Report - tsm.95516.com/TSM/GLNFSAPS/KXMGMNFS/APK/file/UPTsmService12.apk

Report Overview

Submitted URL
tsm.95516.com/TSM/GLNFSAPS/KXMGMNFS/APK/file/UPTsmService12.apk
IP
45.116.81.58
ASN
#54994 ML-1432-54994
Submitted
2024-05-10 11:11:28
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
9

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
tsm.95516.com	630837	2000-12-31	2017-09-07	2024-03-04	517 B	11 MB	45.116.81.58

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
tsm.95516.com/TSM/GLNFSAPS/KXMGMNFS/APK/file/UPTsmService12.apk
IP
45.116.81.58
ASN
#54994 ML-1432-54994

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
11 MB (10747881 bytes)
Hash
ac39666c96cc5540d17d73db5b70739f
1232cf1d049e1d3defbca193014640c88c07af9c
2600c2bd22199e2e13a7089f18ce07a70ced70ba10530d71c4ecb5205e00ee45

Archive (117)

Filename

Md5

File type

MANIFEST.MF

21f7847ea4eab14b582962f84a9b8805

JAR Manifest, ASCII text, with CRLF line terminators

UNIONPAY.SF

5debd5d14787bdd371764079d3ffc84f

JAR Signature File, ASCII text, with CRLF line terminators

UNIONPAY.RSA

141cd6207c39ca01a0384f77fb3b2c8a

DER Encoded PKCS#7 Signed Data

AndroidManifest.xml

46468c6f6958cd60bf6b23b87ae6ceec

Android binary XML

classes.dex

0936cfaa473b0ad2834162007a3091e5

Dalvik dex file version 035

libuptsmservice.so

a44a7df98ed8a28ae9a6d95c2b0abcdb

ELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV)

libuptsmservice.so

6719f305db54d88cc59f06df782de51e

ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV)

libuptsmservice.so

99bef7200b495dc4f339069a5b4a8c3f

ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV)

libuptsmservice.so

5ba9202afc49aef7b9eec92c7225e745

ELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV)

libuptsmservice.so

5656d6bc778a02a3fa9cf2c007ed13e4

ELF 64-bit LSB shared object, x86-64, version 1 (SYSV)

