af78a737b276d7bb1559a2cf9a3a3a3860d96b9aa043365045c3497eae89eb87

General

Target

af78a737b276d7bb1559a2cf9a3a3a3860d96b9aa043365045c3497eae89eb87
Size

1.0MB
MD5

321f16ad435286f5f1ccea5924f60445
SHA1

58916ee979f3d690348743b46df2c581b2fdcdcd
SHA256

af78a737b276d7bb1559a2cf9a3a3a3860d96b9aa043365045c3497eae89eb87
SHA512

e6eb07ad1c0b3f28c0393c146d9ba9736e7d80298d3aa9e10f411d7b25853acdcf6b4f38046b00eb4efb5295a8215233a39eec58500b3f348017aec6fff43918
SSDEEP

24576:wVnRNoDOWmULtyoqmSlMGS8QA8HWEUQAtP6piln+8:ungDOWmULtjqC9A8HWEUEp0n1

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 11 IoCs

description	ioc
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows an application to read the user's call log.	android.permission.READ_CALL_LOG
Allows an application to write (but not read) the user's call log data.	android.permission.WRITE_CALL_LOG
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE

Files

af78a737b276d7bb1559a2cf9a3a3a3860d96b9aa043365045c3497eae89eb87
.apk android arch:arm64 arch:arm arch:mips arch:mips64 arch:x86 arch:x64

com.a

com.qwe.MainActiv

Activities

com.qwe.MainActiv

android.intent.action.MAIN

com.qwe.Bridge

android.intent.action.MAIN

Permissions

android.permission.VIBRATE
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.RECEIVE_SMS
android.permission.SEND_SMS
android.permission.READ_CONTACTS
android.permission.WRITE_CONTACTS
android.permission.WRITE_SETTINGS
android.permission.READ_PHONE_STATE
android.permission.CALL_PHONE
android.permission.READ_CALL_LOG
android.permission.WRITE_CALL_LOG
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.UPDATE_APP_OPS_STATS
android.permission.GET_TASKS
android.permission.VIBRATE
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.ACCESS_WIFI_STATE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.WAKE_LOCK

Receivers

com.a.MyAdminReceiver

android.app.action.DEVICE_ADMIN_ENABLED

com.a.Boot

android.intent.action.BOOT_COMPLETED
android.intent.action.ACTION_SHUTDOWN
android.intent.action.USER_PRESENT

com.a.A11

android.intent.action.BOOT_COMPLETED
android.intent.action.PHONE_STATE
android.intent.action.NEW_OUTGOING_CALL
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED
android.intent.action.TIMEZONE_CHANGED
android.intent.action.TIME_SET
android.intent.action.TIME_TICK
android.intent.action.UID_REMOVED
android.intent.action.UMS_CONNECTED
android.intent.action.UMS_DISCONNECTED
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_CHANGED
android.intent.action.PACKAGE_DATA_CLEARED
android.intent.action.PACKAGE_FIRST_LAUNCH
android.intent.action.PACKAGE_FULLY_REMOVED
android.intent.action.PACKAGE_INSTALL
android.intent.action.PACKAGE_NEEDS_VERIFICATION
android.intent.action.PACKAGE_REPLACED
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_RESTARTED
android.intent.action.MY_PACKAGE_REPLACED
android.intent.action.MEDIA_UNMOUNTED
android.intent.action.MEDIA_UNMOUNTABLE
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_REMOVED
android.intent.action.MANAGE_PACKAGE_STORAGE
android.intent.action.MEDIA_BAD_REMOVAL
android.intent.action.MEDIA_BUTTON
android.intent.action.MEDIA_CHECKING
android.intent.action.MEDIA_EJECT
android.intent.action.MEDIA_MOUNTED
android.intent.action.MEDIA_NOFS
android.intent.action.MEDIA_REMOVED
android.intent.action.MEDIA_SCANNER_FINISHED
android.intent.action.MEDIA_SCANNER_SCAN_FILE
android.intent.action.MEDIA_SCANNER_STARTED
android.intent.action.MEDIA_SHARED
android.intent.action.LOCALE_CHANGED
android.intent.action.INPUT_METHOD_CHANGED
android.intent.action.HEADSET_PLUG
android.intent.action.GTALK_DISCONNECTED
android.intent.action.GTALK_CONNECTED
android.intent.action.EXTERNAL_APPLICATIONS_UNAVAILABLE
android.intent.action.EXTERNAL_APPLICATIONS_AVAILABLE
android.intent.action.DOCK_EVENT
android.intent.action.DEVICE_STORAGE_OK
android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DATE_CHANGED
android.intent.action.CLOSE_SYSTEM_DIALOGS
android.intent.action.CAMERA_BUTTON
android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW
android.intent.action.BATTERY_CHANGED
android.intent.action.AIRPLANE_MODE
android.intent.action.PROVIDER_CHANGED
android.intent.action.ACTION_SHUTDOWN
android.intent.action.USER_PRESENT
android.intent.action.WALLPAPER_CHANGED
android.net.wifi.WIFI_STATE_CHANGED
com.noshufou.android.su.REQUEST
android.net.conn.CONNECTIVITY_CHANGE
android.provider.Telephony.SMS_RECEIVED

Services

com.qwe.service.AutBank

android.intent.action.BOOT_COMPLETED

com.qwe.service.SM

android.intent.action.BOOT_COMPLETED

com.qwe.service.Inter

android.intent.action.BOOT_COMPLETED

com.qwe.service.InLit

android.intent.action.BOOT_COMPLETED

com.qwe.service.UploadServi

android.intent.action.BOOT_COMPLETED

com.qwe.service.HeartB

android.intent.action.BOOT_COMPLETED

Android Permissions

af78a737b276d7bb1559a2cf9a3a3a3860d96b9aa043365045c3497eae89eb87

Permissions

android.permission.VIBRATE

android.permission.READ_SMS

android.permission.WRITE_SMS

android.permission.RECEIVE_SMS

android.permission.SEND_SMS

android.permission.READ_CONTACTS

android.permission.WRITE_CONTACTS

android.permission.WRITE_SETTINGS

android.permission.READ_PHONE_STATE

android.permission.CALL_PHONE

android.permission.READ_CALL_LOG

android.permission.WRITE_CALL_LOG

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_PHONE_STATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.UPDATE_APP_OPS_STATS

android.permission.GET_TASKS

android.permission.VIBRATE

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.ACCESS_WIFI_STATE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.WAKE_LOCK

Sharing

General

Malware Config

Signatures

Files

com.a

com.qwe.MainActiv

Activities

com.qwe.MainActiv

com.qwe.Bridge

Permissions

Receivers

com.a.MyAdminReceiver

com.a.Boot

com.a.A11

Services

com.qwe.service.AutBank

com.qwe.service.SM

com.qwe.service.Inter

com.qwe.service.InLit

com.qwe.service.UploadServi

com.qwe.service.HeartB

Android Permissions

af78a737b276d7bb1559a2cf9a3a3a3860d96b9aa043365045c3497eae89eb87