83db14c3d69804de28ddf4506a5eb1985c0d7c24ed0a8adab8ed91f8da55e353

General

Target

83db14c3d69804de28ddf4506a5eb1985c0d7c24ed0a8adab8ed91f8da55e353
Size

6.2MB
MD5

235370c5f3a9519e0408a22047477738
SHA1

60f32b6f2787c854675e8ffb53501b18cc83d03d
SHA256

83db14c3d69804de28ddf4506a5eb1985c0d7c24ed0a8adab8ed91f8da55e353
SHA512

22ba05479b25e2271f389457b0d67fe21e7e92cb9030b99c12364279082eecf32742ca64fb77d6d9803d37faa3786c849aa2987613ed2565fef9c9109963bbc0
SSDEEP

196608:r6tx8trm3y83gUROcVLXzVNxYJMU7XcU2N8SBIuWbua:egOyEgUI0Pvxb+XcU2dIEa

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 7 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE

Files

83db14c3d69804de28ddf4506a5eb1985c0d7c24ed0a8adab8ed91f8da55e353
.apk android arch:arm arch:x86

panso.remwordfouroxkw

com.yunci.activity.RemwordActivity

Activities

com.yunci.activity.RemwordActivity

android.intent.action.MAIN

com.yunci.activity.MainInterface

colordict.intent.action.PICK_RESULT

com.yunci.activity.PluginSearchActivity

android.intent.action.SEND
com.yunci.search

com.yunci.activity.AddNotePlugin

android.intent.action.SEND
com.yunci.addnote

com.yunci.activity.DataBaseInit

android.intent.action.SEND
com.yunci.database

com.yunci.activity.SearchDictActivity

remwordfour.intent.action.SEARCH

com.umeng.api.activity.UpdateStatusActivity

android.intent.action.VIEW

Permissions

android.permission.WAKE_LOCK
android.permission.DISABLE_KEYGUARD
android.permission.GET_TASKS
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.WRITE_OWNER_DATA
android.permission.READ_OWNER_DATA
android.permission.CAMERA
android.permission.ACCESS_WIFI_STATE
android.permission.VIBRATE
android.permission.READ_LOGS
android.permission.RECORD_AUDIO
android.permission.CHANGE_WIFI_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.BROADCAST_STICKY
android.permission.READ_PHONE_STATE
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.GET_TASKS
android.permission.RESTART_PACKAGES
android.permission.KILL_BACKGROUND_PROCESSES

Receivers

com.yunci.service.BootBroadcastReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.MEDIA_MOUNTED

com.yunci.service.UsbBroadCastReceiver

android.intent.action.MEDIA_MOUNTED
android.intent.action.MEDIA_EJECT

auy.pyzr.qvbhk.b

android.intent.action.PACKAGE_ADDED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT

Services

com.yunci.service.DataBaseService

com.yunci.service.databaseservice

com.yunci.service.RemwordService

com.yunci.service.queryservice

com.yunci.service.QueryService

com.yunci.service.clipservice

com.yunci.service.AutoUpdateService

com.yunci.service.autoupdateservice
alipay_plugin223_0309.apk
.apk android

com.alipay.android.app

.Cashier

Activities

.Cashier

android.intent.action.MAIN

.Alerter

android.intent.action.MAIN

.Welcome

android.intent.action.MAIN

.Updater

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.SEND_SMS
android.permission.ACCESS_COARSE_LOCATION

Services

.AlixService

com.alipay.android.app.IAlixPay
com.alipay.android.app.IAliPay

Android Permissions

83db14c3d69804de28ddf4506a5eb1985c0d7c24ed0a8adab8ed91f8da55e353

Permissions

android.permission.WAKE_LOCK

android.permission.DISABLE_KEYGUARD

android.permission.GET_TASKS

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.SYSTEM_ALERT_WINDOW

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_PHONE_STATE

android.permission.WRITE_OWNER_DATA

android.permission.READ_OWNER_DATA

android.permission.CAMERA

android.permission.ACCESS_WIFI_STATE

android.permission.VIBRATE

android.permission.READ_LOGS

android.permission.RECORD_AUDIO

android.permission.CHANGE_WIFI_STATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.BROADCAST_STICKY

android.permission.READ_PHONE_STATE

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.GET_TASKS

android.permission.RESTART_PACKAGES

android.permission.KILL_BACKGROUND_PROCESSES

Sharing

General

Malware Config

Signatures

Files

panso.remwordfouroxkw

com.yunci.activity.RemwordActivity

Activities

com.yunci.activity.RemwordActivity

com.yunci.activity.MainInterface

com.yunci.activity.PluginSearchActivity

com.yunci.activity.AddNotePlugin

com.yunci.activity.DataBaseInit

com.yunci.activity.SearchDictActivity

com.umeng.api.activity.UpdateStatusActivity

Permissions

Receivers

com.yunci.service.BootBroadcastReceiver

com.yunci.service.UsbBroadCastReceiver

auy.pyzr.qvbhk.b

Services

com.yunci.service.DataBaseService

com.yunci.service.RemwordService

com.yunci.service.QueryService

com.yunci.service.AutoUpdateService

com.alipay.android.app

.Cashier

Activities

.Cashier

.Alerter

.Welcome

.Updater

Permissions

Services

.AlixService

Android Permissions

83db14c3d69804de28ddf4506a5eb1985c0d7c24ed0a8adab8ed91f8da55e353