f2775345619b18bf497705639e98244f5683d81135195d7223f1bca8c64b6767[.]apk[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

f2775345619b18bf497705639e98244f5683d81135195d7223f1bca8c64b6767.apk.zip
Size

53.7MB
MD5

4fd523d809507ca10e85deec492ccb50
SHA1

ec938c7401b42e5ecdbd691862b8488fcf6ff916
SHA256

3272b29090b0fc96acade796540f84b7d284c665cfbbe186b7e50646d065d242
SHA512

7d3f56699f532001e1efc0ada51b709b7986a3f824fbb3b403f3606b9a5fa3be96b1dcf86107b9d1460478637805b0902cc182c848e0bc675643fbc042921877
SSDEEP

1572864:zf/aHC4+DJtw45w/iR5mppVzAjIaBqfrOyZjC7WVnO:zf/KZ+tQKG2+IWc

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 7 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to write the user's calendar data.	android.permission.WRITE_CALENDAR
Allows an application to record audio.	android.permission.RECORD_AUDIO

Files

f2775345619b18bf497705639e98244f5683d81135195d7223f1bca8c64b6767.apk.zip
.zip

Password: infected
f2775345619b18bf497705639e98244f5683d81135195d7223f1bca8c64b6767.apk
.apk android arch:arm64 arch:arm

com.jym.mall

com.jym.mall.launch.LaunchActivity

Activities

com.jym.mall.imnative.activity.NativeChatActivity

com.jym.mall.imnative.activity.NativeChatActivity

com.jym.mall.activity.AboutWebActivity

com.jym.mall.activity.AboutWebActivity

com.jym.mall.activity.NorefreshActivity

com.jym.mall.activity.NorefreshActivity

com.jym.mall.activity.DetailActivity

com.jym.mall.activity.DetailActivity

com.jym.mall.activity.NoTitleWebActivity

com.jym.mall.activity.NoTitleWebActivity

com.jym.mall.activity.NoTitleAndRefreshWebActivity

com.jym.mall.activity.NoTitleAndRefreshWebActivity

com.jym.mall.activity.ChatActivity

com.jym.mall.activity.ChatActivity

com.jym.mall.login.ui.BindMobileActivity

com.jym.mall.activity.login.ui.BindMobileActivity

com.jym.mall.seller.ui.SellerActivity

com.jym.mall.seller.ui.SellerActivity

com.tencent.tauth.AuthActivity

android.intent.action.VIEW
android.intent.action.VIEW

com.jym.mall.launch.LaunchActivity

android.intent.action.MAIN
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

com.alibaba.wireless.security.open.middletier.fc.ui.ContainerActivity

com.alibaba.wireless.security.open.middletier.fc.ui.BXIntentResult4323
com.alibaba.wireless.security.open.middletier.fc.ui.BXIntentCreate4323
com.alibaba.wireless.security.open.middletier.fc.ui.BXIntentLog4323

com.ali.user.mobile.register.ui.AliUserRegisterActivity

android.intent.action.VIEW

com.ali.user.mobile.register.ui.AliUserRegisterChoiceRegionActivity

android.intent.action.VIEW

com.ali.user.mobile.webview.SnsAuthWebViewActivity

com.aliuser.sns.auth

com.sina.weibo.sdk.share.WbShareTransActivity

com.sina.weibo.sdk.action.ACTION_SDK_REQ_ACTIVITY

com.sina.weibo.sdk.share.WbShareToStoryActivity

com.sina.weibo.sdk.action.ACTION_SDK_REQ_STORY

com.taobao.login4android.scan.QrScanActivity

android.intent.action.VIEW

com.taobao.tao.flexbox.layoutmanager.actionservice.activity.PreviewActivity

android.intent.action.VIEW
com.tmall.wireless.action.navigator.INTERNAL_NAVIGATION

