495a0621b2afc6adefbf17dc6c3cf5e92ba8227ac6939a20439b1b9dde878617[.]apk

Sharing

Copy URL

Twitter E-mail

General

Target

495a0621b2afc6adefbf17dc6c3cf5e92ba8227ac6939a20439b1b9dde878617.apk
Size

3.7MB
MD5

a88a497b3ae6bb84209cac0906df61a7
SHA1

fd80903a98e187bc841a0aabe04528cc1654b8ee
SHA256

495a0621b2afc6adefbf17dc6c3cf5e92ba8227ac6939a20439b1b9dde878617
SHA512

684e5ea64375791c2195dd1459d868e6ed2d40ab376b5477e0964c43a4eccc57aab66ce08a55eddb51d1edc6503cf12c9c7ab7f27eb815105ec4ec31ecff5d7a
SSDEEP

49152:4GXx4KE5XqsZKV0dw8zbn3A9/HKu84zXYenCh4ebzds31j/D0NcxZBD5I:cz5XqsZDnwxnXYenUP/dsOyxrD+

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 8 IoCs

description	ioc
Allows read access to the device's phone number(s).	android.permission.READ_PHONE_NUMBERS
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to read SMS messages.	android.permission.READ_SMS

Files

495a0621b2afc6adefbf17dc6c3cf5e92ba8227ac6939a20439b1b9dde878617.apk
.apk android

com.tafupqzpqgmn.tmnhkq

com.tafupqzpqgmn.tmnhkq.lacuyenihiwega

Activities

com.tafupqzpqgmn.tmnhkq.gejaxo.yalanacagoxefu

com.tafupqzpqgmn.tmnhkqgejaxo.yalanacagoxefu

com.tafupqzpqgmn.tmnhkq.lacuyenihiwega

android.intent.action.MAIN

com.tafupqzpqgmn.tmnhkq.jehi.tevigozevavuhebu

android.intent.action.SEND
android.intent.action.SENDTO

Permissions

android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_NUMBERS
android.permission.CALL_PHONE
android.permission.READ_CONTACTS
android.permission.QUERY_ALL_PACKAGES
android.permission.GET_ACCOUNTS
android.permission.DISABLE_KEYGUARD
android.permission.GET_TASKS
android.permission.SEND_SMS
android.permission.FOREGROUND_SERVICE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.INTERNET
android.permission.WAKE_LOCK
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE
android.permission.QUICKBOOT_POWERON
android.permission.RECEIVE_SMS
android.permission.ACTION_MANAGE_OVERLAY_PERMISSION
android.permission.ACCESS_WIFI_STATE
android.permission.REQUEST_DELETE_PACKAGES
android.permission.RECEIVE_LAUNCH_BROADCASTS
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.READ_SMS
android.permission.REQUEST_INSTALL_PACKAGES

Receivers

com.tafupqzpqgmn.tmnhkq.lahuwuyahubo.powisulumufe

cn.RestartedViaAlarm
android.intent.action.PACKAGE_ADDED
android.intent.action.SCREEN_OFF
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.EXTERNAL_APPLICATIONS_AVAILABLE
android.intent.action.REBOOT
android.intent.action.USER_PRESENT
android.intent.action.BOOT_COMPLETED
com.htc.intent.action.QUICKBOOT_POWERON
android.intent.action.BATTERY_OKAY
android.intent.action.DREAMING_STOPPED
android.intent.action.BATTERY_LOW
android.intent.action.SCREEN_ON
android.intent.action.BATTERY_CHANGED
android.intent.action.QUICKBOOT_POWERON
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.ACTION_POWER_DISCONNECTED
android.intent.action.PACKAGE_REMOVED
android.net.wifi.WIFI_STATE_CHANGED

com.tafupqzpqgmn.tmnhkq.guguvatahavawa.wipiraxaha

android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED
android.app.action.DEVICE_ADMIN_DISABLED

com.tafupqzpqgmn.tmnhkq.jehi.royo

android.provider.Telephony.WAP_PUSH_DELIVER

com.tafupqzpqgmn.tmnhkq.lahuwuyahubo.mazowoziwu

cn.startService
cn.startActivity

com.tafupqzpqgmn.tmnhkq.jehi.waxo

android.provider.Telephony.SMS_DELIVER

com.tafupqzpqgmn.tmnhkq.lahuwuyahubo.napo

android.provider.Telephony.SMS_RECIEVED
android.provider.telephony.SMS_RECIEVED
android.provider.Telephony.SMS_RECEIVED