popup_enter.xml

ac39284fd660fa4be949bd3143c6a367

Android binary XML

popup_exit.xml

2f2ae960a62bdd177adda02eb4c04b4e

Android binary XML

bank_logo.JPG

4431ec324a243a1da91383f834cc27ac

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 591x591, components 3

base_action_bar_back_normal.png

4fd4bcade2e4e2b7f6395dc3db797590

PNG image data, 25 x 25, 8-bit colormap, non-interlaced

base_action_bar_back_submit.png

724eb492ef3259b9822c3af85a500502

PNG image data, 35 x 27, 8-bit/color RGBA, non-interlaced

bg.png

043ae3657608a185e990cdfc097e35c1

PNG image data, 640 x 160, 8-bit/color RGB, non-interlaced

bg_dialog.9.png

90ef42796d6dfe12f230e85d641276f9

PNG image data, 31 x 32, 8-bit/color RGBA, non-interlaced

bg_dialog_edit.9.png

d34d0d776ac60024448f7ca7e59866db

PNG image data, 100 x 30, 8-bit grayscale, non-interlaced

bg_input_round.9.png

ab0b706d5e677a30ea8d3f5f3e78a5e5

PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced

bg_keyboard.png

3fb059eea2cf4bcc3657190a088cffef

PNG image data, 239 x 122, 8-bit grayscale, non-interlaced

bg_normal.png

9baa525bc974071459b3a408990331a9

PNG image data, 239 x 122, 8-bit grayscale, non-interlaced

bg_press.png

97d91e8f0d829f1f038bb6339cca3d20

PNG image data, 239 x 122, 8-bit grayscale, non-interlaced

bg_upedittext_line_error.9.png

acd6af549dea7dc243f89e5ef3da5334

PNG image data, 5 x 30, 8-bit/color RGBA, non-interlaced

bg_upedittext_line_focus.9.png

102188ecd875c825f2628f28b47abf16

PNG image data, 5 x 30, 8-bit/color RGBA, non-interlaced

bg_upedittext_line_normal.9.png

51a792b11afd4616649b7a73b7a084f6

PNG image data, 5 x 30, 8-bit/color RGBA, non-interlaced

btn_down_arrow_clicked.png

2a17a4132f45ae9b874293cbd0d14d89

PNG image data, 26 x 16, 8-bit colormap, non-interlaced

btn_down_arrow_normal.png

d2697a9d52825e01a5e4ee3a4469c745

PNG image data, 26 x 16, 8-bit colormap, non-interlaced

btn_up_arrow_clicked.png

96adb9dd9d94b710623220c5bd60d337

PNG image data, 26 x 16, 8-bit colormap, non-interlaced

btn_up_arrow_normal.png

b80965523e3d500ad35ed45b9c915103

PNG image data, 26 x 16, 8-bit colormap, non-interlaced

checkbox_normal.png

d7d9cc0094aea1e3ef05e5692be24d8a

PNG image data, 30 x 30, 8-bit colormap, non-interlaced

checkbox_pressed.png

4292d52b01441ccf58135d05a1c0eb74

PNG image data, 30 x 30, 8-bit colormap, non-interlaced

checkswitch_bottom.png

564b56e8764a237b84039e808f534ff7

PNG image data, 216 x 58, 8-bit/color RGBA, non-interlaced

checkswitch_btn_pressed.png

418124aec8bfa744f339ed1dcc16665d

PNG image data, 216 x 58, 8-bit/color RGBA, non-interlaced

checkswitch_btn_unpressed.png

dcabc9ea626b4f137f5e1a42ba91071c

PNG image data, 216 x 58, 8-bit/color RGBA, non-interlaced

checkswitch_frame.png

dfa4356d2cb4f8c7d469a230ebae846a

PNG image data, 135 x 58, 8-bit/color RGBA, non-interlaced

checkswitch_mask.png

d395514e63d7e739cab46a22f6a56e70

PNG image data, 135 x 58, 8-bit colormap, non-interlaced

cross.png

edcd45c4f824340fd4250405fa130ceb

PNG image data, 50 x 35, 8-bit colormap, non-interlaced

delete_gray.png

b677e5d32f0b46d40883e01ed5c65eea

PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced

done.png

154edd1e8515278bec2abf8b05ff864d

PNG image data, 248 x 128, 8-bit colormap, non-interlaced

hook.png

c7c5b6ba84fb9d6ca89fa32310208940

PNG image data, 72 x 72, 8-bit colormap, non-interlaced

line_gray.9.png

4cced4de0a02f5524bdcfda6f1212a00

PNG image data, 3 x 3, 8-bit/color RGB, non-interlaced

line_gray_white.png

738255112d4828de02e09e3afa8dccfe

PNG image data, 1 x 2, 8-bit grayscale, non-interlaced

line_gray_white_h.png

f54d4244b240488cfbdef97fcdd8e628

PNG image data, 2 x 1, 8-bit grayscale, non-interlaced

number.png

953b30bcc1277e3ee4d37cfee131dd5c

PNG image data, 128 x 128, 8-bit/color RGB, non-interlaced

quick_pass.jpg

cb8e2083daf9e302343ef130a13efe42

JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 854x505, components 3

spinner_normal.png

831149a96d4501901a612ccb78c140d8

PNG image data, 24 x 13, 8-bit colormap, non-interlaced

unionpay_logo.png

4e32fa59694e7a9747001ae85e318326

PNG image data, 78 x 48, 8-bit/color RGBA, non-interlaced

warning_icon.png

79c88f22677887248724606cea86b818

PNG image data, 30 x 26, 8-bit colormap, non-interlaced

welcome_union_logo.png

bd81ab3fa5145b06ddb41cc73645a7dd

PNG image data, 370 x 92, 8-bit/color RGBA, non-interlaced

bg_my_banner.png

ac2da7ec24c8d4dc29652ee88ae5fab1

PNG image data, 780 x 288, 8-bit/color RGB, non-interlaced