Permissions

android.permission.BROADCAST_CLOSE_SYSTEM_DIALOGS
android.permission.INTERNET
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.SYSTEM_OVERLAY_WINDOW
android.permission.WRITE_SETTINGS
android.permission.ACCESS_WIFI_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WAKE_LOCK
android.permission.READ_PHONE_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.BROADCAST_PACKAGE_ADDED
android.permission.BROADCAST_PACKAGE_CHANGED
android.permission.BROADCAST_PACKAGE_INSTALL
android.permission.BROADCAST_PACKAGE_REPLACED
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.VIBRATE
android.permission.FLASHLIGHT
android.permission.READ_SETTINGS
android.permission.CHANGE_CONFIGURATION
android.permission.BROADCAST_STICKY
android.permission.BLUETOOTH
android.permission.INTERACT_ACROSS_USERS
android.permission.ACCESS_FINE_LOCATION
android.permission.PACKAGE_USAGE_STATS
android.permission.CLEAR_APP_CACHE
com.taobao.statistic.permission.DEVICE_STATE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.CAMERA
android.permission.FOREGROUND_SERVICE
android.permission.WRITE_CALENDAR
android.permission.RECORD_AUDIO
com.jym.mall.permission.MIPUSH_RECEIVE
com.coloros.mcs.permission.RECIEVE_MCS_MESSAGE
com.heytap.mcs.permission.RECIEVE_MCS_MESSAGE
com.vivo.notification.permission.BADGE_ICON
com.meizu.flyme.push.permission.RECEIVE
com.jym.mall.push.permission.MESSAGE
com.meizu.c2dm.permission.RECEIVE
com.jym.mall.permission.C2D_MESSAGE
com.jym.mall.permission.PROCESS_PUSH_MSG
com.jym.mall.permission.PUSH_PROVIDER
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.BLUETOOTH_ADMIN
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.CAPTURE_VIDEO_OUTPUT
com.huawei.appmarket.service.commondata.permission.GET_COMMON_DATA

Receivers

com.jym.mall.app.network.NetworkStatusChangedReceiver

android.NET.conn.CONNECTIVITY_CHANGE
android.Net.wifi.WIFI_STATE_CHANGED
android.net.wifi.STATE_CHANGE

com.jym.mall.receiver.NoteReceiver

com.jym.jymall.cancelnote
com.jym.jymall.LOG_SWITCH

com.taobao.accs.EventReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_REMOVED
android.intent.action.USER_PRESENT

com.taobao.accs.ServiceReceiver

com.taobao.accs.intent.action.COMMAND
com.taobao.accs.intent.action.START_FROM_AGOO

com.taobao.agoo.AgooCommondReceiver

com.jym.mall.intent.action.COMMAND
android.intent.action.PACKAGE_REMOVED

com.jym.push.agoo.AgooMessageReceiver

com.jym.mall.agoopush

com.xiaomi.push.service.receivers.NetworkStatusReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.xiaomi.push.service.receivers.PingReceiver

com.xiaomi.push.PING_TIMER

org.android.agoo.xiaomi.MiPushBroadcastReceiver

com.xiaomi.mipush.RECEIVE_MESSAGE
com.xiaomi.mipush.MESSAGE_ARRIVED
com.xiaomi.mipush.ERROR

org.android.agoo.vivo.PushMessageReceiverImpl

com.vivo.pushclient.action.RECEIVE

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

android.net.conn.CONNECTIVITY_CHANGE

androidx.work.impl.background.systemalarm.RescheduleReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.background.systemalarm.UpdateProxies

com.huawei.hms.support.api.push.PushMsgReceiver

com.huawei.intent.action.PUSH_DELAY_NOTIFY
com.huawei.intent.action.PUSH

com.huawei.hms.support.api.push.PushReceiver

com.huawei.android.push.intent.REGISTRATION
com.huawei.android.push.intent.RECEIVE

com.ali.user.open.receiver.SessionSyncReceiver

aliuser_sync_session

com.alv.foun.PhoenixBroadcastReceiver

android.intent.action.USER_PRESENT
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED
android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
com.alv.foun.ACTION_WAKE_UP_ALARM

