tiktok-28-6-3[.]apk

Sharing

Copy URL Twitter E-mail

Reason

unexpected chunk type

General

Target

tiktok-28-6-3.apk
Size

204.1MB
MD5

797ed3c97cc6947f99925cc5d53e9ca2
SHA1

f9d342c6bf7ca5349847025da7598038438cf299
SHA256

c9d8c02bfe1880ee2e431ffc54ca095d9b2991602a4af30c2f3dd6e50a6c8c49
SHA512

01837b5b4c8902eb52228e00e628d3d5eed07a3d0fd295a81edc9096f60ae52a8b7ba05ecb751746c03216a75fe88db93372e33239dfdde233239324fe6d16ca
SSDEEP

3145728:PMpbUlRk+4xdlhup9O6yV8hsgjdYFEgNw4H2H4DPcwHN6EJTykJ5HCTM1U:PMKkHlhuntxiuawIJ6EJTykJEX

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 9 IoCs

description	ioc
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to read the user's calendar data.	android.permission.READ_CALENDAR
Allows an application to write the user's calendar data.	android.permission.WRITE_CALENDAR
Required to be able to connect to paired Bluetooth devices.	android.permission.BLUETOOTH_CONNECT

Files

tiktok-28-6-3.apk
.apk android arch:arm64 arch:arm

com.zhiliaoapp.musically

com.ss.android.ugc.aweme.i18n.musically.cut.AvatarChooseActivity

Activities

net.openid.appauth.RedirectUriReceiverActivity

android.intent.action.VIEW

com.ss.android.ugc.aweme.deeplink.AppLinkHandlerV2

android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

com.kakao.sdk.auth.AuthCodeHandlerActivity

android.intent.action.VIEW

com.ss.android.sdk.activity.BootstrapActivity

android.intent.action.VIEW

com.ss.android.ugc.aweme.shortvideo.mvtemplate.choosemedia.MvChoosePhotoActivity

com.ss.android.ugc.cut_ui.process.PICKER

com.ss.android.ugc.aweme.shortvideo.ui.VideoRecordPermissionActivity

com.ss.intent.action.redirect.record

com.ss.android.ugc.aweme.deeplink.DeepLinkActivityV2

com.ss.android.sdk.snssdk1180
android.intent.action.VIEW

com.ss.android.ugc.aweme.share.SystemShareActivity

android.intent.action.SEND
android.intent.action.SEND_MULTIPLE

com.bytedance.push.notification.PushActivity

com.zhiliaoapp.musically.pushsdk.action

com.ss.android.ugc.cut_ui_impl.process.clip.CutClipActivity

com.ss.android.ugc.cut_ui.CLIP

com.ss.android.ugc.cut_ui_impl.newplayer.NewCutPlayerActivity

com.ss.android.ugc.cut_ui.PLAY

com.ss.android.ugc.cut_ui_impl.process.NLECutCompressActivity

com.ss.android.ugc.cut_ui.NLE_COMPRESS

com.facebook.CustomTabActivity

android.intent.action.VIEW

com.linecorp.linesdk.auth.internal.LineAuthenticationCallbackActivity

android.intent.action.VIEW

Permissions

android.permission.ACCESS_COARSE_LOCATION
android.permission.SYSTEM_ALERT_WINDOW
android.permission.REORDER_TASKS
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_WIFI_STATE
android.permission.CAMERA
android.permission.RECORD_AUDIO
android.permission.FLASHLIGHT
android.permission.WAKE_LOCK
android.permission.GET_TASKS
android.permission.READ_CONTACTS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.VIBRATE
android.permission.BLUETOOTH
com.meizu.c2dm.permission.RECEIVE
com.zhiliaoapp.musically.permission.READ_ACCOUNT
com.zhiliaoapp.musically.permission.WRITE_ACCOUNT
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
com.android.launcher.permission.READ_SETTINGS
android.permission.READ_CALENDAR
android.permission.WRITE_CALENDAR
android.permission.AUTHENTICATE_ACCOUNTS
com.htc.launcher.permission.READ_SETTINGS
com.lge.launcher.permission.READ_SETTINGS
com.lge.launcher.permission.WRITE_SETTINGS
com.huawei.launcher3.permission.READ_SETTINGS
com.huawei.launcher3.permission.WRITE_SETTINGS
