f8ad5257ba79891934d51a65c9fd8ac8[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

f8ad5257ba79891934d51a65c9fd8ac8.bin
Size

23.7MB
MD5

f8ad5257ba79891934d51a65c9fd8ac8
SHA1

93535aa7329e1ac80f8025838363388048b3f824
SHA256

5ed3da36f32d4b13dce5fa44c1ed6a264d9720f0e277d9137d93771f939b6dfb
SHA512

a92382ff36cb05eb24a064f66f0e5da452fe8467580b3eae20754db77d7b93185f3adddfdd778229a7802be0f1c35e8effd4b36cf9d60c7cdd5fc2e065abeb44
SSDEEP

393216:iC7VXEUVqXSChS1uELaxla51hqJhQePJ5l67SosG9ahfOPmI9+HyJ4c:7pX2XzS1MmvhqUegKG9sfOPPgyJT

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 4 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Required to be able to access the camera device.	android.permission.CAMERA
Allows an app to post notifications.	android.permission.POST_NOTIFICATIONS

Files

f8ad5257ba79891934d51a65c9fd8ac8.bin
.apk android arch:arm64 arch:arm arch:x86 arch:x64

Password: infected

com.qooapp.qoohelper

com.qooapp.qoohelper.arch.welcome.WelcomeActivity

Activities

com.qooapp.qoohelper.arch.welcome.WelcomeActivity

android.intent.action.MAIN
com.qooapp.qoohelper.action.VIEW
com.qooapp.qoohelper.fcm_click_action
android.intent.action.VIEW
com.qooapp.qoohelper.action.VIEW

com.qooapp.qoohelper.arch.welcome.MainAlias

android.intent.action.MAIN
com.qooapp.qoohelper.action.VIEW
com.qooapp.qoohelper.fcm_click_action
android.intent.action.VIEW
com.qooapp.qoohelper.action.VIEW

com.qooapp.qoohelper.arch.welcome.BirthdayAlias

android.intent.action.MAIN
com.qooapp.qoohelper.action.VIEW
com.qooapp.qoohelper.fcm_click_action
android.intent.action.VIEW
com.qooapp.qoohelper.action.VIEW

com.qooapp.qoohelper.activity.HomeActivity

android.intent.action.SEARCH
com.qooapp.qoohelper.action.VIEW
android.intent.action.VIEW

com.qooapp.qoohelper.arch.help.HelpActivity

com.qooapp.qoohelper.action.VIEW
android.intent.action.VIEW

com.qooapp.qoohelper.arch.inspect.InspectActivity

com.qooapp.qoohelper.action.VIEW
android.intent.action.VIEW

com.qooapp.qoohelper.arch.note.detail.NoteActivity

android.intent.action.VIEW
com.qooapp.qoohelper.action.VIEW

com.qooapp.qoohelper.arch.event.EventDetailActivity

android.intent.action.VIEW
com.qooapp.qoohelper.action.VIEW

com.qooapp.qoohelper.arch.search.v.SearchActivity

android.intent.action.SEARCH
com.qooapp.qoohelper.action.VIEW
android.intent.action.VIEW

