617649.apk<br />
6107f1f26bcd78b628f80e4531998c4b9444ca77.apk<br />
613398fef32a47a195ae493c8e635ceab6f4fcbd.apk<br />
6214285ed81d3209d4947efe3a2291034877d417.apk<br />
6260c6ba44308c0c4610468784b055ad69fa1095.apk<br />
62bf7ab29610d47737ce01b9becbf4f56651e367.apk<br />
62f6d3b57f0bcea6b9edebff7d67b4a1fb7ece7d.apk<br />
634283bcea6d075b157b76a5f88d23cee733fcb7.apk<br />
63616b5ed2253761c3e9aa47bc155a1743ac9a6f.apk<br />
637d93c7c4d63b5c5d292c24a4a3ddff0f89cb99.apk<br />
6386ea80441002cbfd69fd8ab74b7921d4378abb.apk<br />
63e46c5c180d9b83a5866e770df00cadcc746e6a.apk<br />
63fc9581928251540df5a811eb20b9024065fcc9.apk<br />
6414962b8bdc09247d92c1317a3e0aa31a973de2.apk<br />
64a8be553cd05c4ac08738df819f231fc16b4b6c.apk<br />
65324abd9ceb8166487d756f474c04ab618b5c30.apk<br />
654d374da14a9edb95f85651be60e1888f237b98.apk<br />
6594767af663113e6c46d2a3ede5d87ec1d034ee.apk<br />
6599cffb03d95b07dafe8e1be726b160d7541c33.apk<br />
65d40b7b0e9eda5d5a209f3d34ed93357289dafe.apk<br />
65f66e7b862db8c23074da1c2fe697d594ca1cdc.apk<br />
661cc12f341af0120fbe74b33a8bc4863cae37b9.apk<br />
667a3d0763101b1494c981fbdb9f6f18a41ecabc.apk<br />
669f41369d3bfa56439e7fb6ef01a4a36e08729c.apk<br />
6726709a16a54d457a8d4da73cc45bc5295d7168.apk<br />
676d73270dfd198a8d7867e1df243dbb9b0e102e.apk<br />
69be497da755a8259af5cdeda4ac0c9de67a81e2.apk<br />
6a6176fc043b821b1ceb48425f2bce9c1f3a6cb8.apk<br />
6b26dd8548bad85e2b4bbf2650dc3c5879abc029.apk<br />
6bb6b3143790f0870f39e80cd3d6bd78fb3a9a57.apk<br />
6c0b900a17faf11d9efc68951b2d04fdb180bfe8.apk<br />
6c13a359586f9cab20f2bc9b4fd8294e61e6e852.apk<br />
6c93ef2106647eb9e9322de5d106ae9df6146277.apk<br />
6d02439c416349545211e382bc0f27b2383123f1.apk<br />
6d6b779ea0b3d31c9453db8268b1e85463fe4725.apk<br />
6db96e8a52382fa6f2d3220b592d7ae92f1d78f2.apk<br />
6dba2c4cc420d3c43067cd0f8a86e1718f9639cb.apk<br />
6dbef6bf711c74227550da5a033a0ae4c4c1c1cb.apk<br />
727a33c78e4329ee5e1586a13ee867132790e436.apk<br />
737395cf1bccbc23531fb109b4a8ee1e8cce26b4.apk<br />
73ff558ea62c0835761eced6b292cc930728cf43.apk<br />
74333980ae5bafcb25a9031fb46275435cdbba2e.apk<br />
749ff6f09b3b6de044ddadf447860b7fd63d8672.apk<br />
74d9dc5a2c95e9eaa880ec11a32d9b109794474b.apk<br />
75459a5009bf08067a1e15ee4e2992c23e00433c.apk<br />
75f31fe1a07986080b6a6f4cd2d9347cc72201b4.apk<br />
761c6c36d81c1edd9e0645447a4e638d7d88356e.apk<br />
766a65fe6d1e4be4551d7d30a1b4539f19991e0e.apk<br />
76f3739c16fb978eafde4ebfae105dc8a94731a5.apk<br />
780b5f7c07ab98de7d8d07eed781973a415ebc5d.apk<br />
780d5124b448249d948a60b43775a424634024ac.apk<br />
7828066c4804b6364a6f55b6aff3b657899a9d99.apk<br />
7c0e0b1ca01e97c2f0d043eb0aabe61cae6216f7.apk<br />
c85d37585dbe2ad77572d9a27165ed63c9c8685e.apk<br />
caa04deff90081fd4b0b441b9bf16edeb05f52ee.apk<br />
cce1a35b5fee30883ea3ddca8312109691116cba.apk</div>
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.com0tag:blogger.com,1999:blog-5046096073918528715.post-34854474469904245442016-05-14T19:34:00.001-07:002018-03-29T19:36:43.192-07:00Android Xbot ransomware<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<br />
Research : Palo Alto <a href="http://researchcenter.paloaltonetworks.com/2016/02/new-android-trojan-xbot-phishes-credit-cards-and-bank-accounts-encrypts-devices-for-ransom/">New Android Trojan “Xbot” Phishes Credit Cards and Bank Accounts, Encrypts Devices for Ransom</a> by Cong Zheng, Claud Xiao and Zhi Xu<br />
<br />
List of files<br />
<br />
ea6d01f87f71afc7fd131f492385d164<span class="Apple-tab-span" style="white-space: pre;"> </span>93172b122577979ca41c3be75786fdeefa4b80a6c3df7d821dfecefca1aa6b05<br />
79e2b3abdbf33552677660069f891b88<span class="Apple-tab-span" style="white-space: pre;"> </span>a22b55aaf5d35e9bbc48914b92a76de1c707aaa2a5f93f50a2885b0ca4f15f01<br />
748a81df76ee7e691682e64867fcd48a<span class="Apple-tab-span" style="white-space: pre;"> </span>20bf4c9d0a84ac0f711ccf34110f526f2b216ae74c2a96de3d90e771e9de2ad4<br />
246f497dc26d18d87f9398758ca1bcc2<span class="Apple-tab-span" style="white-space: pre;"> </span>f2cfbc2f836f3065d5706b9f49f55bbd9c1dae2073a606c8ee01e4bbd223f29f<br />
7969e4ef1b2fece87b806b5dfe25a3bb<span class="Apple-tab-span" style="white-space: pre;"> </span>029758783d2f9d8fd368392a6b7fdf5aa76931f85d6458125b6e8e1cadcdc9b4<br />
8e82a09c50b787b18a612addfcaedfab<span class="Apple-tab-span" style="white-space: pre;"> </span>a94cac6df6866df41abde7d4ecf155e684207eedafc06243a21a598a4b658729<br />
538ca97778ac886e121bc054574d7478<span class="Apple-tab-span" style="white-space: pre;"> </span>e905d9d4bc59104cfd3fc50c167e0d8b20e4bd40628ad01b701a515dd4311449<br />
d5c63390f8a42e051d0ef9fbe7f08046<span class="Apple-tab-span" style="white-space: pre;"> </span>d082ec8619e176467ce8b8a62c2d2866d611d426dd413634f6f5f5926c451850<br />
6a4a011115e6ab27c9941a849ec27dd2<span class="Apple-tab-span" style="white-space: pre;"> </span>4b5ef7c8150e764cc0782eab7ca7349c02c78fceb1036ce3064d35037913f5b6<br />
756340895ce28c745d0d6a5409f5ca0f<span class="Apple-tab-span" style="white-space: pre;"> </span>33230c13dcc066e05daded0641f0af21d624119a5bb8c131ca6d2e21cd8edc1a<br />
d846f7ac66a9a932235fb415b96fee5d<span class="Apple-tab-span" style="white-space: pre;"> </span>dfda8e52df5ba1852d518220363f81a06f51910397627df6cdde98d15948de65<br />
e06dd5ba1a101f855604b486d90d2651<span class="Apple-tab-span" style="white-space: pre;"> </span>1264c25d67d41f52102573d3c528bcddda42129df5052881f7e98b4a90f61f23<br />
4ed28716716a7f6dc9f6ad1526512b26<span class="Apple-tab-span" style="white-space: pre;"> </span>7e939552f5b97a1f58c2202e1ab368f355d35137057ae04e7639fc9c4771af7e<br />