com.huawei.launcher2.permission.READ_SETTINGS
com.huawei.launcher2.permission.WRITE_SETTINGS
com.ebproductions.android.launcher.permission.READ_SETTINGS
com.ebproductions.android.launcher.permission.WRITE_SETTINGS
com.oppo.launcher.permission.READ_SETTINGS
com.oppo.launcher.permission.WRITE_SETTINGS
com.huawei.android.launcher.permission.READ_SETTINGS
com.huawei.android.launcher.permission.WRITE_SETTINGS
dianxin.permission.ACCESS_LAUNCHER_DATA
com.miui.mihome2.permission.READ_SETTINGS
com.miui.mihome2.permission.WRITE_SETTINGS
android.permission.FOREGROUND_SERVICE
com.zhiliaoapp.musically.permission.MIPUSH_RECEIVE
com.zhiliaoapp.musically.push.permission.MESSAGE
android.permission.SCHEDULE_EXACT_ALARM
com.orange.update.permission.READ_ATTRIBUTION
com.samsung.android.mapsagent.permission.READ_APP_INFO
com.tiktok.preload.permission.IDENTIFY
android.permission.SET_WALLPAPER
com.sec.android.provider.badge.permission.READ
com.sec.android.provider.badge.permission.WRITE
com.htc.launcher.permission.UPDATE_SHORTCUT
com.sonyericsson.home.permission.BROADCAST_BADGE
com.sonymobile.home.permission.PROVIDER_INSERT_BADGE
com.majeur.launcher.permission.UPDATE_BADGE
com.google.android.providers.gsf.permission.READ_GSERVICES
com.zhiliao.musically.livewallpaper.permission.wallpaperplugin
android.permission.CHANGE_NETWORK_STATE
android.permission.BLUETOOTH_CONNECT
android.permission.MODIFY_AUDIO_SETTINGS
com.huawei.android.launcher.permission.CHANGE_BADGE
android.permission.READ_APP_BADGE
me.everything.badger.permission.BADGE_COUNT_READ
me.everything.badger.permission.BADGE_COUNT_WRITE
android.permission.UPDATE_APP_BADGE
com.vivo.notification.permission.BADGE_ICON
com.vivo.aiengine.permission.READ_AWARE_PROVIDER
com.vivo.aiengine.permission.WRITE_AWARE_PROVIDER
com.google.android.c2dm.permission.RECEIVE
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
com.zhiliaoapp.musically.permission.RECEIVE_ADM_MESSAGE
com.amazon.device.messaging.permission.RECEIVE
com.android.vending.BILLING
android.permission.CHANGE_WIFI_MULTICAST_STATE

Receivers

com.ss.android.ugc.aweme.common.net.NetworkReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.ss.android.common.applog.HotsoonReceiver

android.intent.action.PACKAGE_INSTALL
android.intent.action.PACKAGE_ADDED

com.appsflyer.MultipleInstallBroadcastReceiver

com.android.vending.INSTALL_REFERRER

com.appsflyer.SingleInstallBroadcastReceiver

com.android.vending.INSTALL_REFERRER

com.ss.android.ugc.trill.abtest.impl.NotificationBroadcastReceiver

notification_cancelled
notification_clicked

com.ss.android.ugc.aweme.common.net.NetWorkStateReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.ss.android.message.MessageReceiver

android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.MEDIA_MOUNTED
android.intent.action.MEDIA_UNMOUNTED
android.intent.action.SCREEN_OFF
android.intent.action.SCREEN_ON
android.intent.action.ACTION_POWER_CONNECTED

com.ss.android.ugc.aweme.share.systemshare.SystemShareTargetChosenReceiver

com.zhiliaoapp.musically.systemshare.targetchosen.action

com.ss.android.ugc.aweme.push.CustomActionPushReceiver

com.zhiliaoapp.musically.action.PUSH_CUSTOM_ACTION

com.ss.android.ugc.aweme.follow.widget.FollowSmallWidgetProvider

android.appwidget.action.APPWIDGET_UPDATE
com.ss.android.ugc.aweme.follow.SAMLL_WIDGET_UPDATE

com.ss.android.ugc.aweme.follow.widget.FollowBigWidgetProvider

android.appwidget.action.APPWIDGET_UPDATE
com.ss.android.ugc.aweme.follow.BIG_WIDGET_UPDATE