bg_actionbar.xml

fc02d40b82b87f08f843dc6ac27f9009

Android binary XML

bg_edittext.xml

126b42cdc3bc4e7ca931906b3fc8311e

Android binary XML

bg_edittext_border.xml

271963140a1f28af89dafa6fb40d6fde

Android binary XML

bg_edittext_border_foucs.xml

d8220698c1cfe464996766fa2d2c3112

Android binary XML

bg_edittext_border_normal.xml

5f5f69dcfaa8b6ad70eb90c5195670d7

Android binary XML

bg_edittext_focused.xml

f6ebacbdada348999f3b43ae92666c41

Android binary XML

bg_edittext_line.xml

9d0d12c7ce5db6765bd717041a4e17a1

Android binary XML

bg_edittext_normal.xml

06a3f02740dbb4654fbdd533325449d2

Android binary XML

bg_list_item.xml

ab7e8a3dd786f5c45ae759f585ce931c

Android binary XML

bg_num_drawable.xml

1dfaba74abbe2f68ffab5be321e83281

Android binary XML

btn_down_arrow.xml

a8d48a78ab51daf3c9423bc3da11da50

Android binary XML

btn_shape.xml

575452c2853412db5fad9e52d88d29ab

Android binary XML

btn_shape_disable.xml

e1365b754031a233a2f19edb4417c558

Android binary XML

btn_sms_selector.xml

628d0f55264b2c8952114b694141c9b8

Android binary XML

btn_up_arrow.xml

6e6306b2dd32a003b958b1c4bb402ec5

Android binary XML

card_bottom_shape.xml

f96f95ff0ea0b0318839bee7e245777f

Android binary XML

card_top_shape.xml

1671f5fd6a85c5f0b19434d9c404f6f1

Android binary XML

checkbox_style.xml

27f454dba75b1fb96bea5eced147264c

Android binary XML

cursor_color.xml

7b304a448755609dc7ccc033838b8958

Android binary XML

del_bg_selector.xml

321ff39edc62138a21e122eae0059756

Android binary XML

del_fore_selector.xml

e7f0288daad04574efe4029004896782

Android binary XML

done_bg_selector.xml

59ebcfdaf8842a1c3e75f6260271c2c6

Android binary XML

done_fore_selector.xml

c8a3d13b16be25c10049ba88c465ecb5

Android binary XML

view_agreement.xml

3daee09bf8536f21203ffa7878d5c7f4

Android binary XML

view_card.xml

96482fc5792b24daebef11604d4a41d1

Android binary XML

view_card_description.xml

190a890088997687ebb31212151bd3f3

Android binary XML

view_card_detail.xml

79beab121fe00100cd26def21d0dfaf7

Android binary XML

view_personalinfo.xml

bef78ecf43a68fe3b4f23dcc783b95f8

Android binary XML

view_title.xml

8de1e1da6074be4f4de8a5f40351bfda

Android binary XML

view_unite_agreement.xml

6547e390050069a92f8b8ba3eed587ba

Android binary XML

activity_bank_user_agreement.xml

e5650be5e665ffc6095c4bdf4e4e69c8

Android binary XML

activity_loading.xml

d3158a3608be63607be0f0498b8969f9

Android binary XML

activity_unite_app_apply.xml

a072f0bef74d7599c7170a36e0e834f4

Android binary XML

activity_up_user_agreement.xml

9f20eef95383fcb840dc5579675db1cc

Android binary XML

activity_upcard_apply.xml

14b89fd33aaec5fde38e0863518cd4bd

Android binary XML

activity_upcard_detail.xml

a3d827fd2b6a8a9bfaf40f9d1b6d3282

Android binary XML

cell_spinner_item.xml

7e75ce573aed05c5a320cf631a4c4b91

Android binary XML

view_agreement.xml

db66b66cd41e95f872fdf740d9e63c2b

Android binary XML

view_card.xml

3fd63046609a4652fe67c0343b7283d6

Android binary XML

view_card_description.xml

f6017571d331168e71881a08ab5661b0

Android binary XML

view_card_detail.xml

f584dec31f8bf645a867f993c2468439

Android binary XML

view_dialog_datetime_picker.xml

daf4d23c47d14a7de8737f224cbd1180

Android binary XML

view_edittext.xml

50bf54beda551fd3a44c2df32bafc624

Android binary XML

view_personalinfo.xml

bd43bf602db59dd14520a1fb8254010d

Android binary XML

view_title.xml

87e1925659ff6cb9feafac42139c4cc1

Android binary XML

view_unite_agreement.xml

54cfd8c5dcc9878aaa0b24d3abe5f70d

Android binary XML

view_unite_card.xml

d939bd47246b1166c534a52a9116cbe5

Android binary XML

view_unite_personalinfo.xml

f78e9d9b4cff26a8802c33c69b0ea812

Android binary XML

view_upspinner.xml

f26df8018c691ee06110f05a115c636d

Android binary XML

view_warning_info.xml

8db861b5a2e2ecc2d810fa32fb92b593

Android binary XML

apduservice.xml

f3d023cb79526e90e52660470150aefc

Android binary XML

apduservice.xml

dc02a61faa0e9d23725f5ca072d64906

Android binary XML

cardemulation_extension.xml

e054364567a1ed7be85d2aa8941126fb

Android binary XML

resources.arsc

fc2653c3e1a44bca4d18a7ed6939c8b4

Android package resource table (ARSC), 209 string(s), utf8

libDexHelper.so

1e69ed7f9d140ee15c21f64c02f5aa01

ELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV)

libdexjni.so

8cff9bae0f92e3a7caf43ef5fd8b9b6a

ELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV)

libDexHelper.so

56697005b9d5cc1680c55ff91fac8723

ELF 64-bit LSB shared object, x86-64, version 1 (SYSV)