<a href="https://2.bp.blogspot.com/-1J5I2LShNFE/Vzff8kb-AGI/AAAAAAACXrE/c7QixWG-VzsVbZb6ANelU6bYfO38KVGTQCLcB/s1600/icon.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://2.bp.blogspot.com/-1J5I2LShNFE/Vzff8kb-AGI/AAAAAAACXrE/c7QixWG-VzsVbZb6ANelU6bYfO38KVGTQCLcB/s1600/icon.png" /></a><br />
<br />
<a href="http://contagiomobile.deependresearch.org/xbot_android_samp.zip">Download. Email me if you need the password</a><br />
<br />
<br />
<br />
<br /></div>
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.com0tag:blogger.com,1999:blog-5046096073918528715.post-16971913062807882012016-02-23T12:49:00.001-08:002016-02-24T21:41:16.807-08:00 Files download information<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://2.bp.blogspot.com/-n9xw8TtjxKk/VszErhuyb3I/AAAAAAACXcM/z2ClOyrGe9s/s1600/road-closed-detour-sign-without-local-traffic-stuff-broke-fix-it-later-copy.jpg" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="200" src="https://2.bp.blogspot.com/-n9xw8TtjxKk/VszErhuyb3I/AAAAAAACXcM/z2ClOyrGe9s/s200/road-closed-detour-sign-without-local-traffic-stuff-broke-fix-it-later-copy.jpg" width="198" /></a></div>
After 7 years of Contagio existence, Google Safe Browsing services
notified Mediafire (hoster of Contagio and Contagiominidump files) that
"harmful" content is hosted on my Mediafire account.<br />
<br />
It is harmful only if you harm your own pc and but not suitable for
distribution or infecting unsuspecting users but I have not been able to
resolve this with Google and Mediafire.<br />
<br />
Mediafire suspended public access to Contagio account.<br />
<br />
The file hosting will be moved.<br />
<br />
<b>If you need any files now, email me the posted Mediafire links (address in profile) and I will pull out the files and share via other methods.</b><br />
<br />
P.S. I have not been able to resolve "yet" because it just happened today, not because they refuse to help. I don't want to affect Mediafire safety reputation and most likely will have to move out this time.<br />
<br />
The main challenge is not to find hosting, it is not difficult and I can pay for it, but the effort move all files and fix the existing links on the Blogpost, and there are many. I planned to move out long time ago but did not have time for it. If anyone can suggest how to change all Blogspot links in bulk, I will be happy.<br />
<br />
<br />
<span style="color: blue;">P.P.S. Feb. 24 - The files will be moved to a Dropbox Business account and shared from there (the Dropbox team confirmed they can host it ) </span><br />
<span style="color: blue;">The transition will take some time, so email me links to what you need. </span></div>
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.com2tag:blogger.com,1999:blog-5046096073918528715.post-89586498471874427122016-02-22T21:58:00.001-08:002018-03-29T19:59:07.179-07:00ZergHelper - Pirated iOS App Store’s Client sample<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<b><br /></b><b>Research:</b><br />
<a href="http://researchcenter.paloaltonetworks.com/2016/02/pirated-ios-app-stores-client-successfully-evaded-apple-ios-code-review/">Pirated iOS App Store’s Client Successfully Evaded Apple iOS Code Review by Claud Xiao </a><br />
<br />
<b>Sample credit: </b> Claud Xiao<br />
<br />
<b>File information:</b><br />
<b>“开心日常英语 (Happy Daily English) / Zerghelper</b><br />
<br />
File: EnglishStudy<br />
Size: 7925888<br />
MD5: 00C7FF895B8707C2D63BEAD4D5ECC9F6<br />
<br />
File: EnglishStudy-v5.0.0.ipa<br />
Size: 21506666<br />
MD5: 8135A3E8EF90558C70223EB00F9B19C0<br />
<br />
File: Installer.ipa<br />
Size: 6576644<br />
MD5: ED9C55AC907F0FA6D8FF6693C3B14835<br />
<b><br /></b>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<a href="https://2.bp.blogspot.com/-VK50VgBT1rs/VsvuBUhndqI/AAAAAAACXbs/kFACfPGttzQ/s1600/Picture1.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://2.bp.blogspot.com/-VK50VgBT1rs/VsvuBUhndqI/AAAAAAACXbs/kFACfPGttzQ/s1600/Picture1.png" /></a><a href="http://contagiomobile.deependresearch.org/zerghelper_ios_samp.zip">Download. Email me if you need the password </a></div>
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.com0tag:blogger.com,1999:blog-5046096073918528715.post-48239170231574917112015-10-04T21:49:00.001-07:002018-03-29T20:06:24.701-07:00YiSpecter iOS iphone malware samples<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
Research: <a href="http://researchcenter.paloaltonetworks.com/2015/10/yispecter-first-ios-malware-attacks-non-jailbroken-ios-devices-by-abusing-private-apis/">Palo Alto. Claud Xiao YiSpecter: First iOS Malware That Attacks Non-jailbroken Apple iOS Devices by Abusing Private APIs</a><br />
<br />
Sample Credit: Claud Xiao<br />
<br />
MD5<br />
File: ADPage Size: 2570560 MD5: 8E93947DFD1B11A77A04429BD8B32CED<br />
File: ADPage.ipa Size: 1484304 MD5: 62C6F0E3615B0771C0D189D3A7C50477<br />
File: DaPian Size: 5978608 MD5: 3A41BB59E2946A66BBD03A8B4D51510B<br />
File: DaPian.ipa Size: 2826575 MD5: 6E907716DC1AA6B9C490CE58AAAE0D53<br />
File: HYQvod Size: 1984256 MD5: 35EE9556457D6170EA83C800887C1CBE<br />
File: HYQvod.ipa Size: 2154552 MD5: 97210A234417954C7BBE87BFE685EAAE<br />
File: HYQvod_3.3.3 Size: 3347360 MD5: 304A10D364454EE8F2E26979927C0334<br />
File: HYQvod_3.3.3.ipa Size: 3148992 MD5: 29E147675AF38ECE406B6227F3CCD76B<br />
File: NoIcon Size: 1426368 MD5: E6B45FAF823387BCA7524C4D0329543F<br />
File: NoIcon.ipa Size: 581136 MD5: FBF92317CA8A7D5C243AB62624701050<br />
File: NoIconUpdate Size: 1427040 MD5: 4460F3D29A4BCE8AA8E8FFDE4A467B70<br />
File: NoIconUpdate.ipa Size: 590191 MD5: 0B98EE74843809493B0661C679A3C90C<br />
<br />