com.ss.android.ugc.tiktok.localpush.receiver.NotificationAlarmReceiver

now.localpush.notification.alarm.action

com.ss.android.ugc.tiktok.localpush.receiver.RebootBroadcastReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
com.htc.intent.action.QUICKBOOT_POWERON

com.ss.android.ugc.tiktok.localpush.receiver.DailyPushCheckReceiver

now.localpush.notification.check.action

com.ss.android.ugc.aweme.appwidget.CameraWidgetProvider

android.appwidget.action.APPWIDGET_UPDATE

com.ss.android.ugc.aweme.story.widget.LargeStoryWidget

android.appwidget.action.APPWIDGET_UPDATE

com.ss.android.ugc.aweme.story.widget.SmallStoryWidget

android.appwidget.action.APPWIDGET_UPDATE

com.ss.android.ugc.aweme.core.SmallAppWidgetProvider

android.appwidget.action.APPWIDGET_UPDATE
com.ss.android.ugc.tiktok.app.widget.CHECK_STATE

com.ss.android.ugc.aweme.referral.ReferralWidget

android.appwidget.action.APPWIDGET_UPDATE

androidx.profileinstaller.ProfileInstallReceiver

androidx.profileinstaller.action.INSTALL_PROFILE
androidx.profileinstaller.action.SKIP_FILE

com.ss.android.ugc.aweme.im.sdk.notification.PushQuickActionReceiver

com.zhiliaoapp.musically.action.PUSH_DIRECT_REPLY_CONTENT_ACHIEVE

com.ss.android.ugc.awemepushlib.os.receiver.NotificationBroadcastReceiver

notification_cancelled

com.ss.android.ugc.awemepushlib.PushDislikeActionReceiver

com.zhiliaoapp.musically.action.PUSH_DISLIKE

com.ss.android.ugc.awemepushlib.PushDirectReplyReceiver

com.zhiliaoapp.musically.action.PUSH_DIRECT_REPLY

com.ss.android.push.window.oppo.ScreenReceiver

android.intent.action.USER_PRESENT

com.bytedance.liko.leakdetector.TriggerLeakCanaryReceiver

com.bytedance.dmt-leak.trigger

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

com.facebook.sdk.ACTION_CURRENT_ACCESS_TOKEN_CHANGED

com.facebook.AuthenticationTokenManager$CurrentAuthenticationTokenChangedBroadcastReceiver

com.facebook.sdk.ACTION_CURRENT_AUTHENTICATION_TOKEN_CHANGED

com.adm.push.ADMMessageHandler$Receiver

com.amazon.device.messaging.intent.REGISTRATION
com.amazon.device.messaging.intent.RECEIVE

Services

com.ss.android.ugc.trill.account.TiktokAuthService

android.accounts.AccountAuthenticator

com.ss.android.ugc.aweme.tile.PublishTileService

android.service.quicksettings.action.QS_TILE

com.ss.android.ugc.aweme.tile.HotVideoTileService

android.service.quicksettings.action.QS_TILE

com.ss.android.ugc.aweme.tools.cutsamemv.CutSameSdkDownloadService

com.ss.android.ugc.cut_downloader.DOWNLOAD

com.ss.android.ugc.aweme.livewallpaper.AmeLiveWallpaper

android.service.wallpaper.WallpaperService

com.ss.android.ugc.aweme.feed.background.BackgroundAudioBrowserService

android.media.browse.MediaBrowserService

com.ss.android.ugc.aweme.feed.background.AudioMediaSessionService

android.media.browse.MediaBrowserService

com.ss.android.ugc.awemepushlib.di.ies.MessageHandler

com.ss.android.message
com.ss.android.newmedia.message.cache.action
com.ss.android.newmedia.message.notify.delete.action
com.ss.android.fcm.message
com.ss.android.adm.message

com.ss.android.message.NotifyService

com.ss.android.message.action.PUSH_SERVICE

com.ss.android.http.OpenUrlService

com.ss.android.action.openurl

com.ss.android.ugc.cut_ui_impl.core.TemplateService

com.ss.android.ugc.cut_ui.CUT_SERVICE

com.ss.android.newmedia.redbadge.RedbadgeHandler

com.ss.android.redbadge.message

leakcanary.internal.HeapAnalyzerService

leakcanary_dmt.ANALYSIS_ACTION

com.fcm.service.SSGcmListenerService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.ss.android.ugc.cut_imageloader_fresco_dmt.DmtToolsFrescoImageService