com.qooapp.qoohelper.arch.game.info.view.NewGameInfoActivity

com.qooapp.qoohelper.action.VIEW
android.intent.action.VIEW

com.qooapp.qoohelper.arch.game.list.GamesActivity

com.qooapp.qoohelper.action.VIEW
android.intent.action.VIEW

com.qooapp.qoohelper.arch.event.GameEventsActivity

com.qooapp.qoohelper.action.VIEW
android.intent.action.VIEW

com.qooapp.qoohelper.activity.BrowserActivity

com.qooapp.qoohelper.action.VIEW
android.intent.action.VIEW

com.qooapp.qoohelper.arch.mine.list.MyGameListActivity

com.qooapp.qoohelper.action.VIEW
android.intent.action.VIEW

com.qooapp.qoohelper.activity.LoginActivity

com.qooapp.qoohelper.action.VIEW
android.intent.action.VIEW

com.qooapp.qoohelper.arch.login.RegisterLoginActivity

com.qooapp.qoohelper.action.VIEW
android.intent.action.VIEW

com.qooapp.qoohelper.activity.PlayVideoActivity

com.qooapp.qoohelper.action.VIEW
android.intent.action.VIEW

com.qooapp.qoohelper.arch.voice.DownloadVoiceActivity

com.qooapp.qoohelper.action.VIEW
android.intent.action.VIEW

com.qooapp.qoohelper.arch.dress.DressActivity

com.qooapp.qoohelper.action.VIEW
android.intent.action.VIEW

com.qooapp.qoohelper.arch.user.UserInfoActivity

com.qooapp.qoohelper.action.VIEW
android.intent.action.VIEW

com.qooapp.qoohelper.activity.PublishNoteActivity

android.intent.action.SEND
com.qooapp.qoohelper.action.VIEW
android.intent.action.VIEW

com.qooapp.qoohelper.arch.caricature.CaricatureDetailActivity

com.qooapp.qoohelper.action.VIEW
android.intent.action.VIEW

com.qooapp.qoohelper.activity.ReplyDetailActivity

com.qooapp.qoohelper.action.VIEW
android.intent.action.VIEW

com.qooapp.qoohelper.activity.HotNewsActivity

android.intent.action.VIEW
com.qooapp.qoohelper.action.VIEW

com.qooapp.qoohelper.activity.AuthActivity

android.intent.action.VIEW
com.qooapp.qoohelper.action.VIEW

com.qooapp.qoohelper.activity.VerifyActivity

android.intent.action.VIEW
com.qooapp.qoohelper.action.VIEW

com.qooapp.qoohelper.activity.MyIQActivity

android.intent.action.VIEW
com.qooapp.qoohelper.action.VIEW

com.qooapp.qoohelper.activity.BalanceDetailsActivity

android.intent.action.VIEW
com.qooapp.qoohelper.action.VIEW

com.qooapp.qoohelper.arch.note.NoteListActivity

android.intent.action.VIEW
com.qooapp.qoohelper.action.VIEW

com.qooapp.qoohelper.arch.topic.NoteHotTopicListActivity

android.intent.action.VIEW
com.qooapp.qoohelper.action.VIEW

com.qooapp.qoohelper.arch.gamecard.view.GameCardInfoActivity

com.qooapp.qoohelper.action.VIEW
android.intent.action.VIEW

com.qooapp.qoohelper.arch.drawcard.DrawCardActivity

com.qooapp.qoohelper.action.VIEW
android.intent.action.VIEW

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

com.qooapp.qoohelper.arch.today.CalendarGameActivity

com.qooapp.qoohelper.action.VIEW
android.intent.action.VIEW

com.qooapp.qoohelper.arch.company.CompanyInfoActivity

com.qooapp.qoohelper.action.VIEW
android.intent.action.VIEW

com.qooapp.qoohelper.arch.game.box.GameBoxActivity

com.qooapp.qoohelper.action.VIEW
android.intent.action.VIEW

com.qooapp.qoohelper.arch.search.filter.FilterActivity

com.qooapp.qoohelper.action.VIEW
android.intent.action.VIEW

com.qooapp.qoohelper.arch.web.TransBrowserActivity

com.qooapp.qoohelper.action.VIEW
android.intent.action.VIEW

com.qooapp.qoohelper.arch.square.SquareActivity

com.qooapp.qoohelper.action.VIEW
android.intent.action.VIEW

com.qooapp.qoohelper.arch.event.list.EventListActivity

com.qooapp.qoohelper.action.VIEW
android.intent.action.VIEW

com.qooapp.qoohelper.arch.dress.theme.ThemeDetailActivity

android.intent.action.VIEW
com.qooapp.qoohelper.action.VIEW

com.qooapp.qoohelper.arch.translation.TranslatorPurchaseActivity

android.intent.action.VIEW
com.qooapp.qoohelper.action.VIEW

com.qooapp.qoohelper.arch.iq.AutoRenewalMangerActivity

android.intent.action.VIEW
com.qooapp.qoohelper.action.VIEW

com.qooapp.qoohelper.arch.event.detail.EventInfoActivity

android.intent.action.VIEW
com.qooapp.qoohelper.action.VIEW

com.qooapp.qoohelper.arch.translation.redeem.RedemptionCodeActivity

android.intent.action.VIEW
com.qooapp.qoohelper.action.VIEW

com.qooapp.qoohelper.arch.user.email.EditEmailActivity

android.intent.action.VIEW
com.qooapp.qoohelper.action.VIEW

com.qooapp.qoohelper.arch.user.password.EditPasswordActivity

android.intent.action.VIEW
com.qooapp.qoohelper.action.VIEW

com.qooapp.qoohelper.arch.user.blocklist.BlocklistActivity

android.intent.action.VIEW
com.qooapp.qoohelper.action.VIEW

com.qooapp.qoohelper.activity.AppIconChangeActivity

android.intent.action.VIEW
com.qooapp.qoohelper.action.VIEW

com.qooapp.qoohelper.arch.game.review.ReviewDetailActivity

android.intent.action.VIEW
com.qooapp.qoohelper.action.VIEW

com.qooapp.qoohelper.arch.gamecard.detail.GameCardDetailActivity

android.intent.action.VIEW
com.qooapp.qoohelper.action.VIEW

com.qooapp.qoohelper.arch.user.follow.view.FollowActivity

android.intent.action.VIEW
com.qooapp.qoohelper.action.VIEW

com.qooapp.qoohelper.arch.user.collects.MyCollectsActivity

android.intent.action.VIEW
com.qooapp.qoohelper.action.VIEW

com.qooapp.qoohelper.arch.sticker.store.StickerStoreActivity

android.intent.action.VIEW
com.qooapp.qoohelper.action.VIEW

com.qooapp.qoohelper.arch.sticker.detail.StickerDetailActivity

android.intent.action.VIEW
com.qooapp.qoohelper.action.VIEW

com.qooapp.qoohelper.arch.cs.ServiceCenterActivity

com.qooapp.qoohelper.action.VIEW
android.intent.action.VIEW

com.qooapp.qoohelper.arch.cs.form.QuestionFormActivity

com.qooapp.qoohelper.action.VIEW
android.intent.action.VIEW

com.linecorp.linesdk.auth.internal.LineAuthenticationCallbackActivity

android.intent.action.VIEW

Permissions

android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WAKE_LOCK
android.permission.VIBRATE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_USER_PRESENT
android.permission.ACCESS_WIFI_STATE
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
android.permission.ACCESS_DOWNLOAD_MANAGER
com.google.android.c2dm.permission.RECEIVE
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.REQUEST_DELETE_PACKAGES
android.permission.FOREGROUND_SERVICE
com.qooapp.qoohelper.permission.C2D_MESSAGE
android.permission.CAMERA
android.permission.UPDATE_PACKAGES_WITHOUT_USER_ACTION
com.asus.msa.SupplementaryDID.ACCESS
freemme.permission.msa
android.permission.POST_NOTIFICATIONS
com.google.android.gms.permission.AD_ID
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
android.permission.RECEIVE_BOOT_COMPLETED
com.qooapp.qoohelper.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.WRITE_MEDIA_STORAGE
android.permission.MANAGE_EXTERNAL_STORAGE

Receivers

com.qooapp.qoohelper.receiver.LocalAppChangedReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_REPLACED
android.intent.action.PACKAGE_FULLY_REMOVED

com.qooapp.qoohelper.receiver.GcmBroadcastReceiver

com.google.android.c2dm.intent.RECEIVE
com.google.android.c2dm.intent.REGISTRATION

com.qooapp.qoohelper.receiver.ChatNotificationBroadcastReceiver

com.qooapp.qoohelper.action_gcm

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

android.net.conn.CONNECTIVITY_CHANGE

androidx.work.impl.background.systemalarm.RescheduleReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.background.systemalarm.UpdateProxies

androidx.work.impl.diagnostics.DiagnosticsReceiver

androidx.work.diagnostics.REQUEST_DIAGNOSTICS

androidx.profileinstaller.ProfileInstallReceiver

androidx.profileinstaller.action.INSTALL_PROFILE
androidx.profileinstaller.action.SKIP_FILE
androidx.profileinstaller.action.SAVE_PROFILE
androidx.profileinstaller.action.BENCHMARK_OPERATION

