1111ed8bf0cd46869749546f613d6cd7b190bc14f298d6d1681130c80c3494fd

Sharing

Copy URL Twitter E-mail

General

Target

1111ed8bf0cd46869749546f613d6cd7b190bc14f298d6d1681130c80c3494fd
Size

1.8MB
MD5

77ad7783673dc1613f12ed3045044869
SHA1

5034ecab6ba1b5456b6b581b6cb1e59a3d94edc1
SHA256

1111ed8bf0cd46869749546f613d6cd7b190bc14f298d6d1681130c80c3494fd
SHA512

123d22ca8a3645038ddaa2678b1fc15578c3ba569a857df628cf5a3a1727f2f9ba480be8a3e43c74d07a928c0f8b08c0af1934140767aa1bd6f14e8722044f6a
SSDEEP

49152:ywMlqs0m6GH8wcap/13C3YHlgV7MtSEhULJTHyDa/fO:ywh1zGDcGFCYgeSLJLx/fO

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 2 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE

Files

1111ed8bf0cd46869749546f613d6cd7b190bc14f298d6d1681130c80c3494fd
.zip
Data/Bin/busybox
.elf linux arm
Data/Bin/rgs
.elf linux arm
Data/Sol/2020
.zip
cdr
.apk android

com.rootgenius.cdr

Receivers

com.rootgenius.cdr.CdrReceiver

com.rootgenius.cdr.START
helper
.elf linux arm
run
.elf linux arm
Data/Sol/2025
.zip
libframa.so
.elf linux arm
run
.elf linux arm
Data/superuser/Kinguser.apk
.apk android

com.kingroot.kinguser

com.kingroot.kinguser.activitys.SliderMainActivity

Activities

com.kingroot.kinguser.activitys.SliderMainActivity

android.intent.action.MAIN

Permissions

com.kingroot.kinguser.permission.REQUEST
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.INSTALL_PACKAGES
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.ACCESS_WIFI_STATE
android.permission.READ_LOGS
android.permission.GET_PACKAGE_SIZE
android.permission.WAKE_LOCK

Receivers

com.kingroot.kinguser.receiver.SuRequestReceiver

com.kingroot.kinguser.SU_REQUEST

com.kingroot.kinguser.receiver.PackageReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REPLACED
android.intent.action.PACKAGE_REMOVED

com.kingroot.kinguser.receiver.BootReceiver

android.intent.action.BOOT_COMPLETED

com.kingroot.kinguser.receiver.InstallReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_REPLACED

com.kingroot.kinguser.receiver.ScreenEventReceiver

android.intent.action.USER_PRESENT

com.kingroot.kinguser.receiver.AlarmReceiver

android.intent.action.BOOT_COMPLETED
com.kingroot.kinguser.action.update

Services

com.kingroot.kinguser.service.KingRootAppListService

com.kingroot.kinguser.service.IKingrootAppList
Data/superuser/ddexe
.sh linux
Data/superuser/install
.sh linux
Data/superuser/install-recovery.sh
.sh linux
Data/superuser/ku.sud
.elf linux arm
Data/superuser/run_daemon
.elf linux arm
Data/superuser/su
.elf linux arm
Data/superuser/toolbox
.elf linux arm

Sharing

General

Malware Config

Signatures

Files

com.rootgenius.cdr

Receivers

com.rootgenius.cdr.CdrReceiver

com.kingroot.kinguser

com.kingroot.kinguser.activitys.SliderMainActivity

Activities

com.kingroot.kinguser.activitys.SliderMainActivity

Permissions

Receivers

com.kingroot.kinguser.receiver.SuRequestReceiver

com.kingroot.kinguser.receiver.PackageReceiver

com.kingroot.kinguser.receiver.BootReceiver

com.kingroot.kinguser.receiver.InstallReceiver

com.kingroot.kinguser.receiver.ScreenEventReceiver

com.kingroot.kinguser.receiver.AlarmReceiver

Services

com.kingroot.kinguser.service.KingRootAppListService