Services

com.tafupqzpqgmn.tmnhkq.jehi.ledideloweni

android.intent.action.RESPOND_VIA_MESSAGE

com.tafupqzpqgmn.tmnhkq.feda.zivemeji

android.accessibilityservice.AccessibilityService
66666692.amr
.zip
66666692.tar
.tar .js
appx/af-appx.min.css
appx/af-appx.min.js
.js
appx/af-appx.worker.min.js
.js
appx/es6-promise.min.js
.js
appx/index.html
.html .js
appx/security-patch.min.js
.js
appx/web-view.min.js
.js
appx/worker.min.js
.js
bugme.cfg
hpmfile.json
CERT.json
Manifest.xml
.xml
SIGN.json
66666692.appinfo.json
AlipayNumber.ttf
MOBILEIC@idNoMacau
.js
MOBILEIC@secret-question
.js
QUICKPAY@card-no-flex
.js
[email protected]
.js
QUICKPAY@pwd-validate-flex
.js
QUICKPAY@recommend-setspwd-flex
.js
QUICKPAY@waika-select-country-and-area-flex
.js
ag_sdk_cbg_root.cer
ali_purchase_ext_iconfont.ttf
amc-h5.js
.js
amc.i18n.en_US
amc.i18n.zh_HK
amc.i18n.zh_TW
auhtuzmgy1.zqm
buy_address_ltao.xml
buy_image_select_ltao.xml
buy_image_text_ltao.xml
buy_input_ltao.xml
buy_item_ltao.xml
buy_pay_for_another_ltao.xml
buy_quantity_ltao.xml
buy_select_ltao.xml
buy_submit_ltao.xml
buy_switch_ltao.xml
buy_switch_tj_ltao.xml
buy_tips_ltao.xml
buy_tips_tj_new_ltao.xml
configuration.json
dx_appstyle.json
framework_slice.json
framework_slice_light.png
.png
grs_sdk_global_route_config_apptouchupdatesdk.json
grs_sdk_global_route_config_opendevicesdk.json
grs_sdk_global_route_config_opensdkService.json
grs_sdk_global_route_config_updatesdk.json
homepage_dxc_data.json
lastAccetsbkup.zip
.zip
66666692.amr
.zip
66666692.tar
.tar .js
appx/af-appx.min.css
appx/af-appx.min.js
.js
appx/af-appx.worker.min.js
.js
appx/es6-promise.min.js
.js
appx/index.html
.html .js
appx/security-patch.min.js
.js
appx/web-view.min.js
.js
appx/worker.min.js
.js
bugme.cfg
hpmfile.json
CERT.json
Manifest.xml
.xml
SIGN.json
66666692.appinfo.json
AlipayNumber.ttf
MOBILEIC@idNoMacau
.js
MOBILEIC@secret-question
.js
QUICKPAY@card-no-flex
.js
[email protected]
.js
QUICKPAY@pwd-validate-flex
.js
QUICKPAY@recommend-setspwd-flex
.js
QUICKPAY@waika-select-country-and-area-flex
.js
ag_sdk_cbg_root.cer
amc-h5.js
.js
amc.i18n.en_US
amc.i18n.zh_HK
amc.i18n.zh_TW
dinamic/buy_address_ltao.xml
dinamic/buy_image_select_ltao.xml
dinamic/buy_image_text_ltao.xml
dinamic/buy_input_ltao.xml
dinamic/buy_item_ltao.xml
dinamic/buy_pay_for_another_ltao.xml
dinamic/buy_quantity_ltao.xml
dinamic/buy_select_ltao.xml
dinamic/buy_submit_ltao.xml
dinamic/buy_switch_ltao.xml
dinamic/buy_switch_tj_ltao.xml
dinamic/buy_tips_ltao.xml
dinamic/buy_tips_tj_new_ltao.xml
dinamic/dx_appstyle.json
dinamic/trade_test_address.xml
ext/purchase_ext_plugins.json
fonts/ali_purchase_ext_iconfont.ttf
fonts/purchase_iconfont.ttf
framework_slice/framework_slice.json
framework_slice/images/framework_slice_light.png
.png
grs_sdk_global_route_config_apptouchupdatesdk.json
grs_sdk_global_route_config_opendevicesdk.json
grs_sdk_global_route_config_opensdkService.json
grs_sdk_global_route_config_updatesdk.json
homepage_dxc_data.json
map/7/style_antsports01.data
map/7/style_light.data
map/style_antsports01.data
map/style_light.data
primary80.prof
theme/configuration.json
tr_china_cities.json
tr_china_cities_v2.db
triver.mock.appinfo.json
triver_iconfont.ttf
uik_core_iconfont.ttf
updatesdkcas.bks
vi-amc.js
.js
video_weex.msoac
video_windmillapi.json
voice_thinking/images/voice_thinking_image_0.png
.png
voice_thinking/voice_thinking.json
weex_config_bindingx.json
weex_config_evocationapp.json
weex_config_fashionai.json
weex_config_interactive.json
weex_config_mytaobao.json
weex_config_shopref.json
weex_config_tblive.json
weex_config_tbplay.json
widget_v8.js
.js
windmill.worker.js
.js
workerjs_multiworker.js
.js
workerjs_v8.js
.js
yuv2rgb.frag
yuv2rgb.vert
primary80.prof
purchase_ext_plugins.json
purchase_iconfont.ttf
style_antsports01.data
style_light.data
tr_china_cities.json
tr_china_cities_v2.db
trade_test_address.xml
triver.mock.appinfo.json
triver_iconfont.ttf
uik_core_iconfont.ttf
updatesdkcas.bks
vi-amc.js
.js
video_weex.msoac
video_windmillapi.json
voice_thinking.json
voice_thinking_image_0.png
.png
weex_config_bindingx.json
weex_config_evocationapp.json
weex_config_fashionai.json
weex_config_interactive.json
weex_config_mytaobao.json
weex_config_shopref.json
weex_config_tblive.json
weex_config_tbplay.json
widget_v8.js
.js
windmill.worker.js
.js
workerjs_multiworker.js
.js
workerjs_v8.js
.js
yuv2rgb.frag
yuv2rgb.vert

