81d21d5cbf32e1688fbcec838595e91718a304cf345f4e02b6c0adaaa2a0f1a3

General

Target

81d21d5cbf32e1688fbcec838595e91718a304cf345f4e02b6c0adaaa2a0f1a3
Size

943KB
MD5

0403033e6e0bc6b83c695e1daa9a2cc5
SHA1

4d1d337b285d42fd6a922a2eba979e0e9cdae3bd
SHA256

81d21d5cbf32e1688fbcec838595e91718a304cf345f4e02b6c0adaaa2a0f1a3
SHA512

4a50d02e0b480cf4fdc1112201506f0e27273c4cdb5993f715e74808ac2792c9db3ad89cbb29d712fa71bdab3b53663c6f4d0e09036d4aba1e7c2c17976180f3
SSDEEP

24576:dz2aSnGlz7rxUBcw95RdQd16ZgNfWLmqg0Y8:dz2aNzvw95ROD6qNfW33

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 14 IoCs

description	ioc
Allows an application to see the number being dialed during an outgoing call with the option to redirect the call to a different number or abort the call altogether.	android.permission.PROCESS_OUTGOING_CALLS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to monitor incoming MMS messages.	android.permission.RECEIVE_MMS
Allows an application to receive WAP push messages.	android.permission.RECEIVE_WAP_PUSH

Files

81d21d5cbf32e1688fbcec838595e91718a304cf345f4e02b6c0adaaa2a0f1a3
.apk android arch:arm arch:x86

magic.weixinSFgGo

com.wysp.ldld.MainActivity

Activities

com.wysp.ldld.MainActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.ACCESS_NETWORK_STATE
android.permission.PROCESS_OUTGOING_CALLS
android.permission.BROADCAST_SMS
android.permission.READ_PHONE_STATE
android.permission.MODIFY_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_LOGS
android.permission.CALL_PHONE
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.WAKE_LOCK
android.permission.DISABLE_KEYGUARD
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_PHONE_STATE
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.SEND_SMS
android.permission.RECEIVE_SMS
android.permission.RECEIVE_MMS
android.permission.RECEIVE_WAP_PUSH
android.permission.GET_TASKS
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.CHANGE_WIFI_STATE
android.permission.WRITE_SETTINGS
android.permission.WRITE_SECURE_SETTINGS
android.permission.WRITE_APN_SETTINGS
android.permission.CHANGE_NETWORK_STATE
android.permission.VIBRATE
android.permission.INSTALL_PACKAGES
android.permission.DELETE_PACKAGES
android.permission.SYSTEM_ALERT_WINDOW
android.permission.SYSTEM_OVERLAY_WINDOW

Receivers

eoiglg.dc.NEWBootReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED

eoiglg.dc.NewSmsReceiver

android.provider.Telephony.SMS_RECEIVED
com.hanson.smart.send
com.hansom.smart.dilivery

eoiglg.dc.NXWAlarmService

com.hanson.maim.ALARMRECEIRVE

com.google.cn.audiomgr.ReceiverBroadcast

android.provider.Telephony.SMS_RECEIVED
android.intent.action.USER_PRESENT
android.net.wifi.WIFI_STATE_CHANGED
android.net.conn.CONNECTIVITY_CHANGE
android.net.wifi.STATE_CHANGE

com.google.cn.audiomgr.CMBroadcast

android.intent.action.PHONE_STATE
android.intent.action.NEW_OUTGOING_CALL

com.wysp.ldld.MReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.provider.Telephony.SMS_RECEIVED
android.intent.action.USER_PRESENT
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_CHANGED
android.intent.action.PACKAGE_REPLACED
android.intent.action.PACKAGE_RESTARTED

Services

eoiglg.dc.NXWMainService

com.hanson.mainservice.firststart

Android Permissions

81d21d5cbf32e1688fbcec838595e91718a304cf345f4e02b6c0adaaa2a0f1a3

Permissions

android.permission.INTERNET

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.ACCESS_NETWORK_STATE

android.permission.PROCESS_OUTGOING_CALLS

android.permission.BROADCAST_SMS

android.permission.READ_PHONE_STATE

android.permission.MODIFY_PHONE_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_FINE_LOCATION

android.permission.READ_LOGS

android.permission.CALL_PHONE

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.READ_PHONE_STATE

android.permission.WAKE_LOCK

android.permission.DISABLE_KEYGUARD

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.READ_PHONE_STATE

android.permission.READ_SMS

android.permission.WRITE_SMS

android.permission.SEND_SMS

android.permission.RECEIVE_SMS

android.permission.RECEIVE_MMS

android.permission.RECEIVE_WAP_PUSH

android.permission.GET_TASKS

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.CHANGE_WIFI_STATE

android.permission.WRITE_SETTINGS

android.permission.WRITE_SECURE_SETTINGS

android.permission.WRITE_APN_SETTINGS

android.permission.CHANGE_NETWORK_STATE

android.permission.VIBRATE

android.permission.INSTALL_PACKAGES

android.permission.DELETE_PACKAGES

android.permission.SYSTEM_ALERT_WINDOW

android.permission.SYSTEM_OVERLAY_WINDOW

Sharing

General

Malware Config

Signatures

Files

magic.weixinSFgGo

com.wysp.ldld.MainActivity

Activities

com.wysp.ldld.MainActivity

Permissions

Receivers

eoiglg.dc.NEWBootReceiver

eoiglg.dc.NewSmsReceiver

eoiglg.dc.NXWAlarmService

com.google.cn.audiomgr.ReceiverBroadcast

com.google.cn.audiomgr.CMBroadcast

com.wysp.ldld.MReceiver

Services

eoiglg.dc.NXWMainService

Android Permissions

81d21d5cbf32e1688fbcec838595e91718a304cf345f4e02b6c0adaaa2a0f1a3