libdexjni.so

be728124b3b91737cd28a6b5b56f39e7

ELF 64-bit LSB shared object, x86-64, version 1 (SYSV)

libDexHelper.so

b8c4858c32d4d438430a5714f5bbd089

ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV)

libdexjni.so

23763a5a50410fbb54625c845705fc6d

ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV)

libDexHelper.so

c0e05c19e7c2ff2cab314fa8d457ea3a

ELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV)

libdexjni.so

8b4d3cf6df55db6b3b1f07a623ab5b4f

ELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV)

libDexHelper.so

16ee2e334c369a596934c3d041170bf4

ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV)

libdexjni.so

be37fa22e8d34c5b4be6ca7a0b6fb46d

ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV)

rsa.sig

727fa51b557a9dc4e667d4fda1f88079

ASCII text

manifest.mf

c171450ff4b6dd71ee604671b6ca8298

ASCII text, with very long lines (2375), with no line terminators

rsa.pub

cf57c750a8a78aef6cd6747574d09f81

ASCII text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_stackstrings
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_stackstrings
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_stackstrings
YARAhub by abuse.ch	malware	meth_stackstrings

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	tsm.95516.com/TSM/GLNFSAPS/KXMGMNFS/APK/file/UPTsmService12.apk	45.116.81.58	200 OK	11 MB
URL User Request GET HTTP/1.1 tsm.95516.com/TSM/GLNFSAPS/KXMGMNFS/APK/file/UPTsmService12.apk IP 45.116.81.58:443 ASN #54994 ML-1432-54994 Certificate IssuerGlobalSign nv-sa Subject.95516.com Fingerprint5B:6A:12:43:BC:77:48:28:34:6A:EC:75:E7:92:E4:F5:F2:F4:E1:15 ValidityMon, 19 Feb 2024 04:18:46 GMT - Sat, 22 Mar 2025 04:18:45 GMT File type Zip archive data, at least v2.0 to extract, compression method=deflate Size 11 MB (10747881 bytes) Hash ac39666c96cc5540d17d73db5b70739f 1232cf1d049e1d3defbca193014640c88c07af9c 2600c2bd22199e2e13a7089f18ce07a70ced70ba10530d71c4ecb5205e00ee45 HTTP Headers GET /TSM/GLNFSAPS/KXMGMNFS/APK/file/UPTsmService12.apk HTTP/1.1 Host: tsm.95516.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Date: Fri, 10 May 2024 11:11:00 GMT Content-Type: application/vnd.android.package-archive Transfer-Encoding: chunked Connection: keep-alive Server: Apache Last-Modified: Thu, 12 Mar 2020 02:00:58 GMT ETag: "a5772d-5a09eb9522a80-gzip" Accept-Ranges: bytes Content-Encoding: gzip X-Via: 1.1 PS-FOC-01gnC122:0 (Cdn Cache Server V2.0), 1.1 PS-000-01FR9171:8 (Cdn Cache Server V2.0) X-Ws-Request-Id: 663e00c4_PS-000-01FR9171_11930-42434`

tsm.95516.com/TSM/GLNFSAPS/KXMGMNFS/APK/file/UPTsmService12.apk

45.116.81.58

200 OK

11 MB

URL User Request GET HTTP/1.1
tsm.95516.com/TSM/GLNFSAPS/KXMGMNFS/APK/file/UPTsmService12.apk
IP
45.116.81.58:443
ASN
#54994 ML-1432-54994

Certificate
IssuerGlobalSign nv-sa
Subject*.95516.com
Fingerprint5B:6A:12:43:BC:77:48:28:34:6A:EC:75:E7:92:E4:F5:F2:F4:E1:15
ValidityMon, 19 Feb 2024 04:18:46 GMT - Sat, 22 Mar 2025 04:18:45 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
11 MB (10747881 bytes)
Hash
ac39666c96cc5540d17d73db5b70739f
1232cf1d049e1d3defbca193014640c88c07af9c
2600c2bd22199e2e13a7089f18ce07a70ced70ba10530d71c4ecb5205e00ee45

HTTP Headers

GET /TSM/GLNFSAPS/KXMGMNFS/APK/file/UPTsmService12.apk HTTP/1.1
Host: tsm.95516.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:11:00 GMT
Content-Type: application/vnd.android.package-archive
Transfer-Encoding: chunked
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Mar 2020 02:00:58 GMT
ETag: "a5772d-5a09eb9522a80-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
X-Via: 1.1 PS-FOC-01gnC122:0 (Cdn Cache Server V2.0), 1.1 PS-000-01FR9171:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 663e00c4_PS-000-01FR9171_11930-42434

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (117)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers