610b3fd967370eac87adc386822b5548[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

610b3fd967370eac87adc386822b5548.bin
Size

25.0MB
MD5

610b3fd967370eac87adc386822b5548
SHA1

d156eb32c8ea6f9d9f9fa4ff52cc8a12e00706b1
SHA256

a1f68d5b017e1c83f1d52b87d186197b0b8dc98d923478424f65a9471d8ba0bf
SHA512

a162af9d791bcbe31715f2068c81c7ce0c67bcd1a1f4bb2f4c316fb04b433fef43447948794cc1cbbef310bbf651499ad77744047272b7549cce04bcef9264b7
SSDEEP

786432:oJjePd9bc9b7z6jdYBRzC3iPhWsawEdUesBUSX:Wkd9byWjdYTzC3vaOUYSX

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 8 IoCs

description	ioc
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an app to post notifications.	android.permission.POST_NOTIFICATIONS
Allows an application to record audio.	android.permission.RECORD_AUDIO

Files

610b3fd967370eac87adc386822b5548.bin
.zip

Password: infected
com.einnovation.temu.apk
.apk android

Password: infected

com.einnovation.temu

com.baogong.splash.activity.MainFrameActivity

Activities

com.baogong.activity.NewPageActivity

com.einnovation.whaleco.ACTION_NEW_PAGE_ACTIVITY

com.baogong.activity.NewPageMaskActivity

com.einnovation.whaleco.ACTION_NEW_PAGE_MASK_ACTIVITY

com.facebook.CustomTabActivity

android.intent.action.VIEW
android.intent.action.VIEW

com.baogong.splash.activity.MainFrameActivity

android.intent.action.MAIN
com.aimi.android.ACTION_NEW_PAGE_ACTIVITY
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.CAMERA
android.permission.BLUETOOTH
android.permission.READ_CONTACTS
android.permission.WAKE_LOCK
com.google.android.gms.permission.AD_ID
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
android.permission.VIBRATE
android.permission.SCHEDULE_EXACT_ALARM
android.permission.HIGH_SAMPLING_RATE_SENSORS
com.adjust.preinstall.READ_PERMISSION
android.permission.AUTHENTICATE_ACCOUNTS
android.permission.MANAGE_ACCOUNTS
android.permission.WRITE_SYNC_SETTINGS
android.permission.READ_SYNC_SETTINGS
android.permission.RECEIVE_BOOT_COMPLETED
com.google.android.c2dm.permission.RECEIVE
android.permission.POST_NOTIFICATIONS
android.permission.RECORD_AUDIO
com.sec.android.provider.badge.permission.READ
com.sec.android.provider.badge.permission.WRITE
com.huawei.android.launcher.permission.WRITE_SETTINGS
com.huawei.android.launcher.permission.READ_SETTINGS
com.huawei.android.launcher.permission.CHANGE_BADGE
com.vivo.notification.permission.BADGE_ICON
com.einnovation.temu.remote_config

Receivers

com.einnovation.temu.receiver.tea.SystemReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
android.intent.action.INSTALL_PACKAGE
android.intent.action.MEDIA_MOUNTED
android.intent.action.MEDIA_UNMOUNTED
android.intent.action.MEDIA_CHECKING
android.intent.action.MEDIA_EJECT
android.intent.action.TIME_SET
android.app.action.NEXT_ALARM_CLOCK_CHANGED
android.intent.action.BOOT_COMPLETED
android.intent.action.USER_PRESENT
android.intent.action.SCREEN_ON
android.intent.action.SCREEN_OFF
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.BATTERY_LOW
android.intent.action.BATTERY_CHANGED
android.intent.action.BATTERY_OKAY
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED
com.android.launcher.action.INSTALL_SHORTCUT
com.android.launcher.action.UNINSTALL_SHORTCUT
android.appwidget.action.APPWIDGET_UPDATE
android.bluetooth.adapter.action.STATE_CHANGED

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

com.facebook.sdk.ACTION_CURRENT_ACCESS_TOKEN_CHANGED

com.facebook.AuthenticationTokenManager$CurrentAuthenticationTokenChangedBroadcastReceiver

com.facebook.sdk.ACTION_CURRENT_AUTHENTICATION_TOKEN_CHANGED

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

com.einnovation.whaleco.web.resourceprefetch.ResourcePrefetchBroadcastReceiver

com.xunmeng.pinduoduo.uno.TRY_INIT_WEBVIEW_KERNEL

meco.core.dex.MecoBroadcastManager

com.android.meco.MECO_DEX_PATH_ERROR

Services

com.baogong.push.WhaleCoFirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.einnovation.temu.service.tide.UserAuthService

android.accounts.AccountAuthenticator

com.einnovation.temu.service.tide.UserModuleService

android.content.SyncAdapter

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT
baseline.prof
baseline.profm
camera_model_configs.json
check.bin
com.baogong.web.zip
.zip

Password: infected
com.baogong.web.manifest
com.baogong.web.md5checker
web-416061da86f89b0454b71f6f88c1497a
com.threatmetrix.TrustDefender.RL.TMXModuleInitializerInterface
com.threatmetrix.TrustDefender.RL.TMXProfilingConnectionsInterface
datura_petal_materials
default_region_entity.json
default_region_list.json
event_token.json
iconfont.ttf
index.html
.html
index_catch.html
.html .js
json.config
mango_config.json
mango_config_meta.json
personal_default_data.txt
setting_service_signed_in.json
setting_service_signed_out.json
so_uuid
timezone_map.json
version.json
config.armeabi_v7a.apk
.apk android arch:arm

Password: infected

com.einnovation.temu
config.xxhdpi.apk
.apk android

Password: infected

com.einnovation.temu
icon.png
.png
manifest.json

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

com.einnovation.temu

com.baogong.splash.activity.MainFrameActivity

Activities

com.baogong.activity.NewPageActivity

com.baogong.activity.NewPageMaskActivity

com.facebook.CustomTabActivity

com.baogong.splash.activity.MainFrameActivity

Permissions

Receivers

com.einnovation.temu.receiver.tea.SystemReceiver

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

com.facebook.AuthenticationTokenManager$CurrentAuthenticationTokenChangedBroadcastReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.einnovation.whaleco.web.resourceprefetch.ResourcePrefetchBroadcastReceiver

meco.core.dex.MecoBroadcastManager

Services

com.baogong.push.WhaleCoFirebaseMessagingService

com.einnovation.temu.service.tide.UserAuthService

com.einnovation.temu.service.tide.UserModuleService

com.google.firebase.messaging.FirebaseMessagingService

Password: infected

Password: infected

com.einnovation.temu

Password: infected

com.einnovation.temu