46544c1aaf9eaa6806dafc4ca730ce9cc7d3937551a3366b063980d1d870f4d4[.]apk[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

46544c1aaf9eaa6806dafc4ca730ce9cc7d3937551a3366b063980d1d870f4d4.apk.zip
Size

27.1MB
MD5

1e6261dcc101f79674d5d8da3b73f131
SHA1

c524005d22abeb817c871478dd7cc4c73f359705
SHA256

990cb3e976761942839fb6f61a3603993015f0569b48167a5b7a173b20970c1b
SHA512

1ec851b7817139fcab5e8f174d564804ca3a7285b356983a8dc2789aedb0e74c41f6591992c9a4601b05623e8c85d33e8d401efed485cdaaa36b08523a1b1225
SSDEEP

786432:LdXqD/uc/0bDZJcqhMeEoKM7dBdxMBNmXepyMGT:LdXTRZJVbQ0LxML3yl

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 16 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to see the number being dialed during an outgoing call with the option to redirect the call to a different number or abort the call altogether.	android.permission.PROCESS_OUTGOING_CALLS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Required to be able to access the camera device.	android.permission.CAMERA
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS

Files

46544c1aaf9eaa6806dafc4ca730ce9cc7d3937551a3366b063980d1d870f4d4.apk.zip
.zip

Password: infected
46544c1aaf9eaa6806dafc4ca730ce9cc7d3937551a3366b063980d1d870f4d4.apk
.apk android arch:x86 arch:arm

com.com.quanminjianghu

com.cyjh.elfin.ui.activity.SplashActivity

Activities

com.cyjh.elfin.ui.activity.SplashActivity

android.intent.action.MAIN

com.elfin.ad.activity.FullScreenTwoAdActivity

com.elfin.ad.activity.FullScreenTwoAdActivity

Permissions

android.permission.RECEIVE_BOOT_COMPLETED
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.VIBRATE
android.permission.WAKE_LOCK
android.permission.READ_PHONE_STATE
android.permission.PROCESS_OUTGOING_CALLS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.INTERACT_ACROSS_USERS_FULL
android.permission.CHANGE_WIFI_MULTICAST_STATE
android.permission.READ_SMS
android.permission.SEND_SMS
android.permission.CALL_PHONE
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.GET_TASKS
android.permission.WRITE_SECURE_SETTINGS
android.permission.WRITE_SETTINGS
android.permission.READ_EXTERNAL_STORAGE
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_UPDATES
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.ACCESS_MOCK_LOCATION
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.RECORD_AUDIO
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.FOREGROUND_SERVICE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.CAMERA
android.permission.READ_PRIVILEGED_PHONE_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.DISABLE_KEYGUARD
android.permission.BROADCAST_STICKY
android.permission.GET_ACCOUNTS
android.permission.WRITE_INTERNAL_STORAGE
android.permission.READ_INTERNAL_STORAGE
android.permission.READ_USER_DICTIONARY
android.permission.ACCESS_MTK_MMHW
android.permission.DIAGNOSTIC
android.permission.ACCESS_CACHE_FILESYSTEM
android.permission.SAMSUNG_TUNTAP
android.permission.READ_CONTACTS
android.permission.WRITE_CONTACTS
android.permission.PACKAGE_USAGE_STATS

Receivers

com.cyjh.elfin.broadcast.BootBroadcast

android.intent.action.BOOT_COMPLETED

Services

com.cyjh.elfin.floatingwindowprocess.service.FloatingWindowService

com.cyjh.elfin.services.assist_service

com.didi.virtualapk.delegate.RemoteService

com.cyjh.elfin.intent.ACTION_DAEMON_SERVICE

com.ime.input.InputKb

android.view.InputMethod
AdDex.4.0.1.dex
.dex
DaemonClient.zip
.apk android
Inject
.elf linux arm
OnewaySdk.jar
.apk android
TinyCnnModel
app-release.apk
.apk android

com.lbh.starapp

Permissions

android.permission.READ_CONTACTS
android.permission.WRITE_CONTACTS
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED

Receivers

com.base.test.BOOTReceiver

android.intent.action.BOOT_COMPLETED
config.txt
hookzygote.apk
.apk android
inject7
.elf linux x64
inject9
.elf linux x64
libgoldcoast.so
.elf linux aarch64
libyafa.so
.elf linux x64
libzygote.so
.elf linux x64
litepal.xml
.xml
script.atc
.zip
script.info
script.lc
script.prop
script.uip
supplierconfig.json
test.apk
.apk android

com.cyjh.dump

com.cyjh.dump.MainActivity

Activities

com.cyjh.dump.MainActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
tt_mime_type.pro

Sharing

General

Malware Config

Signatures

Files

Password: infected

com.com.quanminjianghu

com.cyjh.elfin.ui.activity.SplashActivity

Activities

com.cyjh.elfin.ui.activity.SplashActivity

com.elfin.ad.activity.FullScreenTwoAdActivity

Permissions

Receivers

com.cyjh.elfin.broadcast.BootBroadcast

Services

com.cyjh.elfin.floatingwindowprocess.service.FloatingWindowService

com.didi.virtualapk.delegate.RemoteService

com.ime.input.InputKb

com.lbh.starapp

Permissions

Receivers

com.base.test.BOOTReceiver

com.cyjh.dump

com.cyjh.dump.MainActivity

Activities

com.cyjh.dump.MainActivity

Permissions