TCQLDD[.]apk | Triage

Sharing

Copy URL Twitter E-mail

General

Target

TCQLDD.apk
Size

17.3MB
MD5

da32d2f661e61fb8daa1b745ec711e0d
SHA1

e1a4c05d3c16c568594e04c65455d2a5ecea3fda
SHA256

2792a30e0b600d0f9320c24c98f5c8f43bc19df1843e6bc15410836cd98cc00c
SHA512

77281db501bf54c42e13c0c71d9d5dad81b0da043ad6593b28528ca7e100688eef7459f8f54cc723d695656807c84fa546dbca24ee90c72494de161b3a741c1a
SSDEEP

393216:ofT68XluB8q4PvVNHXqqaHuvb8qqaHuvbV84IKQQ7juJ:oLrEB8V7amhmB84IkyJ

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 5 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE

Files

TCQLDD.apk
.apk android arch:arm64 arch:arm

cmbhql.nlrjyowx.wmx

com.yiwuzhibo.activity.SplashActivity

Activities

com.yiwuzhibo.activity.SplashActivity

android.intent.action.MAIN

com.yiwuzhibo.activity.CheckPermissionActivity

android.intent.action.check_permission

Permissions

android.permission.BIND_ACCESSIBILITY_SERVICE
android.permission.REQUEST_DELETE_PACKAGES
android.permission.QUERY_ALL_PACKAGES
android.permission.GET_INSTALLED_APPS
android.permission.VIBRATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.GRANT_RUNTIME_PERMISSIONS
android.permission.DISABLE_KEYGUARD
android.permission.WAKE_LOCK
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.SYSTEM_ALERT_WINDOW
android.permission.WRITE_SETTINGS
android.permission.FOREGROUND_SERVICE
android.permission.READ_SMS
android.permission.SEND_SMS
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.USE_FULL_SCREEN_INTENT
android.permission.SET_WALLPAPER
android.permission.CALL_PHONE
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.INTERNET
android.permission.BATTERY_STATS
android.permission.PACKAGE_USAGE_STATS

Receivers

com.yiwuzhibo.receiver.GlobalBroadcast

com.yiwuzhibo.show.dialog
com.yiwuzhibo.close.dialog

com.yiwuzhibo.receiver.AutoRestart

android.intent.action.BOOT_COMPLETED

Services

com.xingchat.android.controller.OpenService

cjnofdanfonoafd.hfmphfphfmhpf.gdnaogdaon

com.yiwuzhibo.controller.TouchAccessibilityService

android.accessibilityservice.AccessibilityService

com.blankj.utilcode.util.MessengerUtils$ServerService

cmbhql.nlrjyowx.wmx.messenger
kqkticwjgzy.dat
l597c37ee_a32.so
.elf linux arm
l597c37ee_a64.so
.elf linux aarch64
l597c37ee_x64.so
.elf linux x64
l597c37ee_x86.so
.elf linux x86

Android Permissions

TCQLDD.apk

Permissions

android.permission.BIND_ACCESSIBILITY_SERVICE

android.permission.REQUEST_DELETE_PACKAGES

android.permission.QUERY_ALL_PACKAGES

android.permission.GET_INSTALLED_APPS

android.permission.VIBRATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.GRANT_RUNTIME_PERMISSIONS

android.permission.DISABLE_KEYGUARD

android.permission.WAKE_LOCK

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.SYSTEM_ALERT_WINDOW

android.permission.WRITE_SETTINGS

android.permission.FOREGROUND_SERVICE

android.permission.READ_SMS

android.permission.SEND_SMS

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.USE_FULL_SCREEN_INTENT

android.permission.SET_WALLPAPER

android.permission.CALL_PHONE

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.INTERNET

android.permission.BATTERY_STATS

android.permission.PACKAGE_USAGE_STATS

Sharing

General

Malware Config

Signatures

Files

cmbhql.nlrjyowx.wmx

com.yiwuzhibo.activity.SplashActivity

Activities

com.yiwuzhibo.activity.SplashActivity

com.yiwuzhibo.activity.CheckPermissionActivity

Permissions

Receivers

com.yiwuzhibo.receiver.GlobalBroadcast

com.yiwuzhibo.receiver.AutoRestart

Services

com.xingchat.android.controller.OpenService

com.yiwuzhibo.controller.TouchAccessibilityService

com.blankj.utilcode.util.MessengerUtils$ServerService

Android Permissions

TCQLDD.apk