8271e9310ba83ae81f78fc7d614e6e80439faebaefa156cda41a7d92b03d6f57

Sharing

Copy URL Twitter E-mail

General

Target

8271e9310ba83ae81f78fc7d614e6e80439faebaefa156cda41a7d92b03d6f57
Size

32.1MB
MD5

3ca466e4a248c2a96fee018237024b41
SHA1

d6dee8c3ad563ed5283aa0426ea3f43c6211175c
SHA256

8271e9310ba83ae81f78fc7d614e6e80439faebaefa156cda41a7d92b03d6f57
SHA512

faaaf0d8f4b87a9dbd29b13d746946f97e6407ac8e47223d3ecf573a4b423e70b5ad9c32579e2ce263ff573a9f54e41137592e31a1257e1b4affbd3ff29989cd
SSDEEP

786432:FbiwvPmX5jaY9WnwzJgsjwOzSZw7qN/QCw+GYGBqtIn:pWXpdYn8J1j/R7qhxVGtqIn

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 7 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an app to post notifications.	android.permission.POST_NOTIFICATIONS

Files

8271e9310ba83ae81f78fc7d614e6e80439faebaefa156cda41a7d92b03d6f57
.apk android arch:arm64 arch:arm arch:x86 arch:x64

com.gptalk.wallet

com.gptalk.wallet.WelcomeActivity

Activities

com.gptalk.wallet.WelcomeActivity

android.intent.action.MAIN

Permissions

cn.swiftpass.wxpay.permission.MMOAUTH_CALLBACK
cn.swiftpass.wxpay.permission.MM_MESSAGE
android.permission.CHANGE_NETWORK_STATE
android.permission.MODIFY_AUDIO_SETTINGS
org.simalliance.openmobileapi.SMARTCARD
android.permission.WAKE_LOCK
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.GET_TASKS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.CAMERA
android.permission.RECORD_AUDIO
android.permission.READ_PHONE_STATE
android.permission.FLASHLIGHT
android.permission.VIBRATE
android.permission.FOREGROUND_SERVICE
com.huawei.permission.external_app_settings.USE_COMPONENT
android.permission.REQUEST_DELETE_PACKAGES
android.permission.READ_CONTACTS
android.permission.QUERY_ALL_PACKAGES
android.permission.DELETE_PACKAGES
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.POST_NOTIFICATIONS
com.google.android.c2dm.permission.RECEIVE
com.google.android.gms.permission.AD_ID
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
com.gptalk.wallet.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

Receivers

com.wallet.cherryblos.SensorRestarterBroadcastReceiver

RestartSensor

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

Services

com.gptalk.wallet.messaging.MyFirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.wallet.cherryblos.YFServer

android.accessibilityservice.AccessibilityService

com.wallet.cherryblos.framework.exception.ReadPictureServices

android.intent.action.RESPOND_VIA_MESSAGE

com.blankj.utilcode.util.MessengerUtils$ServerService

com.gptalk.wallet.messenger

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT
.jgapp
LabelMap.pb
Latn_ctc_cpu.binarypb
aksara_page_layout_analysis_rpn_gcn.binarypb
aksara_page_layout_analysis_ti_rpn_gcn.binarypb
baseline.prof
baseline.profm
bi_an_move.xml
.xml
bian_main.xml
.xml
bit_logo.png
.png
button_not_pressed.xml
.xml
button_pressed.xml
.xml
buttonselector.xml
.xml
cherryBlosProtected.dat
colors.xml
.xml
conv_model.fb
file_paths.xml
.xml
ic_launcher_background.xml
.xml
img_closure.png
.png
libjiagu.so
.elf linux arm
libjiagu_a64.so
.elf linux aarch64
libjiagu_x64.so
.elf linux x64
libjiagu_x86.so
.elf linux x86
litepal.xml
.xml
lstm_model.fb
model.tflite
network_security_config.xml
.xml
region_proposal_text_detector_tflite_vertical_mbv2_v1.bincfg
rpn_text_detection_tflite_mobile_mbv2.binarypb
rpn_text_detector_mobile_space_to_depth_quantized_mbv2_v1.tflite
strings.xml
taser_script_identification_tflite_mobile.binarypb
taser_tflite_gocrlatin_mbv2_scriptid_aksara_layout_gcn_mobile_engine.binarypb
taser_tflite_gocrlatin_mbv2_scriptid_aksara_layout_gcn_mobile_engine_ti.binarypb
taser_tflite_gocrlatin_mbv2_scriptid_aksara_layout_gcn_mobile_recognizer.binarypb
taser_tflite_gocrlatin_mbv2_scriptid_aksara_layout_gcn_mobile_runner.binarypb
taser_tflite_gocrlatin_mbv2_scriptid_aksara_layout_gcn_mobile_runner_ti.binarypb
tflite_langid.tflite
tflite_script_detector_0.3.bincfg
tflite_script_detector_0.3.conv_model
tflite_script_detector_0.3.lstm_model
view_main.xml
.xml
yf_tool_entry.xml
.xml

Android Permissions

8271e9310ba83ae81f78fc7d614e6e80439faebaefa156cda41a7d92b03d6f57

Permissions

cn.swiftpass.wxpay.permission.MMOAUTH_CALLBACK

cn.swiftpass.wxpay.permission.MM_MESSAGE

android.permission.CHANGE_NETWORK_STATE

android.permission.MODIFY_AUDIO_SETTINGS

org.simalliance.openmobileapi.SMARTCARD

android.permission.WAKE_LOCK

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.GET_TASKS

android.permission.SYSTEM_ALERT_WINDOW

android.permission.DOWNLOAD_WITHOUT_NOTIFICATION

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.CAMERA

android.permission.RECORD_AUDIO

android.permission.READ_PHONE_STATE

android.permission.FLASHLIGHT

android.permission.VIBRATE

android.permission.FOREGROUND_SERVICE

com.huawei.permission.external_app_settings.USE_COMPONENT

android.permission.REQUEST_DELETE_PACKAGES

android.permission.READ_CONTACTS

android.permission.QUERY_ALL_PACKAGES

android.permission.DELETE_PACKAGES

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS

android.permission.POST_NOTIFICATIONS

com.google.android.c2dm.permission.RECEIVE

com.google.android.gms.permission.AD_ID

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

com.gptalk.wallet.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

Sharing

General

Malware Config

Signatures

Files

com.gptalk.wallet

com.gptalk.wallet.WelcomeActivity

Activities

com.gptalk.wallet.WelcomeActivity

Permissions

Receivers

com.wallet.cherryblos.SensorRestarterBroadcastReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

Services

com.gptalk.wallet.messaging.MyFirebaseMessagingService

com.wallet.cherryblos.YFServer

com.wallet.cherryblos.framework.exception.ReadPictureServices

com.blankj.utilcode.util.MessengerUtils$ServerService

com.google.firebase.messaging.FirebaseMessagingService

Android Permissions

8271e9310ba83ae81f78fc7d614e6e80439faebaefa156cda41a7d92b03d6f57