2b0bd5645bbbb9d18937d6e3a58abd0b[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

2b0bd5645bbbb9d18937d6e3a58abd0b.bin
Size

3.7MB
MD5

2b0bd5645bbbb9d18937d6e3a58abd0b
SHA1

c95ad429c4e6c9c36257d5930234b9983dc3b76c
SHA256

84e675c027bb88d96f25b51c6de7190d1bd16d1bca16a294659f2834b4935535
SHA512

84f01bcb24774dd8a3ec794585feb4f8e66cfee3c8ef0d1403ebab0291548a7daa3a1a080d6f812c757eadb9b0cbe470cf3683ed31620e42b66b48eb59a263f4
SSDEEP

98304:HUhOgetr6PbLVr6AKyNtzoosE3ruFVUjCoq53N48BgKg:0sSbLTcosE3rsSjCo4N4Ug

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 12 IoCs

Processes:

description	ioc
Required to be able to access the camera device.	android.permission.CAMERA
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access location in the background.	android.permission.ACCESS_BACKGROUND_LOCATION

Files

2b0bd5645bbbb9d18937d6e3a58abd0b.bin
.apk android

Password: infected

net.zyxd.lxzs

.SplashActivity

Activities

.SplashActivity

android.intent.action.MAIN

cn.jpush.android.ui.PopWinActivity

cn.jpush.android.ui.PopWinActivity

cn.jpush.android.ui.PushActivity

cn.jpush.android.ui.PushActivity

cn.jpush.android.service.JNotifyActivity

cn.jpush.android.intent.JNotifyActivity

cn.jpush.android.service.DActivity

cn.jpush.android.intent.DActivity

Permissions

android.permission.USE_FINGERPRINT
android.permission.MANAGE_FINGERPRINT
android.permission.RESET_FINGERPRINT_LOCKOUT
android.permission.CAMERA
net.zyxd.lxzs.permission.JPUSH_MESSAGE
android.permission.RECEIVE_USER_PRESENT
android.permission.INTERNET
android.permission.WAKE_LOCK
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_SETTINGS
android.permission.VIBRATE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.ACCESS_COARSE_LOCATION
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.CHANGE_NETWORK_STATE
android.permission.GET_TASKS
android.permission.CHANGE_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.DISABLE_KEYGUARD
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.WRITE_SYNC_SETTINGS
android.permission.WRITE_OWNER_DATA
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.READ_SETTINGS
android.permission.RECEIVE_USER_PRESENT
android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_SETTINGS
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
com.huawei.android.launcher.permission.CHANGE_BADGE
android.permission.VIBRATE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.ACCESS_COARSE_LOCATION
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_BACKGROUND_LOCATION
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.CHANGE_NETWORK_STATE
android.permission.GET_TASKS
android.permission.QUERY_ALL_PACKAGES

Receivers

cn.jpush.android.service.PushReceiver

cn.jpush.android.intent.NOTIFICATION_RECEIVED_PROXY
android.intent.action.USER_PRESENT
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED

Services

cn.jpush.android.service.PushService

cn.jpush.android.intent.REGISTER
cn.jpush.android.intent.REPORT
cn.jpush.android.intent.PushService
cn.jpush.android.intent.PUSH_TIME

cn.jpush.android.service.DaemonService

cn.jpush.android.intent.DaemonService
.appkey
index.html
libjiagu.so
.elf linux arm
libjiagu_a64.so
.elf linux aarch64
libjiagu_x64.so
.elf linux x64
libjiagu_x86.so
.elf linux x86

Android Permissions

2b0bd5645bbbb9d18937d6e3a58abd0b.bin

Permissions

android.permission.USE_FINGERPRINT

android.permission.MANAGE_FINGERPRINT

android.permission.RESET_FINGERPRINT_LOCKOUT

android.permission.CAMERA

net.zyxd.lxzs.permission.JPUSH_MESSAGE

android.permission.RECEIVE_USER_PRESENT

android.permission.INTERNET

android.permission.WAKE_LOCK

android.permission.READ_PHONE_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_SETTINGS

android.permission.VIBRATE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.ACCESS_COARSE_LOCATION

android.permission.CHANGE_WIFI_STATE

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_LOCATION_EXTRA_COMMANDS

android.permission.CHANGE_NETWORK_STATE

android.permission.GET_TASKS

android.permission.CHANGE_WIFI_STATE

android.permission.CHANGE_NETWORK_STATE

android.permission.DISABLE_KEYGUARD

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.WRITE_SYNC_SETTINGS

android.permission.WRITE_OWNER_DATA

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher.permission.READ_SETTINGS

android.permission.RECEIVE_USER_PRESENT

android.permission.INTERNET

android.permission.READ_PHONE_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_SETTINGS

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

com.huawei.android.launcher.permission.CHANGE_BADGE

android.permission.VIBRATE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.ACCESS_COARSE_LOCATION

android.permission.CHANGE_WIFI_STATE

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_BACKGROUND_LOCATION

android.permission.ACCESS_LOCATION_EXTRA_COMMANDS

android.permission.CHANGE_NETWORK_STATE

Sharing

General

Malware Config

Signatures

Files

Password: infected

net.zyxd.lxzs

.SplashActivity

Activities

.SplashActivity

cn.jpush.android.ui.PopWinActivity

cn.jpush.android.ui.PushActivity

cn.jpush.android.service.JNotifyActivity

cn.jpush.android.service.DActivity

Permissions

Receivers

cn.jpush.android.service.PushReceiver

Services

cn.jpush.android.service.PushService

cn.jpush.android.service.DaemonService

Android Permissions

2b0bd5645bbbb9d18937d6e3a58abd0b.bin