<a href="http://4.bp.blogspot.com/-THWlIYqnzm0/VhIAw_uoezI/AAAAAAACW58/JgF368euFM4/s1600/iphone.PNG" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://4.bp.blogspot.com/-THWlIYqnzm0/VhIAw_uoezI/AAAAAAACW58/JgF368euFM4/s1600/iphone.PNG" /></a> <a href="http://contagiomobile.deependresearch.org/yipecter_ios_samp.zip">Download. Email me if you need the password</a> (New Link)</div>
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.com1tag:blogger.com,1999:blog-5046096073918528715.post-68053554663974180642015-09-01T21:38:00.002-07:002018-03-29T20:26:25.523-07:00KeyRaider: iOS infostealer<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<a href="http://1.bp.blogspot.com/-Xzaa2CnNv44/VeZ8xRhtwLI/AAAAAAACWuk/QNG4kopzHAg/s1600/kr.PNG" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="181" src="https://1.bp.blogspot.com/-Xzaa2CnNv44/VeZ8xRhtwLI/AAAAAAACWuk/QNG4kopzHAg/s200/kr.PNG" width="200" /></a><br />
<a href="http://researchcenter.paloaltonetworks.com/2015/08/keyraider-ios-malware-steals-over-225000-apple-accounts-to-create-free-app-utopia/">Research: Palo Alto: KeyRaider: iOS Malware Steals Over 225,000 Apple Accounts to Create Free App Utopia</a><br />
<br />
<br />
Sample Credit:Claud Xiao<br />
<br />
<br />
<br />
<br />
<br />
<br />
02464AE6259A2C8194470385781501B7 9 <span class="Apple-tab-span" style="white-space: pre;"> </span>catbbs.ibackground 3.2.deb<br />
0F710F8397EC969AF26C299A63AEDA8B <span class="Apple-tab-span" style="white-space: pre;"> </span>9catbbs.iappstore 4.0.deb<br />
1DD1A8C6C213E3B51CD2463D764A9C62 <span class="Apple-tab-span" style="white-space: pre;"> </span>9catbbs.MPPlugin 1.3.deb<br />
3838A37A9BC7DF750FB16D12E32A2FCB <span class="Apple-tab-span" style="white-space: pre;"> </span>iweixin.deb<br />
3C57E433FBBA1AC1E4DC1B84CEC038FB<span class="Apple-tab-span" style="white-space: pre;"> </span> repo.sunbelife.batterylife 1.4.1.deb<br />
CAAF060572E57B6D175C3959495BCDBF <span class="Apple-tab-span" style="white-space: pre;"> </span>9catbbs.GamePlugin 6.1-9.deb<br />
DDF224F63EE9C7FBA76298664A2B0B00 <span class="Apple-tab-span" style="white-space: pre;"> </span>9catbbs.iappinbuy 1.0.deb<br />
<br />
<a href="http://contagiomobile.deependresearch.org/keyraider_ios_samp.zip">Download</a><br />
Email me if you need the password (2015-09-03 - fixed zip file)<br />
<br /></div>
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.com2tag:blogger.com,1999:blog-5046096073918528715.post-9124649945863755592015-06-14T19:41:00.001-07:002018-03-29T20:29:31.396-07:00Android.Trojan.SLocker.DZ - Fake videoplayer - Ransomware<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<a href="http://www.cbronline.com/news/mobility/security/bitdefender-android-ransomware-uses-fake-fbi-porn-warning-4585753" target="_blank">Research: Bitdefender: Android ransomware uses fake FBI porn warning</a><br />
<br />
Size: 3120873<br />
MD5: F836F5C6267F13BF9F6109A6B8D79175<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://2.bp.blogspot.com/-Xj7AcgBrCkc/VX46n1jL0sI/AAAAAAACS18/0q05P43NZZI/s1600/ic_launcher.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://2.bp.blogspot.com/-Xj7AcgBrCkc/VX46n1jL0sI/AAAAAAACS18/0q05P43NZZI/s1600/ic_launcher.png" /></a></div>
<a href="http://contagiomobile.deependresearch.org/ransom_fbi_android_samp.zip" target="_blank">Download. Email me if you need the password (New link)</a><br />
<br />
<br />
<br />
<br />
<br />
<a name='more'></a><br />
<a href="https://www.virustotal.com/en/file/d721a38e55441e3273754fa642f2744567dc786df356e89fa0bfa3cfd63ad0ed/analysis/">https://www.virustotal.com/en/file/d721a38e55441e3273754fa642f2744567dc786df356e89fa0bfa3cfd63ad0ed/analysis/</a><br />
SHA256:<span class="Apple-tab-span" style="white-space: pre;"> </span>d721a38e55441e3273754fa642f2744567dc786df356e89fa0bfa3cfd63ad0ed<br />
File name:<span class="Apple-tab-span" style="white-space: pre;"> </span>fbi.apk<br />
Detection ratio:<span class="Apple-tab-span" style="white-space: pre;"> </span>26 / 57<br />
Analysis date:<span class="Apple-tab-span" style="white-space: pre;"> </span>2015-06-08 22:30:43 UTC ( 6 days, 4 hours ago )<br />
<br />
Behavioural information<br />
Antivirus<span class="Apple-tab-span" style="white-space: pre;"> </span>Result<span class="Apple-tab-span" style="white-space: pre;"> </span>Update<br />
AVware<span class="Apple-tab-span" style="white-space: pre;"> </span>Trojan.AndroidOS.Generic.A<span class="Apple-tab-span" style="white-space: pre;"> </span>20150608<br />
Ad-Aware<span class="Apple-tab-span" style="white-space: pre;"> </span>Android.Trojan.SLocker.DZ<span class="Apple-tab-span" style="white-space: pre;"> </span>20150608<br />
AegisLab<span class="Apple-tab-span" style="white-space: pre;"> </span>Small<span class="Apple-tab-span" style="white-space: pre;"> </span>20150608<br />
AhnLab-V3<span class="Apple-tab-span" style="white-space: pre;"> </span>Android-Trojan/Slocker.e1df<span class="Apple-tab-span" style="white-space: pre;"> </span>20150608<br />
Antiy-AVL<span class="Apple-tab-span" style="white-space: pre;"> </span>Trojan[Ransom:HEUR]/AndroidOS.Small.12<span class="Apple-tab-span" style="white-space: pre;"> </span>20150608<br />
Arcabit<span class="Apple-tab-span" style="white-space: pre;"> </span>Android.Trojan.SLocker.DZ<span class="Apple-tab-span" style="white-space: pre;"> </span>20150608<br />
Avast<span class="Apple-tab-span" style="white-space: pre;"> </span>Android:Locker-DU [Trj]<span class="Apple-tab-span" style="white-space: pre;"> </span>20150608<br />
Baidu-International<span class="Apple-tab-span" style="white-space: pre;"> </span>Trojan.Android.Locker.CB<span class="Apple-tab-span" style="white-space: pre;"> </span>20150608<br />