com.ss.android.ugc.cut_ui.image.LOADER

com.ss.android.socialbase.downloader.downloader.IndependentProcessDownloadService

com.ss.android.socialbase.downloader.remote

com.ss.android.ugc.aweme.dsp.playerservice.plugin.mediasession.common.MediaSessionService

android.intent.action.MEDIA_BUTTON
android.media.browse.MediaBrowserService
android.media.AUDIO_BECOMING_NOISY
android.intent.action.MEDIA_BUTTON
android.media.browse.MediaBrowserService
android.media.AUDIO_BECOMING_NOISY

com.heytap.msp.push.service.DataMessageCallbackService

com.heytap.mcs.action.RECEIVE_MCS_MESSAGE
com.heytap.msp.push.RECEIVE_MCS_MESSAGE
com.heytap.mcs.action.RECEIVE_MCS_MESSAGE
com.heytap.msp.push.RECEIVE_MCS_MESSAGE

com.heytap.msp.push.service.CompatibleDataMessageCallbackService

com.coloros.mcs.action.RECEIVE_MCS_MESSAGE
com.coloros.mcs.action.RECEIVE_MCS_MESSAGE

Android Permissions

tiktok-28-6-3.apk

Permissions

android.permission.ACCESS_COARSE_LOCATION

android.permission.SYSTEM_ALERT_WINDOW

android.permission.REORDER_TASKS

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_WIFI_STATE

android.permission.CAMERA

android.permission.RECORD_AUDIO

android.permission.FLASHLIGHT

android.permission.WAKE_LOCK

android.permission.GET_TASKS

android.permission.READ_CONTACTS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.VIBRATE

android.permission.BLUETOOTH

com.meizu.c2dm.permission.RECEIVE

com.zhiliaoapp.musically.permission.READ_ACCOUNT

com.zhiliaoapp.musically.permission.WRITE_ACCOUNT

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher.permission.UNINSTALL_SHORTCUT

