pinduoduo-6-85-0[.]apk

Sharing

Copy URL Twitter E-mail

General

Target

pinduoduo-6-85-0.apk
Size

26.4MB
MD5

a655248f2483682408c2c0d9ba549605
SHA1

574fdd7098419f40e9b988b2847c0cd6b31ea34a
SHA256

1baf0d22b4b736ae119de344c66c7d8b6a4bd798e544857ec2109506a49952b1
SHA512

fa58d12c4f92c19ebda9f668cc18b2632815f9deacfe245119057622640bf051173f62ff1d0b013e2780c7ea8a3493333cdd052db06fa4f6fb73b32ec3681ecf
SSDEEP

786432:IBRua+NYImY1GV/PIkuf/fRofTpkWMVzPVX:I2L1ev05O97sxX

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 12 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to read image files from external storage.	android.permission.READ_MEDIA_IMAGES
Allows an application to read audio files from external storage.	android.permission.READ_MEDIA_AUDIO
Allows an application to read video files from external storage.	android.permission.READ_MEDIA_VIDEO
Allows an app to post notifications.	android.permission.POST_NOTIFICATIONS
Allows an application to recognize physical activity.	android.permission.ACTIVITY_RECOGNITION

Files

pinduoduo-6-85-0.apk
.apk android arch:arm64

Password: Virus made in china

com.xunmeng.pinduoduo

com.xunmeng.pinduoduo.ui.activity.MainFrameActivity

Activities

com.xunmeng.pinduoduo.activity.NewPageActivity

com.xunmeng.pinduoduo.ACTION_NEW_PAGE_ACTIVITY

com.xunmeng.pinduoduo.activity.NewPageMaskActivity

com.aimi.android.ACTION_NEW_PAGE_MASK_ACTIVITY

com.xunmeng.pinduoduo.app_activity.lego.LegoContainerTitanActivity

com.xunmeng.pinduoduo.ACTION_LEGO_TITAN_ACTIVITY

com.xunmeng.pinduoduo.ui.activity.HomeActivity

com.aimi.android.ACTION_MAIN_FRAME_ACTIVITY

com.xunmeng.pinduoduo.ui.activity.MainFrameActivity

android.intent.action.MAIN
com.aimi.android.ACTION_NEW_PAGE_ACTIVITY
com.xunmeng.pinduoduo.push.pull_alive
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

com.xunmeng.pinduoduo.ui.activity.TransparentEntryActivity

android.intent.action.VIEW

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

com.xunmeng.pinduoduo.auth_pay.alipay.AlipayCallbackActivity

android.intent.action.VIEW

com.xunmeng.pinduoduo.auth_pay.qqpay.QQCallbackActivity

android.intent.action.VIEW

com.xunmeng.pinduoduo.auth_pay.ddpay.DDWalletCallbackActivity

android.intent.action.VIEW

com.xunmeng.pinduoduo.auth_pay.dcepay.DcepayCallbackActivity

android.intent.action.VIEW

com.xunmeng.pinduoduo.app_widget.desk_shortcut.activities.DsCkActivity

android.intent.action.MAIN

com.xunmeng.pinduoduo.ui.activity.MainFrameActivityAssist

android.intent.action.MAIN
com.aimi.android.ACTION_NEW_PAGE_ACTIVITY
android.intent.action.VIEW
android.intent.action.VIEW

com.xunmeng.pinduoduo.ui.activity.MainFrameActivityLauncherAssist

android.intent.action.MAIN
com.aimi.android.ACTION_NEW_PAGE_ACTIVITY
android.intent.action.VIEW
android.intent.action.VIEW