BitDefender<span class="Apple-tab-span" style="white-space: pre;"> </span>Android.Trojan.SLocker.DZ<span class="Apple-tab-span" style="white-space: pre;"> </span>20150608<br />
Cyren<span class="Apple-tab-span" style="white-space: pre;"> </span>AndroidOS/GenBl.F836F5C6!Olympus<span class="Apple-tab-span" style="white-space: pre;"> </span>20150608<br />
DrWeb<span class="Apple-tab-span" style="white-space: pre;"> </span>Android.Locker.131.origin<span class="Apple-tab-span" style="white-space: pre;"> </span>20150608<br />
ESET-NOD32<span class="Apple-tab-span" style="white-space: pre;"> </span>Android/Locker.CB<span class="Apple-tab-span" style="white-space: pre;"> </span>20150608<br />
Emsisoft<span class="Apple-tab-span" style="white-space: pre;"> </span>Android.Trojan.SLocker.DZ (B)<span class="Apple-tab-span" style="white-space: pre;"> </span>20150608<br />
F-Secure<span class="Apple-tab-span" style="white-space: pre;"> </span>Android.Trojan.SLocker.DZ<span class="Apple-tab-span" style="white-space: pre;"> </span>20150608<br />
Fortinet<span class="Apple-tab-span" style="white-space: pre;"> </span>Android/Locker.CB!tr<span class="Apple-tab-span" style="white-space: pre;"> </span>20150608<br />
GData<span class="Apple-tab-span" style="white-space: pre;"> </span>Android.Trojan.SLocker.DZ<span class="Apple-tab-span" style="white-space: pre;"> </span>20150608<br />
Ikarus<span class="Apple-tab-span" style="white-space: pre;"> </span>Trojan-Ransom.AndroidOS.PornLocker<span class="Apple-tab-span" style="white-space: pre;"> </span>20150608<br />
K7GW<span class="Apple-tab-span" style="white-space: pre;"> </span>Trojan ( 004c39781 )<span class="Apple-tab-span" style="white-space: pre;"> </span>20150608<br />
Kaspersky<span class="Apple-tab-span" style="white-space: pre;"> </span>HEUR:Trojan-Ransom.AndroidOS.Small.r<span class="Apple-tab-span" style="white-space: pre;"> </span>20150608<br />
McAfee<span class="Apple-tab-span" style="white-space: pre;"> </span>Artemis!F836F5C6267F<span class="Apple-tab-span" style="white-space: pre;"> </span>20150608<br />
McAfee-GW-Edition<span class="Apple-tab-span" style="white-space: pre;"> </span>Artemis!F836F5C6267F<span class="Apple-tab-span" style="white-space: pre;"> </span>20150608<br />
MicroWorld-eScan<span class="Apple-tab-span" style="white-space: pre;"> </span>Android.Trojan.SLocker.DZ<span class="Apple-tab-span" style="white-space: pre;"> </span>20150608<br />
Sophos<span class="Apple-tab-span" style="white-space: pre;"> </span>Andr/Ransom-F<span class="Apple-tab-span" style="white-space: pre;"> </span>20150608<br />
Tencent<span class="Apple-tab-span" style="white-space: pre;"> </span>a.rogue.pornplayer<span class="Apple-tab-span" style="white-space: pre;"> </span>20150608<br />
TrendMicro-HouseCall<span class="Apple-tab-span" style="white-space: pre;"> </span>Suspicious_GEN.F47V0602<span class="Apple-tab-span" style="white-space: pre;"> </span>20150608<br />
VIPRE<span class="Apple-tab-span" style="white-space: pre;"> </span>Trojan.AndroidOS.Generic.A<span class="Apple-tab-span" style="white-space: pre;"> </span>20150608</div>
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.com0tag:blogger.com,1999:blog-5046096073918528715.post-38313662624026131022015-06-09T05:15:00.000-07:002018-03-29T20:34:21.498-07:00Android Ransomware / Locker with decompile message sample<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">Research/Sample credit: <a href="https://twitter.com/LukasStefanko/status/607823196562276352" target="_blank">Lukas Stefanko<br /> https://twitter.com/LukasStefanko/status/607823196562276352</a></span><br />
<span style="font-family: inherit;"><br /></span>
<span style="background-color: white; color: #333333; line-height: 20px;"><span style="font-family: inherit;">qqkj.qqmagic.apk</span></span><br />
<span style="background-color: white; color: #333333; line-height: 20px;"><span style="font-family: inherit;">735b4e78b334f6b9eb19e700a4c30966 </span></span><br />
<span style="background-color: white; color: #333333; line-height: 20px;"><span style="font-family: inherit;"><br /></span></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://3.bp.blogspot.com/-3KiRnEyzZtA/VXbXh1MuKAI/AAAAAAACS1M/t7ApXWcby_c/s1600/ic_launcher-50%2525.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><span style="font-family: inherit;"><img border="0" src="https://3.bp.blogspot.com/-3KiRnEyzZtA/VXbXh1MuKAI/AAAAAAACS1M/t7ApXWcby_c/s1600/ic_launcher-50%2525.png" /></span></a></div>
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;"><a href="http://www.mediafire.com/download/1v8c3t94xw5j81b/Android-Locker-qqmagic-735B4E78B334F6B9EB19E700A4C30966.zip" target="_blank">Download. Email me if you need the password</a></span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;"><br /></span>
<br />
<br />
<span style="font-family: inherit;"><span style="background-color: white; color: #333333; line-height: 20px;"></span></span><br />
<a name='more'></a><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;"><a href="https://www.virustotal.com/en/file/b914c0dd57ffcb1c96cf37d61a3ae052a5372f01c5fac3ea0535bbdb0da862dd/analysis/">https://www.virustotal.com/en/file/b914c0dd57ffcb1c96cf37d61a3ae052a5372f01c5fac3ea0535bbdb0da862dd/analysis/</a></span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">SHA256:<span class="Apple-tab-span" style="white-space: pre;"> </span>b914c0dd57ffcb1c96cf37d61a3ae052a5372f01c5fac3ea0535bbdb0da862dd</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">File name:<span class="Apple-tab-span" style="white-space: pre;"> </span>myfile.exe</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">Detection ratio:<span class="Apple-tab-span" style="white-space: pre;"> </span>10 / 57</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">Analysis date:<span class="Apple-tab-span" style="white-space: pre;"> </span>2015-06-09 09:22:50 UTC ( 2 hours, 38 minutes ago ) </span></span><br />