com.taobao.tao.powermsg.PowerMsgReceiver

TAOBAO_DELAY_START_POWMSG
com.taobao.tao.messagkit.receive

Services

com.jym.mall.push.service.NetService

com.jym.mall.push.service.NetService

anetwork.channel.aidl.NetworkService

anetwork.channel.aidl.IRemoteNetworkGetter

mtopsdk.xstate.XStateService

mtopsdk.xstate.aidl.IXState

com.taobao.orange.service.OrangeApiService

com.taobao.orange.service.OrangeApiService

com.jym.mall.daemon.account.AuthenticationService

android.accounts.AccountAuthenticator

com.jym.mall.daemon.account.SyncService

android.content.SyncAdapter

com.taobao.accs.ChannelService

com.taobao.accs.intent.action.SERVICE

com.taobao.accs.data.MsgDistributeService

com.taobao.accs.intent.action.RECEIVE

org.android.agoo.accs.AgooService

com.taobao.accs.intent.action.RECEIVE

com.taobao.agoo.TaobaoMessageIntentReceiverService

org.android.agoo.client.MessageReceiverService

com.jym.mall.CustomAgooIntentService

org.agoo.android.intent.action.RECEIVE

com.r2.diablo.live.livestream.adapterImpl.message.ACCSReceiverService

com.taobao.accs.intent.action.RECEIVE

com.huawei.hms.support.api.push.service.HmsMsgService

com.huawei.push.msg.NOTIFY_MSG
com.huawei.push.msg.PASSBY_MSG

org.android.agoo.huawei.HuaweiPushMessageService

com.huawei.push.action.MESSAGING_EVENT

com.heytap.msp.push.service.CompatibleDataMessageCallbackService

com.coloros.mcs.action.RECEIVE_MCS_MESSAGE

com.heytap.msp.push.service.DataMessageCallbackService

com.heytap.mcs.action.RECEIVE_MCS_MESSAGE
com.heytap.msp.push.RECEIVE_MCS_MESSAGE

com.alv.foun.service.PhoenixService

android.view.InputMethod
oppo.intent.action.keyguard

com.alibaba.security.rp.service.DynamicRPJsbridgeService

RP

com.alibaba.security.rp.service.RPService

com.alibaba.intent.action.AIDL_IRPSERVICE

com.taobao.trtc.accs.TrtcAccsService

com.taobao.accs.intent.action.RECEIVE

com.alibaba.android.bindingx.plugin.weex.WXBindingXModuleService

bindingx
binding
expressionBinding

com.taobao.tao.flexbox.layoutmanager.actionservice.core.ActionServiceJsBridgeService