com.xunmeng.pinduoduo.ui.activity.PandaHmActivity

android.intent.action.MAIN

com.xunmeng.pinduoduo.market_ad_forward.TransferActivity

com.xunmeng.pinduoduo.market.ad.FORWARD_COMMON

com.xunmeng.pinduoduo.market_ad_forward.TransferDeskActivity

com.xunmeng.pinduoduo.market.ad.FORWARD_DESK_COMMON

com.xunmeng.pinduoduo.market_ad_forward.CSDispatchActivity

com.xunmeng.pinduoduo.ACTION_CS_DISPATCH_ACTIVITY

com.xunmeng.pinduoduo.market_ad_forward.CSDispatchTitanActivity

com.xunmeng.pinduoduo.ACTION_CS_DISPATCH_TITAN_ACTIVITY

com.xunmeng.pinduoduo.msg_floating.ui.MsgJumpActivity

com.xunmeng.pinduoduo.ACTION_MSG_JUMP_ACTIVITY

com.xunmeng.pinduoduo.wallet.common.externaljump.ExternalJumpActivity

android.intent.action.VIEW

com.xunmeng.pinduoduo.share.web.subscribe.activity.SubscribeForwardActivity

android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.CAMERA
android.permission.FLASHLIGHT
android.permission.READ_CONTACTS
android.permission.RECORD_AUDIO
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.WAKE_LOCK
android.permission.GET_PACKAGE_SIZE
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.VIBRATE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
android.permission.FOREGROUND_SERVICE
com.hihonor.push.permission.READ_PUSH_NOTIFICATION_INFO
com.coloros.mcs.permission.RECIEVE_MCS_MESSAGE
com.heytap.mcs.permission.RECIEVE_MCS_MESSAGE
com.xunmeng.pinduoduo.permission.MIPUSH_RECEIVE
com.sec.android.provider.badge.permission.READ
com.sec.android.provider.badge.permission.WRITE
com.huawei.android.launcher.permission.WRITE_SETTINGS
com.huawei.android.launcher.permission.READ_SETTINGS
com.huawei.android.launcher.permission.CHANGE_BADGE
com.vivo.notification.permission.BADGE_ICON
android.permission.CHANGE_NETWORK_STATE
com.samsung.android.providers.context.permission.WRITE_USE_APP_FEATURE_SURVEY
android.permission.CHANGE_WIFI_STATE
com.bbk.launcher2.permission.READ_SETTINGS
com.bbk.launcher2.permission.WRITE_SETTINGS
android.permission.READ_MEDIA_IMAGES
android.permission.READ_MEDIA_AUDIO
android.permission.READ_MEDIA_VIDEO
android.permission.POST_NOTIFICATIONS
android.permission.HIGH_SAMPLING_RATE_SENSORS
com.android.launcher.permission.READ_SETTINGS
com.android.launcher.permission.WIRTE_SETTINGS
com.samsung.android.launcher.permission.READ_SETTINGS
com.oppo.launcher.permission.READ_SETTINGS
com.oppo.launcher.permission.WRITE_SETTINGS
net.oneplus.launcher.permission.READ_SETTINGS
net.oneplus.launcher.permission.WRITE_SETTINGS
android.permission.USE_BIOMETRIC
android.permission.USE_FINGERPRINT
android.permission.ACTIVITY_RECOGNITION

Receivers

meco.core.dex.MecoBroadcastManager

com.android.meco.MECO_DEX_PATH_ERROR

com.xunmeng.pinduoduo.receiver.NotificationBroadcastReceiver

com.aimi.android.NOTIFICATION_CANCEL
com.aimi.android.NOTIFICATION_CLICK

com.aimi.android.common.push.huawei.HwPushReceiver

com.huawei.android.push.intent.REGISTRATION
com.huawei.android.push.intent.RECEIVE
com.huawei.android.push.intent.CLICK
com.huawei.intent.action.PUSH_STATE

com.huawei.hms.support.api.push.PushEventReceiver

com.huawei.intent.action.PUSH

com.xunmeng.pinduoduo.vipush_component.VivoPushReceiver

com.vivo.pushclient.action.RECEIVE

com.aimi.android.common.push.xiaomi.MiPushReceiver

com.xiaomi.mipush.RECEIVE_MESSAGE
com.xiaomi.mipush.MESSAGE_ARRIVED
com.xiaomi.mipush.ERROR

com.aimi.android.common.push.xiaomi.proxy.NetworkStatusReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.aimi.android.common.push.xiaomi.proxy.PingReceiver

com.xiaomi.push.PING_TIMER

com.xunmeng.pinduoduo.patch.SampleResultReceiver

ACTION_PDD_PATCH_RESULT
ACTION_SET_PATCH_CLEAN
ACTION_ON_PATCH_RECEIVED

com.xunmeng.pinduoduo.web.resourceprefetch.ResourcePrefetchBroadcastReceiver

com.xunmeng.pinduoduo.uno.TRY_INIT_WEBVIEW_KERNEL

com.xunmeng.pinduoduo.xlog_wrapper.XlogUploadBroadcastReceiver

com.xunmeng.hutaojie.XlogUpload

com.xunmeng.pinduoduo.fastjs.main.FastJSBroadcastReceiver

com.xunmeng.pinduoduo.uno.TRY_INIT_WEBVIEW_KERNEL

com.xunmeng.pinduoduo.app_widget.LowSdkCycleRefreshReceiver

android.intent.action.USER_PRESENT
android.intent.action.SCREEN_ON
android.intent.action.SCREEN_OFF

com.xunmeng.pinduoduo.app_widget.stub.WidgetStubs$StubWidgetOneXOne3

android.appwidget.action.APPWIDGET_UPDATE

com.xunmeng.pinduoduo.app_widget.stub.WidgetStubs$StubWidgetOneXOne2

android.appwidget.action.APPWIDGET_UPDATE

com.xunmeng.pinduoduo.app_widget.stub.WidgetStubs$StubWidgetOneXOne1

android.appwidget.action.APPWIDGET_UPDATE

com.xunmeng.pinduoduo.app_widget.stub.WidgetStubs$StubWidgetFourXOne1

android.appwidget.action.APPWIDGET_UPDATE

com.xunmeng.pinduoduo.app_widget.stub.WidgetStubs$StubWidgetFourXOne2

android.appwidget.action.APPWIDGET_UPDATE

com.xunmeng.pinduoduo.app_widget.stub.WidgetStubs$StubWidgetFourXOne3

android.appwidget.action.APPWIDGET_UPDATE

com.xunmeng.pinduoduo.app_widget.stub.WidgetStubs$StubWidgetFourXOne4

android.appwidget.action.APPWIDGET_UPDATE

com.xunmeng.pinduoduo.app_widget.stub.WidgetStubs$StubWidgetFourXOne5

android.appwidget.action.APPWIDGET_UPDATE

com.xunmeng.pinduoduo.app_widget.stub.WidgetStubs$StubWidgetFourXOneSpecial

android.appwidget.action.APPWIDGET_UPDATE

com.xunmeng.pinduoduo.app_widget.stub.WidgetStubs$StubWidgetTwoXOne1

android.appwidget.action.APPWIDGET_UPDATE

com.xunmeng.pinduoduo.market_widget.express.ExpressNewsWidgetProvider

android.appwidget.action.APPWIDGET_UPDATE

com.xunmeng.pinduoduo.market_widget.universal.UniversalMiniScrollProvider

android.appwidget.action.APPWIDGET_UPDATE

com.xunmeng.pinduoduo.market_ad_common.alarm.MarketAdAlarmReceiver

com.xunmeng.pinduoduo.MarketAdAlarmReceiver

com.xunmeng.basiccomponent.memorymonitorwrapper.receiver.MemoryReceiver

com.xunmeng.hutaojie.MEMORY_MONITOR

com.xunmeng.pinduoduo.process_stats.SandboxReceiver0

action.power.com.xunmeng.pinduoduo:sandboxed_process0

com.xunmeng.pinduoduo.process_stats.ExpReceiver

action.power.com.xunmeng.pinduoduo:exp

Services

com.aimi.android.common.push.honor.HonorMsgService

com.hihonor.push.action.MESSAGING_EVENT

com.aimi.android.common.push.oppo.OppoPushCompatibleService

com.coloros.mcs.action.RECEIVE_MCS_MESSAGE

com.aimi.android.common.push.oppo.OppoPushService

com.heytap.mcs.action.RECEIVE_MCS_MESSAGE
com.heytap.msp.push.RECEIVE_MCS_MESSAGE

com.xunmeng.pinduoduo.market_ad_common.scheduler.channel.MarketCommonService

com.xunmeng.pinduoduo.MARKET_AD_COMMON_SERVICE
A25
CDA
Filter.js
.js
Service.js
.js
animation.fontani
app_comment.ttf
app_dynamic_view_placeholder_round.png
.png

Password: Virus made in china
app_personal.ttf
audio_comment_data.json
audio_comment_img_0.png
.png

Password: Virus made in china
badge_tabs_config.json
badge_white_list_config.json
banks.json
camera_fps_configs.json
camera_model_configs.json
car.png
.png

Password: Virus made in china
chat.ttf
chat_gif.json
ci.properties
com.tencent.open.config.json
com.xunmeng.pinduoduo.web.zip
.zip

Password: Virus made in china
com.xunmeng.pinduoduo.web.manifest
com.xunmeng.pinduoduo.web.md5checker
dot_white_list_config.json
easygo.json
effect.tar.lzma
effect.tar.lzma.version
elder_badge_tabs_config.json
event_token.json
homeicon.json
icon_count_compute_keys_white_list.json
iconfont.ttf
index.html
.html
index_catch.html
.html .js polyglot
international_country_tel_codes.json
lego_live_random_guide
lego_live_scene_audio
lego_live_scene_audio_m2
lego_prompt
lego_slide_guide
lego_slide_guide_m2
lianmai.json
libGlProcessor.7z
libtitan.7z
like_img_0_new.png
.png

Password: Virus made in china
like_img_1_new.png
.png

Password: Virus made in china
live_chat_rich_msg_white_list.json
live_chat_template_config.json
live_downgrade_config.json
live_fans_entrance
live_fans_entrance_m2
live_float_window_config.json
live_model_configs.json
live_pk_connect.json
live_retry_config.json
live_rich_notice_format_config.json
load_error.html
.html
motor.png
.png

Password: Virus made in china
pdd_lego_gift_enter.png
.png

Password: Virus made in china
pdd_lego_red_box_icon.png
.png
pdd_live_mic_audio_anima.json
pdd_live_mic_invite_anima.json
pk_lifebar_indicator.png
.png
plane.png
.png
replay_float_window_config.json
safety_number_font.otf
scene_buy_vegetable_navi_merge.yaml
.js
scene_chat_detail_merge.yaml
.js
scene_express_merge.yaml
.js
setting_service.json
so_uuid
v
video_edit_default_sticker.json
video_like_new.json
video_stall_loading.json
wallet_comm_check.png
.png
wallet_comm_loading.png
.png
wealth_god_img_0.png
.png
wealth_god_img_1.png
.png
wealth_god_img_10.png
.png
wealth_god_img_11.png
.png
wealth_god_img_12.png
.png
wealth_god_img_13.png
.png
wealth_god_img_14.png
.png
wealth_god_img_2.png
.png
wealth_god_img_3.png
.png
wealth_god_img_4.png
.png
wealth_god_img_5.png
.png
wealth_god_img_6.png
.png
wealth_god_img_7.png
.png
wealth_god_img_8.png
.png
wealth_god_img_9.png
.png

Android Permissions

pinduoduo-6-85-0.apk

Permissions

android.permission.INTERNET

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.CAMERA

android.permission.FLASHLIGHT

android.permission.READ_CONTACTS

android.permission.RECORD_AUDIO

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.WAKE_LOCK

android.permission.GET_PACKAGE_SIZE

android.permission.BLUETOOTH

android.permission.BLUETOOTH_ADMIN

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.VIBRATE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_COARSE_LOCATION

android.permission.FOREGROUND_SERVICE

com.hihonor.push.permission.READ_PUSH_NOTIFICATION_INFO

com.coloros.mcs.permission.RECIEVE_MCS_MESSAGE

com.heytap.mcs.permission.RECIEVE_MCS_MESSAGE

com.xunmeng.pinduoduo.permission.MIPUSH_RECEIVE

com.sec.android.provider.badge.permission.READ

com.sec.android.provider.badge.permission.WRITE

com.huawei.android.launcher.permission.WRITE_SETTINGS

com.huawei.android.launcher.permission.READ_SETTINGS

com.huawei.android.launcher.permission.CHANGE_BADGE

com.vivo.notification.permission.BADGE_ICON

android.permission.CHANGE_NETWORK_STATE

com.samsung.android.providers.context.permission.WRITE_USE_APP_FEATURE_SURVEY

android.permission.CHANGE_WIFI_STATE

com.bbk.launcher2.permission.READ_SETTINGS

com.bbk.launcher2.permission.WRITE_SETTINGS

android.permission.READ_MEDIA_IMAGES

android.permission.READ_MEDIA_AUDIO

android.permission.READ_MEDIA_VIDEO

android.permission.POST_NOTIFICATIONS

android.permission.HIGH_SAMPLING_RATE_SENSORS

com.android.launcher.permission.READ_SETTINGS

com.android.launcher.permission.WIRTE_SETTINGS

com.samsung.android.launcher.permission.READ_SETTINGS

com.oppo.launcher.permission.READ_SETTINGS

com.oppo.launcher.permission.WRITE_SETTINGS

net.oneplus.launcher.permission.READ_SETTINGS

net.oneplus.launcher.permission.WRITE_SETTINGS

android.permission.USE_BIOMETRIC

android.permission.USE_FINGERPRINT

android.permission.ACTIVITY_RECOGNITION

Sharing

General

Malware Config

Signatures

Files

Password: Virus made in china

com.xunmeng.pinduoduo

com.xunmeng.pinduoduo.ui.activity.MainFrameActivity

Activities

com.xunmeng.pinduoduo.activity.NewPageActivity

com.xunmeng.pinduoduo.activity.NewPageMaskActivity

com.xunmeng.pinduoduo.app_activity.lego.LegoContainerTitanActivity

com.xunmeng.pinduoduo.ui.activity.HomeActivity

com.xunmeng.pinduoduo.ui.activity.MainFrameActivity

com.xunmeng.pinduoduo.ui.activity.TransparentEntryActivity

com.tencent.tauth.AuthActivity

com.xunmeng.pinduoduo.auth_pay.alipay.AlipayCallbackActivity

com.xunmeng.pinduoduo.auth_pay.qqpay.QQCallbackActivity

com.xunmeng.pinduoduo.auth_pay.ddpay.DDWalletCallbackActivity

com.xunmeng.pinduoduo.auth_pay.dcepay.DcepayCallbackActivity

com.xunmeng.pinduoduo.app_widget.desk_shortcut.activities.DsCkActivity

com.xunmeng.pinduoduo.ui.activity.MainFrameActivityAssist

com.xunmeng.pinduoduo.ui.activity.MainFrameActivityLauncherAssist

com.xunmeng.pinduoduo.ui.activity.PandaHmActivity

com.xunmeng.pinduoduo.market_ad_forward.TransferActivity

com.xunmeng.pinduoduo.market_ad_forward.TransferDeskActivity

com.xunmeng.pinduoduo.market_ad_forward.CSDispatchActivity

com.xunmeng.pinduoduo.market_ad_forward.CSDispatchTitanActivity

com.xunmeng.pinduoduo.msg_floating.ui.MsgJumpActivity

com.xunmeng.pinduoduo.wallet.common.externaljump.ExternalJumpActivity

com.xunmeng.pinduoduo.share.web.subscribe.activity.SubscribeForwardActivity

Permissions

Receivers

meco.core.dex.MecoBroadcastManager

com.xunmeng.pinduoduo.receiver.NotificationBroadcastReceiver

com.aimi.android.common.push.huawei.HwPushReceiver

com.huawei.hms.support.api.push.PushEventReceiver

com.xunmeng.pinduoduo.vipush_component.VivoPushReceiver

com.aimi.android.common.push.xiaomi.MiPushReceiver

com.aimi.android.common.push.xiaomi.proxy.NetworkStatusReceiver

com.aimi.android.common.push.xiaomi.proxy.PingReceiver

com.xunmeng.pinduoduo.patch.SampleResultReceiver

com.xunmeng.pinduoduo.web.resourceprefetch.ResourcePrefetchBroadcastReceiver

com.xunmeng.pinduoduo.xlog_wrapper.XlogUploadBroadcastReceiver

com.xunmeng.pinduoduo.fastjs.main.FastJSBroadcastReceiver

com.xunmeng.pinduoduo.app_widget.LowSdkCycleRefreshReceiver

com.xunmeng.pinduoduo.app_widget.stub.WidgetStubs$StubWidgetOneXOne3

com.xunmeng.pinduoduo.app_widget.stub.WidgetStubs$StubWidgetOneXOne2

com.xunmeng.pinduoduo.app_widget.stub.WidgetStubs$StubWidgetOneXOne1

com.xunmeng.pinduoduo.app_widget.stub.WidgetStubs$StubWidgetFourXOne1

com.xunmeng.pinduoduo.app_widget.stub.WidgetStubs$StubWidgetFourXOne2

com.xunmeng.pinduoduo.app_widget.stub.WidgetStubs$StubWidgetFourXOne3

com.xunmeng.pinduoduo.app_widget.stub.WidgetStubs$StubWidgetFourXOne4

com.xunmeng.pinduoduo.app_widget.stub.WidgetStubs$StubWidgetFourXOne5

com.xunmeng.pinduoduo.app_widget.stub.WidgetStubs$StubWidgetFourXOneSpecial

com.xunmeng.pinduoduo.app_widget.stub.WidgetStubs$StubWidgetTwoXOne1

com.xunmeng.pinduoduo.market_widget.express.ExpressNewsWidgetProvider

com.xunmeng.pinduoduo.market_widget.universal.UniversalMiniScrollProvider

com.xunmeng.pinduoduo.market_ad_common.alarm.MarketAdAlarmReceiver

com.xunmeng.basiccomponent.memorymonitorwrapper.receiver.MemoryReceiver

com.xunmeng.pinduoduo.process_stats.SandboxReceiver0

com.xunmeng.pinduoduo.process_stats.ExpReceiver

Services

com.aimi.android.common.push.honor.HonorMsgService

com.aimi.android.common.push.oppo.OppoPushCompatibleService

com.aimi.android.common.push.oppo.OppoPushService

com.xunmeng.pinduoduo.market_ad_common.scheduler.channel.MarketCommonService

Password: Virus made in china

Password: Virus made in china

Password: Virus made in china

Password: Virus made in china

Password: Virus made in china

Password: Virus made in china

Password: Virus made in china

Password: Virus made in china

Android Permissions

pinduoduo-6-85-0.apk