<span style="font-family: inherit;"><span style="color: #333333; line-height: 20px;">AhnLab-V3</span><span class="Apple-tab-span" style="color: #333333; line-height: 20px; white-space: pre;"> </span><span style="color: #333333; line-height: 20px;">Android-Trojan/SmsSpy.ddc0</span><span class="Apple-tab-span" style="color: #333333; line-height: 20px; white-space: pre;"> </span><span style="color: #333333; line-height: 20px;">20150608</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">Baidu-International<span class="Apple-tab-span" style="white-space: pre;"> </span>Trojan.Android.Jisut.N<span class="Apple-tab-span" style="white-space: pre;"> </span>20150609</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">Cyren<span class="Apple-tab-span" style="white-space: pre;"> </span>AndroidOS/RANSOM.SLcoker.S.gen!Eldorado<span class="Apple-tab-span" style="white-space: pre;"> </span>20150609</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">DrWeb<span class="Apple-tab-span" style="white-space: pre;"> </span>Android.SmsSend.3003<span class="Apple-tab-span" style="white-space: pre;"> </span>20150609</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">ESET-NOD32<span class="Apple-tab-span" style="white-space: pre;"> </span>Android/LockScreen.Jisut.N<span class="Apple-tab-span" style="white-space: pre;"> </span>20150609</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">Fortinet<span class="Apple-tab-span" style="white-space: pre;"> </span>Android/LockScreen_Jisut.N!tr<span class="Apple-tab-span" style="white-space: pre;"> </span>20150609</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">Ikarus<span class="Apple-tab-span" style="white-space: pre;"> </span>Trojan.AndroidOS.LockScreen<span class="Apple-tab-span" style="white-space: pre;"> </span>20150609</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">McAfee<span class="Apple-tab-span" style="white-space: pre;"> </span>Artemis!735B4E78B334<span class="Apple-tab-span" style="white-space: pre;"> </span>20150609</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">McAfee-GW-Edition<span class="Apple-tab-span" style="white-space: pre;"> </span>Artemis<span class="Apple-tab-span" style="white-space: pre;"> </span>20150609</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="background-color: white; line-height: 20px;"></span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">Tencent<span class="Apple-tab-span" style="white-space: pre;"> </span>a.rogue.pornplayer<span class="Apple-tab-span" style="white-space: pre;"> </span>20150609</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;"><br /></span></span>
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">The file being studied is Android related! APK Android file more specifically. The application's main package name is qqkj.qqmagic. The internal version number of the application is 1. The displayed version string of the application is 1.0. The minimum Android API level for the application to run (MinSDKVersion) is 8. The target Android API level for the application to run (TargetSDKVersion) is 21.</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;"> Risk summary</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;"> The studied DEX file makes use of API reflection</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;"> The studied DEX file makes use of cryptographic functions</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;"> Permissions that allow the application to manipulate SMS</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;"> Permissions that allow the application to perform payments</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;"> Permissions that allow the application to access Internet</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;"> Permissions that allow the application to access private information</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;"> Other permissions that could be considered as dangerous in certain scenarios</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;"> Required permissions</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">android.permission.SEND_SMS (send SMS messages)</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">android.permission.SYSTEM_ALERT_WINDOW (display system-level alerts)</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">android.permission.ACCESS_NETWORK_STATE (view network status)</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">android.permission.RECEIVE_SMS (receive SMS)</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">android.permission.INTERNET (full Internet access)</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;"> Permission-related API calls</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">FACTORY_TEST</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">ACCESS_NETWORK_STATE</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">Landroid/net/ConnectivityManager;->getActiveNetworkInfo()Landroid/net/NetworkInfo; called from Lcom/qqmagic/s;->isNetworkConnected(Landroid/content/Context;)Z</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">Landroid/net/ConnectivityManager;->getActiveNetworkInfo()Landroid/net/NetworkInfo; called from Lqqkj/qqmagic/s;->isNetworkConnected(Landroid/content/Context;)Z</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">SEND_SMS</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">Landroid/telephony/gsm/SmsManager;->getDefault()Landroid/telephony/gsm/SmsManager; called