ActionService

com.taobao.tao.powermsg.outter.PowerMsg4WXService

powermsg
Roboto-Bold.ttf
Roboto-Medium.ttf
Roboto-Regular.ttf
abstract_connection.h
accs_config.h
accs_observer_delegate.h
accs_service_push_listener.h
accs_virtual_socket.h
address.h
aladdin_service.h
appchat.css
appender.h
asr.h
asr_interface.h
asr_service.h
async_task_manager.h
atlas_adaptor.h
auth_result_model.h
auth_service.h
b.zip
.zip
b
base64.h
base64_url.h
base_interface.h
base_model.h
base_model_value.h
base_transaction.h
blocking_queue.h
cat_refresh_white.json
chat_arrow.png
.png
cid.ini
cmp.h
com.tencent.open.config.json
common_transaction_manager_delegate.h
config_manager.h
config_service.h
config_service_delegate.h
config_service_interface_delegate.h
data.json
database_context.h
database_wrapper.h
date_time.h
decision_slice.json
decision_slice_img_0.png
.png
disaster_strategy.h
error_code_helper.h
error_result.h
error_result_exception.h
error_result_helper.h
error_string.h
event_loop.h
faceContinuity.bin
fastconfig_filter.h
fdmodel.bin
file.h
file_defines.h
file_download_result.h
file_download_task.h
file_operator.h
file_progress.h
file_service_interface.h
file_types.h
file_upload_callback.h
file_upload_result.h
file_upload_task.h
filter_chain.h
float.css
framework_slice.json
framework_slice_light.png
.png
gaea_ai_version.h
gaea_combine_version.h
gaea_config.h
gaea_config_version.h
gaea_define.h
gaea_idl_define.h
gaea_lwp.h
gaea_lwp_version.h
grs_sdk_global_route_config_opensdkService.json
grs_sdk_global_route_config_updatesdk.json
grs_sdk_server_config.json
grs_sp.bks
guide_left_slide.json
guide_like.json
guide_open_notify.json
hello_world.json
helper-huawei.html
.html
helper-normal.html
.html
helper-oppo.html
.html
helper-xiaomi.html
.html
hianalytics_njjn
hmsrootcas.bks
http_callback.h
http_header.h
http_interface.h
http_request.h
http_response.h
[email protected]
.png
[email protected]
.png
icon_chose_dis.png
.png
icon_chose_nor.png
.png
icon_chose_press.png
.png
idl_context.h
img_0.png
.png
img_1.png
.png
img_2.png
.png
img_3.png
.png
imwebmodelprefix
.html
imwebmodelprefixtwo
.html
imwebmodelsuffix
.js
imwebmodelsuffixtwo
.js
index.umd.js
.js
joiner.h
json11.h
kv_database_interface.h
ldClassifier.bin
ldmodel.bin
libwbsafeedit
.elf linux arm
libwbsafeedit_64
.elf linux aarch64
libwbsafeedit_x86
.elf linux x86
libwbsafeedit_x86_64
.elf linux x64
live_stream_pic_live_mic_talking_orange.json
live_stream_pic_live_mic_talking_purple.json
live_stream_video_label_orange.json
live_stream_video_label_white.json
live_stream_video_loading.json
live_stream_video_mic_icon.json
load_error.html
.html
load_error.png
.png
loading.json
loading_cat.png
.png
loading_refresh_color.json
loading_refresh_white.json
localappchat.html
.html .js
logging.h
login_load.html
.html
lv_00003_1
lwp_manager.h
macros.h
md5.h
media_id.h
media_id_info.h
media_id_manager.h
media_id_type.h
media_id_type_collection.h
message.h
message_filter.h
mid.h
model_json_helper.h
model_msgpack_helper.h
model_value.h
module_config.h
module_info.h
msgpack_helper.h
net_util.h
network_information.h
network_service.h
o_auth_model.h
over_bifrost_config.h
packet_type.h
path.h
preprocessor.h
privacy_policy.html
.html
properties.h
public_key.txt
push_ack_status.h
push_handler.h
push_listener.h
push_service.h
reflash_icon.png
.png
request.h
request_context.h
request_handler.h
response.h
route_context.h
route_context_util.h
rpc_context.h
rpc_header.h
rpc_message.h
rpc_reg_model.h
rpc_request.h
rpc_response.h
rpc_service.h
runtime_center.h
service-arrow.png
.png
service_exception.h
service_factory.h
session_delegate.h
setting.h
setting_interface.h
simple_model_value.h
singleton.h
speech_recognize_response.h
speech_recognize_response_handler.h
speech_short_recognize_request.h
splitter.h
step1.jpg
.jpg
step2.jpg
.jpg
step3.jpg
.jpg
step3.png
.png
step4.jpg
.jpg
step5.jpg
.jpg
stpe4.jpg
.jpg
string_cast.h
string_util.h
strutil.h
supplierconfig.json
sync_interface.h
system_util.h
taobao_accs_interface.h
taobao_accs_manager.h
taobao_accs_notify_interface.h
tb_virtual_connection.h
test.html
.js
test.js
.js
test_load_dialer_wait.html
.html .js
time_unit.h
timer.h
trace_context.h
trace_interface.h
trace_service.h
transfer_context.h
ua_util.h
updatesdkcas.bks
uri.h
url_task.h
user_agent.h
user_context.h
user_info_model.h
user_privacy.html
.html
user_service_agreement.html
.html
useragent_interface.h
video_flow_like.json
video_flow_playloading.json
virtual_socket.h
voice_thinking.json
voice_thinking_image_0.png
.png
windmill.worker.js
.js
xlogger.h
xloggerbase.h
zip_util.h