com.android.launcher.permission.READ_SETTINGS

android.permission.READ_CALENDAR

android.permission.WRITE_CALENDAR

android.permission.AUTHENTICATE_ACCOUNTS

com.htc.launcher.permission.READ_SETTINGS

com.lge.launcher.permission.READ_SETTINGS

com.lge.launcher.permission.WRITE_SETTINGS

com.huawei.launcher3.permission.READ_SETTINGS

com.huawei.launcher3.permission.WRITE_SETTINGS

com.huawei.launcher2.permission.READ_SETTINGS

com.huawei.launcher2.permission.WRITE_SETTINGS

com.ebproductions.android.launcher.permission.READ_SETTINGS

com.ebproductions.android.launcher.permission.WRITE_SETTINGS

com.oppo.launcher.permission.READ_SETTINGS

com.oppo.launcher.permission.WRITE_SETTINGS

com.huawei.android.launcher.permission.READ_SETTINGS

com.huawei.android.launcher.permission.WRITE_SETTINGS

dianxin.permission.ACCESS_LAUNCHER_DATA

com.miui.mihome2.permission.READ_SETTINGS

com.miui.mihome2.permission.WRITE_SETTINGS

android.permission.FOREGROUND_SERVICE

com.zhiliaoapp.musically.permission.MIPUSH_RECEIVE

com.zhiliaoapp.musically.push.permission.MESSAGE

android.permission.SCHEDULE_EXACT_ALARM

com.orange.update.permission.READ_ATTRIBUTION

com.samsung.android.mapsagent.permission.READ_APP_INFO

com.tiktok.preload.permission.IDENTIFY

android.permission.SET_WALLPAPER

Sharing

Errors

General

Malware Config

Signatures

Files

com.zhiliaoapp.musically

com.ss.android.ugc.aweme.i18n.musically.cut.AvatarChooseActivity

Activities

net.openid.appauth.RedirectUriReceiverActivity

com.ss.android.ugc.aweme.deeplink.AppLinkHandlerV2

com.kakao.sdk.auth.AuthCodeHandlerActivity

com.ss.android.sdk.activity.BootstrapActivity

com.ss.android.ugc.aweme.shortvideo.mvtemplate.choosemedia.MvChoosePhotoActivity

com.ss.android.ugc.aweme.shortvideo.ui.VideoRecordPermissionActivity

com.ss.android.ugc.aweme.deeplink.DeepLinkActivityV2

com.ss.android.ugc.aweme.share.SystemShareActivity

com.bytedance.push.notification.PushActivity

com.ss.android.ugc.cut_ui_impl.process.clip.CutClipActivity

com.ss.android.ugc.cut_ui_impl.newplayer.NewCutPlayerActivity

com.ss.android.ugc.cut_ui_impl.process.NLECutCompressActivity

com.facebook.CustomTabActivity

com.linecorp.linesdk.auth.internal.LineAuthenticationCallbackActivity

Permissions

Receivers

com.ss.android.ugc.aweme.common.net.NetworkReceiver

com.ss.android.common.applog.HotsoonReceiver

com.appsflyer.MultipleInstallBroadcastReceiver

com.appsflyer.SingleInstallBroadcastReceiver

com.ss.android.ugc.trill.abtest.impl.NotificationBroadcastReceiver

com.ss.android.ugc.aweme.common.net.NetWorkStateReceiver

com.ss.android.message.MessageReceiver

com.ss.android.ugc.aweme.share.systemshare.SystemShareTargetChosenReceiver

com.ss.android.ugc.aweme.push.CustomActionPushReceiver

com.ss.android.ugc.aweme.follow.widget.FollowSmallWidgetProvider

com.ss.android.ugc.aweme.follow.widget.FollowBigWidgetProvider

com.ss.android.ugc.tiktok.localpush.receiver.NotificationAlarmReceiver

com.ss.android.ugc.tiktok.localpush.receiver.RebootBroadcastReceiver

com.ss.android.ugc.tiktok.localpush.receiver.DailyPushCheckReceiver

com.ss.android.ugc.aweme.appwidget.CameraWidgetProvider

com.ss.android.ugc.aweme.story.widget.LargeStoryWidget

com.ss.android.ugc.aweme.story.widget.SmallStoryWidget

com.ss.android.ugc.aweme.core.SmallAppWidgetProvider

com.ss.android.ugc.aweme.referral.ReferralWidget

androidx.profileinstaller.ProfileInstallReceiver

com.ss.android.ugc.aweme.im.sdk.notification.PushQuickActionReceiver

com.ss.android.ugc.awemepushlib.os.receiver.NotificationBroadcastReceiver

com.ss.android.ugc.awemepushlib.PushDislikeActionReceiver

com.ss.android.ugc.awemepushlib.PushDirectReplyReceiver

com.ss.android.push.window.oppo.ScreenReceiver

com.bytedance.liko.leakdetector.TriggerLeakCanaryReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

com.facebook.AuthenticationTokenManager$CurrentAuthenticationTokenChangedBroadcastReceiver

com.adm.push.ADMMessageHandler$Receiver

Services

com.ss.android.ugc.trill.account.TiktokAuthService

com.ss.android.ugc.aweme.tile.PublishTileService

com.ss.android.ugc.aweme.tile.HotVideoTileService

com.ss.android.ugc.aweme.tools.cutsamemv.CutSameSdkDownloadService

com.ss.android.ugc.aweme.livewallpaper.AmeLiveWallpaper

com.ss.android.ugc.aweme.feed.background.BackgroundAudioBrowserService

com.ss.android.ugc.aweme.feed.background.AudioMediaSessionService

com.ss.android.ugc.awemepushlib.di.ies.MessageHandler

com.ss.android.message.NotifyService

com.ss.android.http.OpenUrlService

com.ss.android.ugc.cut_ui_impl.core.TemplateService

com.ss.android.newmedia.redbadge.RedbadgeHandler

leakcanary.internal.HeapAnalyzerService

com.fcm.service.SSGcmListenerService

com.google.firebase.messaging.FirebaseMessagingService

com.ss.android.ugc.cut_imageloader_fresco_dmt.DmtToolsFrescoImageService

com.ss.android.socialbase.downloader.downloader.IndependentProcessDownloadService

com.ss.android.ugc.aweme.dsp.playerservice.plugin.mediasession.common.MediaSessionService

com.heytap.msp.push.service.DataMessageCallbackService

com.heytap.msp.push.service.CompatibleDataMessageCallbackService

Android Permissions

tiktok-28-6-3.apk