ddb4638c3e741f14221c76cf9a13036742509a83d49ba706e1ffb8995a9c075e

General

Target

ddb4638c3e741f14221c76cf9a13036742509a83d49ba706e1ffb8995a9c075e
Size

745KB
MD5

1d156a0999db55f5a67d54036c614dd4
SHA1

213c916dfb549f89a794f504588edfe3b874dce3
SHA256

ddb4638c3e741f14221c76cf9a13036742509a83d49ba706e1ffb8995a9c075e
SHA512

24a64f06ec2958ddc4d97085e1a6eea3c868efc0f05ad8b20b4ac00caf49b56d036d44e70d5ff77e9f90d799d942e505cadbb5b4e489576930a9a13d213ae875
SSDEEP

12288:ihfxF7BGL28xjuQk4TbT3ov1jZRNXdKnHGmdHkqtcV4SXBKr83:i3F7BM2cuQj7ovPNKnH1kjlXBKr4

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 11 IoCs

description	ioc
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows an application to read the user's call log.	android.permission.READ_CALL_LOG
Allows an application to write (but not read) the user's call log data.	android.permission.WRITE_CALL_LOG
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE

Files

ddb4638c3e741f14221c76cf9a13036742509a83d49ba706e1ffb8995a9c075e
.apk android arch:arm64 arch:arm arch:mips arch:mips64 arch:x86 arch:x64

com.a

com.qwe.MainActivit

Activities

com.qwe.MainActivit

android.intent.action.MAIN

com.qwe.Midd

android.intent.action.MAIN

Permissions

android.permission.VIBRATE
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.RECEIVE_SMS
android.permission.SEND_SMS
android.permission.READ_CONTACTS
android.permission.WRITE_CONTACTS
android.permission.WRITE_SETTINGS
android.permission.READ_PHONE_STATE
android.permission.CALL_PHONE
android.permission.READ_CALL_LOG
android.permission.WRITE_CALL_LOG
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.UPDATE_APP_OPS_STATS
android.permission.GET_TASKS
android.permission.VIBRATE
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.ACCESS_WIFI_STATE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.WAKE_LOCK

Receivers

com.a.MyAdminReceiver

android.app.action.DEVICE_ADMIN_ENABLED

com.a.BootRe

android.intent.action.BOOT_COMPLETED
android.intent.action.ACTION_SHUTDOWN
android.intent.action.USER_PRESENT

com.a.A1

android.intent.action.BOOT_COMPLETED
android.intent.action.PHONE_STATE
android.intent.action.NEW_OUTGOING_CALL
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED
android.intent.action.TIMEZONE_CHANGED
android.intent.action.TIME_SET
android.intent.action.TIME_TICK
android.intent.action.UID_REMOVED
android.intent.action.UMS_CONNECTED
android.intent.action.UMS_DISCONNECTED
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_CHANGED
android.intent.action.PACKAGE_DATA_CLEARED
android.intent.action.PACKAGE_FIRST_LAUNCH
android.intent.action.PACKAGE_FULLY_REMOVED
android.intent.action.PACKAGE_INSTALL
android.intent.action.PACKAGE_NEEDS_VERIFICATION
android.intent.action.PACKAGE_REPLACED
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_RESTARTED
android.intent.action.MY_PACKAGE_REPLACED
android.intent.action.MEDIA_UNMOUNTED
android.intent.action.MEDIA_UNMOUNTABLE
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_REMOVED
android.intent.action.MANAGE_PACKAGE_STORAGE
android.intent.action.MEDIA_BAD_REMOVAL
android.intent.action.MEDIA_BUTTON
android.intent.action.MEDIA_CHECKING
android.intent.action.MEDIA_EJECT
android.intent.action.MEDIA_MOUNTED
android.intent.action.MEDIA_NOFS
android.intent.action.MEDIA_REMOVED
android.intent.action.MEDIA_SCANNER_FINISHED
android.intent.action.MEDIA_SCANNER_SCAN_FILE
android.intent.action.MEDIA_SCANNER_STARTED
android.intent.action.MEDIA_SHARED
android.intent.action.LOCALE_CHANGED
android.intent.action.INPUT_METHOD_CHANGED
android.intent.action.HEADSET_PLUG
android.intent.action.GTALK_DISCONNECTED
android.intent.action.GTALK_CONNECTED
android.intent.action.EXTERNAL_APPLICATIONS_UNAVAILABLE
android.intent.action.EXTERNAL_APPLICATIONS_AVAILABLE
android.intent.action.DOCK_EVENT
android.intent.action.DEVICE_STORAGE_OK
android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DATE_CHANGED
android.intent.action.CLOSE_SYSTEM_DIALOGS
android.intent.action.CAMERA_BUTTON
android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW
android.intent.action.BATTERY_CHANGED
android.intent.action.AIRPLANE_MODE
android.intent.action.PROVIDER_CHANGED
android.intent.action.ACTION_SHUTDOWN
android.intent.action.USER_PRESENT
android.intent.action.WALLPAPER_CHANGED
android.net.wifi.WIFI_STATE_CHANGED
com.noshufou.android.su.REQUEST
android.net.conn.CONNECTIVITY_CHANGE
android.provider.Telephony.SMS_RECEIVED

Services

com.qwe.service.AutBankIn

android.intent.action.BOOT_COMPLETED

com.qwe.service.SMSS

android.intent.action.BOOT_COMPLETED

com.qwe.service.InterCa

android.intent.action.BOOT_COMPLETED

com.qwe.service.InsH

android.intent.action.BOOT_COMPLETED

com.qwe.service.UploadService

android.intent.action.BOOT_COMPLETED

com.qwe.service.HeartBea

android.intent.action.BOOT_COMPLETED

Android Permissions

ddb4638c3e741f14221c76cf9a13036742509a83d49ba706e1ffb8995a9c075e

Permissions

android.permission.VIBRATE

android.permission.READ_SMS

android.permission.WRITE_SMS

android.permission.RECEIVE_SMS

android.permission.SEND_SMS

android.permission.READ_CONTACTS

android.permission.WRITE_CONTACTS

android.permission.WRITE_SETTINGS

android.permission.READ_PHONE_STATE

android.permission.CALL_PHONE

android.permission.READ_CALL_LOG

android.permission.WRITE_CALL_LOG

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_PHONE_STATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.UPDATE_APP_OPS_STATS

android.permission.GET_TASKS

android.permission.VIBRATE

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.ACCESS_WIFI_STATE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.WAKE_LOCK

Sharing

General

Malware Config

Signatures

Files

com.a

com.qwe.MainActivit

Activities

com.qwe.MainActivit

com.qwe.Midd

Permissions

Receivers

com.a.MyAdminReceiver

com.a.BootRe

com.a.A1

Services

com.qwe.service.AutBankIn

com.qwe.service.SMSS

com.qwe.service.InterCa

com.qwe.service.InsH

com.qwe.service.UploadService

com.qwe.service.HeartBea

Android Permissions

ddb4638c3e741f14221c76cf9a13036742509a83d49ba706e1ffb8995a9c075e