Services

com.qooapp.qoohelper.services.FloatingService

com.qooapp.qoohelper.action.inBackground

com.qooapp.qoohelper.services.ImFirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.qooapp.qoohelper.services.CheckerService

com.qooapp.qoohelper.action.CHECK

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT
arialnarrow.ttf
baseline.prof
baseline.profm
com.tencent.open.config.json
emoji.zip
.zip

Password: infected
baiyan.png
.png

Password: infected
biequ.png
.png

Password: infected
buman.png
.png

Password: infected
daku.png
.png

Password: infected
emoji.xml
.xml
fahuo.png
.png

Password: infected
fankun.png
.png

Password: infected
fanu.png
.png

Password: infected
guaixiao.png
.png
guilian.png
.png
haixu.png
.png
hanyan.png
.png
jingya.png
.png
kaixin.png
.png
kelian.png
.png
lihai.png
.png
maimen.png
.png
mengdong.png
.png
nanguo.png
.png
no.png
.png
sese.png
.png
shuashuai.png
.png
shuijiao.png
.png
wasai.png
.png
weiqu.png
.png
weishenm.png
.png
weixiao.png
.png
wuyu.png
.png
yun.png
.png
h5_qr_back.png
.png
iconfont.ttf
libwbsafeedit
.elf linux arm
libwbsafeedit_64
.elf linux aarch64
libwbsafeedit_x86
.elf linux x86
libwbsafeedit_x86_64
.elf linux x64
sa_mcc_mnc_mini.json
supplierconfig.json
symbol.zip
.zip
ywz_emoji
zlsioh.dat

Android Permissions

f8ad5257ba79891934d51a65c9fd8ac8.bin

Permissions

android.permission.ACCESS_NETWORK_STATE

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.WAKE_LOCK

android.permission.VIBRATE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.RECEIVE_USER_PRESENT

android.permission.ACCESS_WIFI_STATE

android.permission.DOWNLOAD_WITHOUT_NOTIFICATION

android.permission.ACCESS_DOWNLOAD_MANAGER

com.google.android.c2dm.permission.RECEIVE

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.REQUEST_DELETE_PACKAGES

android.permission.FOREGROUND_SERVICE

com.qooapp.qoohelper.permission.C2D_MESSAGE

android.permission.CAMERA

android.permission.UPDATE_PACKAGES_WITHOUT_USER_ACTION

com.asus.msa.SupplementaryDID.ACCESS

freemme.permission.msa

android.permission.POST_NOTIFICATIONS

com.google.android.gms.permission.AD_ID

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

android.permission.RECEIVE_BOOT_COMPLETED

com.qooapp.qoohelper.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.WRITE_MEDIA_STORAGE