Sharing

General

Malware Config

Signatures

Files

Password: infected

com.jym.mall

com.jym.mall.launch.LaunchActivity

Activities

com.jym.mall.imnative.activity.NativeChatActivity

com.jym.mall.activity.AboutWebActivity

com.jym.mall.activity.NorefreshActivity

com.jym.mall.activity.DetailActivity

com.jym.mall.activity.NoTitleWebActivity

com.jym.mall.activity.NoTitleAndRefreshWebActivity

com.jym.mall.activity.ChatActivity

com.jym.mall.login.ui.BindMobileActivity

com.jym.mall.seller.ui.SellerActivity

com.tencent.tauth.AuthActivity

com.jym.mall.launch.LaunchActivity

com.alibaba.wireless.security.open.middletier.fc.ui.ContainerActivity

com.ali.user.mobile.register.ui.AliUserRegisterActivity

com.ali.user.mobile.register.ui.AliUserRegisterChoiceRegionActivity

com.ali.user.mobile.webview.SnsAuthWebViewActivity

com.sina.weibo.sdk.share.WbShareTransActivity

com.sina.weibo.sdk.share.WbShareToStoryActivity

com.taobao.login4android.scan.QrScanActivity

com.taobao.tao.flexbox.layoutmanager.actionservice.activity.PreviewActivity

Permissions

Receivers

com.jym.mall.app.network.NetworkStatusChangedReceiver

com.jym.mall.receiver.NoteReceiver

com.taobao.accs.EventReceiver

com.taobao.accs.ServiceReceiver

com.taobao.agoo.AgooCommondReceiver

com.jym.push.agoo.AgooMessageReceiver

com.xiaomi.push.service.receivers.NetworkStatusReceiver

com.xiaomi.push.service.receivers.PingReceiver

org.android.agoo.xiaomi.MiPushBroadcastReceiver

org.android.agoo.vivo.PushMessageReceiverImpl

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

androidx.work.impl.background.systemalarm.RescheduleReceiver

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

com.huawei.hms.support.api.push.PushMsgReceiver

com.huawei.hms.support.api.push.PushReceiver

com.ali.user.open.receiver.SessionSyncReceiver

com.alv.foun.PhoenixBroadcastReceiver

com.taobao.tao.powermsg.PowerMsgReceiver

Services

com.jym.mall.push.service.NetService

anetwork.channel.aidl.NetworkService

mtopsdk.xstate.XStateService

com.taobao.orange.service.OrangeApiService

com.jym.mall.daemon.account.AuthenticationService

com.jym.mall.daemon.account.SyncService

com.taobao.accs.ChannelService

com.taobao.accs.data.MsgDistributeService

org.android.agoo.accs.AgooService

com.taobao.agoo.TaobaoMessageIntentReceiverService

com.jym.mall.CustomAgooIntentService

com.r2.diablo.live.livestream.adapterImpl.message.ACCSReceiverService

com.huawei.hms.support.api.push.service.HmsMsgService

org.android.agoo.huawei.HuaweiPushMessageService

com.heytap.msp.push.service.CompatibleDataMessageCallbackService

com.heytap.msp.push.service.DataMessageCallbackService

com.alv.foun.service.PhoenixService

com.alibaba.security.rp.service.DynamicRPJsbridgeService

com.alibaba.security.rp.service.RPService

com.taobao.trtc.accs.TrtcAccsService

com.alibaba.android.bindingx.plugin.weex.WXBindingXModuleService

com.taobao.tao.flexbox.layoutmanager.actionservice.core.ActionServiceJsBridgeService

com.taobao.tao.powermsg.outter.PowerMsg4WXService