from Lcom/qqmagic/b;->onCreate()V</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">Landroid/telephony/gsm/SmsManager;->sendTextMessage(Ljava/lang/String; Ljava/lang/String; Ljava/lang/String; Landroid/app/PendingIntent; Landroid/app/PendingIntent;)V called from Lcom/qqmagic/b;->onStartCommand(Landroid/content/Intent; I I)I</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">Landroid/telephony/gsm/SmsManager;->sendTextMessage(Ljava/lang/String; Ljava/lang/String; Ljava/lang/String; Landroid/app/PendingIntent; Landroid/app/PendingIntent;)V called from Lcom/qqmagic/s$100000000;->run()V</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">Show all</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">READ_LOGS</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">Ljava/lang/Runtime;->exec(Ljava/lang/String;)Ljava/lang/Process; called from LLogCatBroadcaster;->run()V</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;"> Main Activity</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">qqkj.qqmagic.MainActivity</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;"> Activities</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">qqkj.qqmagic.MainActivity</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;"> Services</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">qqkj.qqmagic.s</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">qqkj.qqmagic.b</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;"> Receivers</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">qqkj.qqmagic.r</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">qqkj.qqmagic.Fr</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;"> Activity-related intent filters</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">qqkj.qqmagic.MainActivity</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">actions: android.intent.action.MAIN</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">categories: android.intent.category.LAUNCHER</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;"> Receiver-related intent filters</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">qqkj.qqmagic.r</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">actions: android.intent.action.BOOT_COMPLETED</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">qqkj.qqmagic.Fr</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">actions: android.provider.Telephony.SMS_RECEIVED</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;"> Code-related observations</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">The application does not load any code dynamically</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">The application contains reflection code</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">The application does not contain native code</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">The application contains cryptographic code</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;"> Application certificate information</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;"><br /></span></span>
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;"> Application bundle files</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">AndroidManifest.xml</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">Android's binary XML</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">META-INF/CERT.RSA</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">data</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">META-INF/CERT.SF</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">ASCII text, with CRLF line terminators</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">META-INF/MANIFEST.MF</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">ASCII text, with CRLF line terminators</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">classes.dex</span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="background-color: white; line-height: 20px;"></span></span><br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 20px;">Dalvik dex file version 035</span></span></div>
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.com0tag:blogger.com,1999:blog-5046096073918528715.post-83823320529656322732015-06-05T05:10:00.001-07:002018-03-29T22:01:52.491-07:00iPhone / IOS clickfraud sample<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
Research: <a href="http://www.symantec.com/connect/blogs/japanese-one-click-fraudsters-target-ios-users-malicious-app-delivered-over-air" target="_blank">Symantec. Japanese one-click fraudsters target iOS users with malicious app delivered over the air</a><br />
<br />
Sample credit: Claud Xiao<br />
<br />
<br />
Size: 4678430<br />
MD5: 71972F763EB5EAEB87681D2615E9E68E<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-iLSEOAKDzoI/VXGQ4ijCJSI/AAAAAAACS0Y/2ooAR-UIFTA/s1600/untrust.PNG" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="143" src="https://1.bp.blogspot.com/-iLSEOAKDzoI/VXGQ4ijCJSI/AAAAAAACS0Y/2ooAR-UIFTA/s200/untrust.PNG" width="200" /></a></div>
<a href="http://www.mediafire.com/download/ln7s7ne3c17bwyz/71972F763EB5EAEB87681D2615E9E68E-IOS_Clickfraud.zip">Download.</a><br />
<a href="http://contagiomobile.deependresearch.org/clickfraud_ios_samp.zip" target="_blank">Email me if you need the password</a><br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<a name='more'></a><br />
<a href="https://www.virustotal.com/en/file/a42db180958b17edff843dd8893f4caac6b754b7f8f80d24fd9a685a32dcf34d/analysis/">https://www.virustotal.com/en/file/a42db180958b17edff843dd8893f4caac6b754b7f8f80d24fd9a685a32dcf34d/analysis/</a><br />