Android Permissions

495a0621b2afc6adefbf17dc6c3cf5e92ba8227ac6939a20439b1b9dde878617.apk

Permissions

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_PHONE_NUMBERS

android.permission.CALL_PHONE

android.permission.READ_CONTACTS

android.permission.QUERY_ALL_PACKAGES

android.permission.GET_ACCOUNTS

android.permission.DISABLE_KEYGUARD

android.permission.GET_TASKS

android.permission.SEND_SMS

android.permission.FOREGROUND_SERVICE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.INTERNET

android.permission.WAKE_LOCK

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.READ_PHONE_STATE

android.permission.QUICKBOOT_POWERON

android.permission.RECEIVE_SMS

android.permission.ACTION_MANAGE_OVERLAY_PERMISSION

android.permission.ACCESS_WIFI_STATE

android.permission.REQUEST_DELETE_PACKAGES

android.permission.RECEIVE_LAUNCH_BROADCASTS

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS

android.permission.READ_SMS

android.permission.REQUEST_INSTALL_PACKAGES

Sharing

General

Malware Config

Signatures

Files

com.tafupqzpqgmn.tmnhkq

com.tafupqzpqgmn.tmnhkq.lacuyenihiwega

Activities

com.tafupqzpqgmn.tmnhkq.gejaxo.yalanacagoxefu

com.tafupqzpqgmn.tmnhkq.lacuyenihiwega

com.tafupqzpqgmn.tmnhkq.jehi.tevigozevavuhebu

Permissions

Receivers

com.tafupqzpqgmn.tmnhkq.lahuwuyahubo.powisulumufe

com.tafupqzpqgmn.tmnhkq.guguvatahavawa.wipiraxaha

com.tafupqzpqgmn.tmnhkq.jehi.royo

com.tafupqzpqgmn.tmnhkq.lahuwuyahubo.mazowoziwu

com.tafupqzpqgmn.tmnhkq.jehi.waxo

com.tafupqzpqgmn.tmnhkq.lahuwuyahubo.napo

Services

com.tafupqzpqgmn.tmnhkq.jehi.ledideloweni

com.tafupqzpqgmn.tmnhkq.feda.zivemeji

Android Permissions

495a0621b2afc6adefbf17dc6c3cf5e92ba8227ac6939a20439b1b9dde878617.apk