86e0039b79572498d722941b2cc49a5ac2988b3f4e0768c222c66b32b804ef89

General

Target

86e0039b79572498d722941b2cc49a5ac2988b3f4e0768c222c66b32b804ef89
Size

3.6MB
MD5

7c2e7d8deae33bdb967e991ca6eca6f8
SHA1

07d7c248a24e16c10bf7faefd8a3159cca45b1f1
SHA256

86e0039b79572498d722941b2cc49a5ac2988b3f4e0768c222c66b32b804ef89
SHA512

e6788797a2e47b0fd15dd1ed328e1637ad9a45d706979ecc9d7cc3d2e1460e7f9b30e4388edd7a0f42eb85fb586db1e4466cf059363db32dd6d4ae4508d5dc3d
SSDEEP

49152:hO4cI0+ZTVMjVd+zoAQTG4zo2iXMUtORTobaZ1uJcPyrPwHY9zC386yVkqMNKRVC:I4n0K6RdTk2obaVM6moQRVs8Oyu

Score

6^/10

Malware Config

Signatures

Declares broadcast receivers with permission to handle system events 1 IoCs

description	ioc
Required by device admin receivers to bind with the system. Allows apps to manage device administration features.	android.permission.BIND_DEVICE_ADMIN

Requests dangerous framework permissions 15 IoCs

description	ioc
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to read the user's calendar data.	android.permission.READ_CALENDAR
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS
Allows an application to write the user's calendar data.	android.permission.WRITE_CALENDAR
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to monitor incoming MMS messages.	android.permission.RECEIVE_MMS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW

Files

86e0039b79572498d722941b2cc49a5ac2988b3f4e0768c222c66b32b804ef89
.apk android

com.webroot.security.full

com.webroot.security.MainActivity

Activities

com.webroot.security.MainActivity

android.intent.action.MAIN

com.webroot.security.FileSystemShieldAlertActivity

com.webroot.security.WebrootSecurity.intent.action.FILE_SYSTEM_SHIELD_ALERT

com.webroot.security.SafeBrowsingAlertActivity

com.webroot.security.WebrootSecurity.intent.action.SECURE_BROWSING_ALERT

com.webroot.security.InstallShieldAlertActivity

com.webroot.security.WebrootSecurity.intent.action.INSTALL_SHIELD_ALERT

com.webroot.security.ExecutionShieldAlertActivity

com.webroot.security.WebrootSecurity.intent.action.EXECUTION_SHIELD_ALERT

com.webroot.security.NewQuarantineListViewActivity

com.webroot.security.WebrootSecurity.intent.action.VIEW_QUARANTINE

com.webroot.security.PreferencesActivity

com.webroot.security.WebrootSecurity.intent.action.PREFERENCES

com.webroot.security.PickContactActivity

com.webroot.security.WebrootSecurity.intent.action.PICK_CONTACT

com.webroot.security.LockDownActivity

com.webroot.security.WebrootSecurity.intent.action.LOCKDOWN

com.webroot.security.NewIgnoreListViewActivity

com.webroot.security.WebrootSecurity.intent.action.IGNORE_LIST

com.webroot.engine.TelScannerActivity

android.intent.action.VIEW

Permissions

com.webroot.security.full.permission.C2D_MESSAGE
com.google.android.c2dm.permission.RECEIVE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_NETWORK_STATE
android.permission.BATTERY_STATS
android.permission.GET_PACKAGE_SIZE
android.permission.GET_TASKS
android.permission.INTERNET
android.permission.WAKE_LOCK
android.permission.READ_LOGS
com.android.browser.permission.READ_HISTORY_BOOKMARKS
com.android.browser.permission.WRITE_HISTORY_BOOKMARKS
android.permission.READ_CONTACTS
android.permission.READ_CALENDAR
android.permission.WRITE_CONTACTS
android.permission.WRITE_CALENDAR
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.GET_ACCOUNTS
android.permission.MANAGE_ACCOUNTS
android.permission.AUTHENTICATE_ACCOUNTS
android.permission.READ_PHONE_STATE
android.permission.CALL_PHONE
android.permission.RECEIVE_SMS
android.permission.RECEIVE_MMS
android.permission.READ_SMS
android.permission.SEND_SMS
android.permission.USE_CREDENTIALS
android.permission.WRITE_SMS
android.permission.WRITE_SYNC_SETTINGS
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.RESTART_PACKAGES
com.android.vending.CHECK_LICENSE
com.android.vending.BILLING
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.SYSTEM_ALERT_WINDOW

Receivers

com.webroot.security.BatteryStats$PowerConnectedReceiver

android.intent.action.ACTION_POWER_CONNECTED

com.webroot.security.AlarmReceiver

DAILY_ALARM

com.webroot.security.CommandPollReceiver

COMMAND_POLL

com.webroot.security.WebrootSecurityUpgradedReceiver

android.intent.action.PACKAGE_REPLACED

com.webroot.security.PostBootReceiver

android.intent.action.BOOT_COMPLETED

com.webroot.security.SMSReceiver

android.provider.Telephony.SMS_RECEIVED

com.webroot.security.MMSReceiver

android.provider.Telephony.WAP_PUSH_RECEIVED

com.webroot.security.PhoneStateReceiver

android.intent.action.PHONE_STATE

com.webroot.security.BillingReceiver

com.android.vending.billing.IN_APP_NOTIFY
com.android.vending.billing.RESPONSE_CODE
com.android.vending.billing.PURCHASE_STATE_CHANGED

com.webroot.security.MobilePortalMessages

PROCESS_QUEUE_ALARM

com.webroot.security.GcmReceiver

com.google.android.c2dm.intent.RECEIVE
com.google.android.c2dm.intent.REGISTRATION

com.webroot.security.WrDeviceAdminReceiver

android.app.action.DEVICE_ADMIN_ENABLED
android.app.action.DEVICE_ADMIN_DISABLED

com.webroot.security.SingleInstallCheckReceiver

SECURITY_ALREADY_INSTALLED
ACTION_REMOVE_SELF

com.webroot.engine.PackageScannerReceiver

android.intent.action.PACKAGE_ADDED

com.webroot.engine.MemoryCardScannerReceiver

android.intent.action.MEDIA_MOUNTED

com.webroot.engine.EnginePostBootReceiver

android.intent.action.BOOT_COMPLETED

Services

com.webroot.security.ScanService

ACTION_DEF_UPDATE
ACTION_LICENSE_CHECK
ACTION_ACCOUNT_SETUP_COMPLETE
ACTION_COMMAND_POLL
ACTION_COMMAND_START_SCAN
ACTION_CLOSE_OVERLAY

Android Permissions

86e0039b79572498d722941b2cc49a5ac2988b3f4e0768c222c66b32b804ef89

Permissions

com.webroot.security.full.permission.C2D_MESSAGE

com.google.android.c2dm.permission.RECEIVE

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_NETWORK_STATE

android.permission.BATTERY_STATS

android.permission.GET_PACKAGE_SIZE

android.permission.GET_TASKS

android.permission.INTERNET

android.permission.WAKE_LOCK

android.permission.READ_LOGS

com.android.browser.permission.READ_HISTORY_BOOKMARKS

com.android.browser.permission.WRITE_HISTORY_BOOKMARKS

android.permission.READ_CONTACTS

android.permission.READ_CALENDAR

android.permission.WRITE_CONTACTS

android.permission.WRITE_CALENDAR

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.GET_ACCOUNTS

android.permission.MANAGE_ACCOUNTS

android.permission.AUTHENTICATE_ACCOUNTS

android.permission.READ_PHONE_STATE

android.permission.CALL_PHONE

android.permission.RECEIVE_SMS

android.permission.RECEIVE_MMS

android.permission.READ_SMS

android.permission.SEND_SMS

android.permission.USE_CREDENTIALS

android.permission.WRITE_SMS

android.permission.WRITE_SYNC_SETTINGS

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.RESTART_PACKAGES

com.android.vending.CHECK_LICENSE

com.android.vending.BILLING

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.SYSTEM_ALERT_WINDOW

Sharing

General

Malware Config

Signatures

Files

com.webroot.security.full

com.webroot.security.MainActivity

Activities

com.webroot.security.MainActivity

com.webroot.security.FileSystemShieldAlertActivity

com.webroot.security.SafeBrowsingAlertActivity

com.webroot.security.InstallShieldAlertActivity

com.webroot.security.ExecutionShieldAlertActivity

com.webroot.security.NewQuarantineListViewActivity

com.webroot.security.PreferencesActivity

com.webroot.security.PickContactActivity

com.webroot.security.LockDownActivity

com.webroot.security.NewIgnoreListViewActivity

com.webroot.engine.TelScannerActivity

Permissions

Receivers

com.webroot.security.BatteryStats$PowerConnectedReceiver

com.webroot.security.AlarmReceiver

com.webroot.security.CommandPollReceiver

com.webroot.security.WebrootSecurityUpgradedReceiver

com.webroot.security.PostBootReceiver

com.webroot.security.SMSReceiver

com.webroot.security.MMSReceiver

com.webroot.security.PhoneStateReceiver

com.webroot.security.BillingReceiver

com.webroot.security.MobilePortalMessages

com.webroot.security.GcmReceiver

com.webroot.security.WrDeviceAdminReceiver

com.webroot.security.SingleInstallCheckReceiver

com.webroot.engine.PackageScannerReceiver

com.webroot.engine.MemoryCardScannerReceiver

com.webroot.engine.EnginePostBootReceiver

Services

com.webroot.security.ScanService

Android Permissions

86e0039b79572498d722941b2cc49a5ac2988b3f4e0768c222c66b32b804ef89