SHA256:<span class="Apple-tab-span" style="white-space: pre;"> </span>a42db180958b17edff843dd8893f4caac6b754b7f8f80d24fd9a685a32dcf34d<br />
File name:<span class="Apple-tab-span" style="white-space: pre;"> </span>player.ipa<br />
Detection ratio:<span class="Apple-tab-span" style="white-space: pre;"> </span>2 / 57<br />
Analysis date:<span class="Apple-tab-span" style="white-space: pre;"> </span>2015-06-05 06:54:03 UTC ( 5 hours, 13 minutes ago )<br />
Antivirus<span class="Apple-tab-span" style="white-space: pre;"> </span>Result<span class="Apple-tab-span" style="white-space: pre;"> </span>Update<br />
Symantec<span class="Apple-tab-span" style="white-space: pre;"> </span>iOS.Oneclickfraud<span class="Apple-tab-span" style="white-space: pre;"> </span>20150605<br />
TrendMicro-HouseCall<span class="Apple-tab-span" style="white-space: pre;"> </span>Suspicious_GEN.F47V0601<span class="Apple-tab-span" style="white-space: pre;"> </span>20150605</div>
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.com1tag:blogger.com,1999:blog-5046096073918528715.post-66788884663905336942015-06-02T21:01:00.001-07:002018-03-29T22:09:09.155-07:00AndroidOS.Wroba.x / HijackRAT - Android sample<div dir="ltr" style="text-align: left;" trbidi="on">
A variant of<br />
<br />
Research: <a href="https://www.fireeye.com/blog/threat-research/2014/07/the-service-you-cant-refuse-a-secluded-hijackrat.html" target="_blank">Fireeye: The Service You Can’t Refuse: A Secluded HijackRAT</a> 2014<br />
<br />
Sample Credit: SUVsoft<br />
<br />
MD5: a21fab634dc788cdd462d506458af1e4<br />
Size: 403974<br />
<br />
Installed apps:<br />
com.ahnlab.v3mobileplus<br />
-----<br />
com.android.internal.telephony.ITelephony<br />
com.epost.psf.sdsi<br />
com.estsoft.alyac.ui<br />
com.hanabank.ebk.channel.android.hananbank<br />
com.ibk.neobanking<br />
com.kbstar.kbbank<br />
com.kftc.kjbsmb<br />
com.sc.danb.scbankapp<br />
com.shinhan.sbanking<br />
com.smg.spbs<br />
com.wooribank.pib.smart<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://3.bp.blogspot.com/-dmw_rn6KNFo/VW55ir9qHtI/AAAAAAACSzw/L64djOBvZVA/s1600/icon-25%2525.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://3.bp.blogspot.com/-dmw_rn6KNFo/VW55ir9qHtI/AAAAAAACSzw/L64djOBvZVA/s1600/icon-25%2525.png" /></a> </div>
<a href="http://contagiomobile.deependresearch.org/hijackrat_android_samp.zip">Download. Email me if you need the password. </a><br />
<br />
<br />
<br />
<a name='more'></a><br />
<br />
SHA256:<span class="Apple-tab-span" style="white-space: pre;"> </span>af8962bf88f629876ce9fb28a3ba64140ffc7265938234b0bf637d8c88d32370<br />
File name:<span class="Apple-tab-span" style="white-space: pre;"> </span>13178EDIM.apk<br />
Detection ratio:<span class="Apple-tab-span" style="white-space: pre;"> </span>21 / 57<br />
Analysis date:<span class="Apple-tab-span" style="white-space: pre;"> </span>2015-06-02 17:13:13 UTC ( 10 hours, 15 minutes ago )<br />
Antivirus<span class="Apple-tab-span" style="white-space: pre;"> </span>Result<span class="Apple-tab-span" style="white-space: pre;"> </span>Update<br />
F-Secure<span class="Apple-tab-span" style="white-space: pre;"> </span>Trojan:Android/Fakeinst.MQ<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
Baidu-International<span class="Apple-tab-span" style="white-space: pre;"> </span>Trojan.Win32.Agent.AaA<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
Ikarus<span class="Apple-tab-span" style="white-space: pre;"> </span>Trojan.AndroidOS.Saho<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
NANO-Antivirus<span class="Apple-tab-span" style="white-space: pre;"> </span>Trojan.Android.Agent.djyobe<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
Kaspersky<span class="Apple-tab-span" style="white-space: pre;"> </span>HEUR:Trojan-Banker.AndroidOS.Wroba.x<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
Cyren<span class="Apple-tab-span" style="white-space: pre;"> </span>AndroidOS/FakeBanker.G.gen!Eldorado<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
Avast<span class="Apple-tab-span" style="white-space: pre;"> </span>Android:Banker-FI [Trj]<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
Avira<span class="Apple-tab-span" style="white-space: pre;"> </span>ANDROID/Dropper.Agent.PAS.Gen<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
CAT-QuickHeal<span class="Apple-tab-span" style="white-space: pre;"> </span>Android.Wroba.A<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
Emsisoft<span class="Apple-tab-span" style="white-space: pre;"> </span>Android.Trojan.FakeInst.MV (B)<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
Ad-Aware<span class="Apple-tab-span" style="white-space: pre;"> </span>Android.Trojan.FakeInst.MV<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
Arcabit<span class="Apple-tab-span" style="white-space: pre;"> </span>Android.Trojan.FakeInst.MV<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
BitDefender<span class="Apple-tab-span" style="white-space: pre;"> </span>Android.Trojan.FakeInst.MV<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
GData<span class="Apple-tab-span" style="white-space: pre;"> </span>Android.Trojan.FakeInst.MV<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
MicroWorld-eScan<span class="Apple-tab-span" style="white-space: pre;"> </span>Android.Trojan.FakeInst.MV<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
Tencent<span class="Apple-tab-span" style="white-space: pre;"> </span>Android.Trojan.Dropper.Liqh<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