android.permission.MANAGE_EXTERNAL_STORAGE

Sharing

General

Malware Config

Signatures

Files

Password: infected

com.qooapp.qoohelper

com.qooapp.qoohelper.arch.welcome.WelcomeActivity

Activities

com.qooapp.qoohelper.arch.welcome.WelcomeActivity

com.qooapp.qoohelper.arch.welcome.MainAlias

com.qooapp.qoohelper.arch.welcome.BirthdayAlias

com.qooapp.qoohelper.activity.HomeActivity

com.qooapp.qoohelper.arch.help.HelpActivity

com.qooapp.qoohelper.arch.inspect.InspectActivity

com.qooapp.qoohelper.arch.note.detail.NoteActivity

com.qooapp.qoohelper.arch.event.EventDetailActivity

com.qooapp.qoohelper.arch.search.v.SearchActivity

com.qooapp.qoohelper.arch.game.info.view.NewGameInfoActivity

com.qooapp.qoohelper.arch.game.list.GamesActivity

com.qooapp.qoohelper.arch.event.GameEventsActivity

com.qooapp.qoohelper.activity.BrowserActivity

com.qooapp.qoohelper.arch.mine.list.MyGameListActivity

com.qooapp.qoohelper.activity.LoginActivity

com.qooapp.qoohelper.arch.login.RegisterLoginActivity

com.qooapp.qoohelper.activity.PlayVideoActivity

com.qooapp.qoohelper.arch.voice.DownloadVoiceActivity

com.qooapp.qoohelper.arch.dress.DressActivity

com.qooapp.qoohelper.arch.user.UserInfoActivity

com.qooapp.qoohelper.activity.PublishNoteActivity

com.qooapp.qoohelper.arch.caricature.CaricatureDetailActivity

com.qooapp.qoohelper.activity.ReplyDetailActivity

com.qooapp.qoohelper.activity.HotNewsActivity

com.qooapp.qoohelper.activity.AuthActivity

com.qooapp.qoohelper.activity.VerifyActivity

com.qooapp.qoohelper.activity.MyIQActivity

com.qooapp.qoohelper.activity.BalanceDetailsActivity

com.qooapp.qoohelper.arch.note.NoteListActivity

com.qooapp.qoohelper.arch.topic.NoteHotTopicListActivity

com.qooapp.qoohelper.arch.gamecard.view.GameCardInfoActivity

com.qooapp.qoohelper.arch.drawcard.DrawCardActivity

com.tencent.tauth.AuthActivity

com.qooapp.qoohelper.arch.today.CalendarGameActivity

com.qooapp.qoohelper.arch.company.CompanyInfoActivity

com.qooapp.qoohelper.arch.game.box.GameBoxActivity

com.qooapp.qoohelper.arch.search.filter.FilterActivity

com.qooapp.qoohelper.arch.web.TransBrowserActivity

com.qooapp.qoohelper.arch.square.SquareActivity

com.qooapp.qoohelper.arch.event.list.EventListActivity

com.qooapp.qoohelper.arch.dress.theme.ThemeDetailActivity

com.qooapp.qoohelper.arch.translation.TranslatorPurchaseActivity

com.qooapp.qoohelper.arch.iq.AutoRenewalMangerActivity

com.qooapp.qoohelper.arch.event.detail.EventInfoActivity

com.qooapp.qoohelper.arch.translation.redeem.RedemptionCodeActivity

com.qooapp.qoohelper.arch.user.email.EditEmailActivity

com.qooapp.qoohelper.arch.user.password.EditPasswordActivity

com.qooapp.qoohelper.arch.user.blocklist.BlocklistActivity

com.qooapp.qoohelper.activity.AppIconChangeActivity

com.qooapp.qoohelper.arch.game.review.ReviewDetailActivity

com.qooapp.qoohelper.arch.gamecard.detail.GameCardDetailActivity

com.qooapp.qoohelper.arch.user.follow.view.FollowActivity

com.qooapp.qoohelper.arch.user.collects.MyCollectsActivity

com.qooapp.qoohelper.arch.sticker.store.StickerStoreActivity

com.qooapp.qoohelper.arch.sticker.detail.StickerDetailActivity

com.qooapp.qoohelper.arch.cs.ServiceCenterActivity

com.qooapp.qoohelper.arch.cs.form.QuestionFormActivity

com.linecorp.linesdk.auth.internal.LineAuthenticationCallbackActivity

Permissions

Receivers

com.qooapp.qoohelper.receiver.LocalAppChangedReceiver

com.qooapp.qoohelper.receiver.GcmBroadcastReceiver

com.qooapp.qoohelper.receiver.ChatNotificationBroadcastReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

androidx.work.impl.background.systemalarm.RescheduleReceiver

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.diagnostics.DiagnosticsReceiver