DrWeb<span class="Apple-tab-span" style="white-space: pre;"> </span>Android.BankBot.39.origin<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
AhnLab-V3<span class="Apple-tab-span" style="white-space: pre;"> </span>Android-Trojan/Mqt.b457<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
Sophos<span class="Apple-tab-span" style="white-space: pre;"> </span>Andr/SmsThief-A<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
Alibaba<span class="Apple-tab-span" style="white-space: pre;"> </span>A.H.Fak.AhnLabPlus<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
ESET-NOD32<span class="Apple-tab-span" style="white-space: pre;"> </span>a variant of Android/Saho.B<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602</div>
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.com0tag:blogger.com,1999:blog-5046096073918528715.post-615991689088577162015-06-02T20:20:00.001-07:002015-06-02T20:20:54.691-07:00Android Locker Ransomware sample<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
Research: <a href="http://blog.s21sec.com/2015/05/detectada-una-nueva-variante-de.html" target="_blank">http://blog.s21sec.com/ Detectada una nueva variante de ransomware móvil</a><br />
<a href="http://www.cbronline.com/news/mobility/security/bitdefender-android-ransomware-uses-fake-fbi-porn-warning-4585753" target="_blank">Bitdefender: Android ransomware uses fake FBI porn warning </a><br />
<br />
MD5 F836F5C6267F13BF9F6109A6B8D79175<br />
<br />
<a href="http://4.bp.blogspot.com/-WMrJ1RK8qv4/VW5yANqT8EI/AAAAAAACSzA/OOoKLAY7EHY/s1600/logo1.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="85" src="http://4.bp.blogspot.com/-WMrJ1RK8qv4/VW5yANqT8EI/AAAAAAACSzA/OOoKLAY7EHY/s320/logo1.png" width="320" /></a><br />
<br />
<a href="http://www.mediafire.com/download/ailucvi9u4j1zoq/F836F5C6267F13BF9F6109A6B8D79175-FBIransom.zip" target="_blank">Download. Email me if you need the password.</a><br />
<br />
<br />
<br />
<a href="https://www.blogger.com/goog_371092590"></a><br />
<a name='more'></a><a href="https://www.blogger.com/goog_371092590"><br /></a><br />
<a href="https://www.virustotal.com/en/file/d721a38e55441e3273754fa642f2744567dc786df356e89fa0bfa3cfd63ad0ed/analysis/">https://www.virustotal.com/en/file/d721a38e55441e3273754fa642f2744567dc786df356e89fa0bfa3cfd63ad0ed/analysis/</a><br />
Ikarus<span class="Apple-tab-span" style="white-space: pre;"> </span>Trojan.AndroidOS.Locker<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
AVware<span class="Apple-tab-span" style="white-space: pre;"> </span>Trojan.AndroidOS.Generic.A<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
VIPRE<span class="Apple-tab-span" style="white-space: pre;"> </span>Trojan.AndroidOS.Generic.A<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
Baidu-International<span class="Apple-tab-span" style="white-space: pre;"> </span>Trojan.Android.Locker.CB<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
TrendMicro-HouseCall<span class="Apple-tab-span" style="white-space: pre;"> </span>Suspicious_GEN.F47V0522<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
Kaspersky<span class="Apple-tab-span" style="white-space: pre;"> </span>HEUR:Trojan-Ransom.AndroidOS.Small.r<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
McAfee<span class="Apple-tab-span" style="white-space: pre;"> </span>Artemis!F836F5C6267F<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
McAfee-GW-Edition<span class="Apple-tab-span" style="white-space: pre;"> </span>Artemis!F836F5C6267F<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
Avast<span class="Apple-tab-span" style="white-space: pre;"> </span>Android:Locker-DU [Trj]<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
Fortinet<span class="Apple-tab-span" style="white-space: pre;"> </span>Android/Locker.CB!tr<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
ESET-NOD32<span class="Apple-tab-span" style="white-space: pre;"> </span>Android/Locker.CB<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
Emsisoft<span class="Apple-tab-span" style="white-space: pre;"> </span>Android.Trojan.SLocker.DZ (B)<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
Ad-Aware<span class="Apple-tab-span" style="white-space: pre;"> </span>Android.Trojan.SLocker.DZ<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
Arcabit<span class="Apple-tab-span" style="white-space: pre;"> </span>Android.Trojan.SLocker.DZ<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
BitDefender<span class="Apple-tab-span" style="white-space: pre;"> </span>Android.Trojan.SLocker.DZ<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
F-Secure<span class="Apple-tab-span" style="white-space: pre;"> </span>Android.Trojan.SLocker.DZ<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
GData<span class="Apple-tab-span" style="white-space: pre;"> </span>Android.Trojan.SLocker.DZ<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
MicroWorld-eScan<span class="Apple-tab-span" style="white-space: pre;"> </span>Android.Trojan.SLocker.DZ<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
Tencent<span class="Apple-tab-span" style="white-space: pre;"> </span>Android.Trojan.Locker.Ecju<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
DrWeb<span class="Apple-tab-span" style="white-space: pre;"> </span>Android.Locker.131.origin<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
AhnLab-V3<span class="Apple-tab-span" style="white-space: pre;"> </span>Android-Trojan/Slocker.e1df<span class="Apple-tab-span" style="white-space: pre;"> </span>20150602<br />
Sophos<span class="Apple-tab-span" style="white-space: pre;"> </span>Andr/Ransom-F<br />
<br /></div>
Milahttp://www.blogger.com/profile/09472209631979859691noreply@blogger.com0