8c1b930330294e90e2523cad7ea1a2d27876678518d378445a13df56216caf67

General

Target

8c1b930330294e90e2523cad7ea1a2d27876678518d378445a13df56216caf67
Size

6.4MB
MD5

e3f7806f172f4e1f0b5c4818f9fead68
SHA1

5fa16475d2565547dd8f83d4c48943b0eab806eb
SHA256

8c1b930330294e90e2523cad7ea1a2d27876678518d378445a13df56216caf67
SHA512

36fa09a035e55505396cd4721cda34dcd638badd337b9c1c2e8e84fb4c8276676125866e2b72acf44e4e090df850bc24a36fcc76949b467aaa4abf5681ea4fa0
SSDEEP

98304:/IKPgJcA0V8joZ51eZi2OBhIyl+fahnMmr8M2YEH1FW2mqhOpkWJZTtZj9:/IKPQcA0H2OsywIMXMuH1csOuWV

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 6 IoCs

description	ioc
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION

Files

8c1b930330294e90e2523cad7ea1a2d27876678518d378445a13df56216caf67
.apk android arch:mips arch:arm arch:x86

com.ldw.music

.activity.MainContentActivity

Activities

.activity.MainContentActivity

android.intent.action.MAIN

.activity.VideoViewPlayingActivity

android.intent.action.VIEW
android.fbreader.action.VIEW
android.fbreader.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

cn.jpush.android.ui.PushActivity

cn.jpush.android.ui.PushActivity

io.rong.imkit.RongActivity

android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

io.rong.imkit.RongSingleActivity

android.intent.action.VIEW

io.rong.imkit.RongSecActivity

android.intent.action.VIEW

io.rong.voipkit.activity.CalledSideActivity

io.rong.voipkit.calledSideActivity.action

Permissions

com.ldw.music.permission.JPUSH_MESSAGE
android.permission.RECEIVE_USER_PRESENT
android.permission.VIBRATE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.READ_LOGS
android.permission.WRITE_SETTINGS
android.permission.WAKE_LOCK
android.permission.GET_TASKS
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION

Receivers

cn.jpush.android.service.PushReceiver

cn.jpush.android.intent.NOTIFICATION_RECEIVED_PROXY
android.intent.action.USER_PRESENT
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED

com.ldw.music.jpush.MyReceiver

cn.jpush.android.intent.REGISTRATION
cn.jpush.android.intent.UNREGISTRATION
cn.jpush.android.intent.MESSAGE_RECEIVED
cn.jpush.android.intent.NOTIFICATION_RECEIVED
cn.jpush.android.intent.NOTIFICATION_OPENED
cn.jpush.android.intent.ACTION_RICHPUSH_CALLBACK
cn.jpush.android.intent.CONNECTION

net.youmi.android.AdReceiver

android.intent.action.PACKAGE_ADDED

.service.fileObserver.ApkAddReciver

android.intent.action.PACKAGE_ADDED

io.rong.imlib.push.PushReceiver

io.rong.imlib.action.push.heartbeat
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.BOOT_COMPLETED

io.rong.imlib.push.PushMessageReceiver

io.rong.push.message

Services

.service.MediaService

com.ldw.music.service.MediaService

cn.jpush.android.service.PushService

cn.jpush.android.intent.REGISTER
cn.jpush.android.intent.REPORT
cn.jpush.android.intent.PushService
cn.jpush.android.intent.PUSH_TIME

io.rong.imlib.push.PushService

io.rong.push

io.rong.imlib.push.CommandService

io.rong.command
alipay-newmsp-5.1.0.apk
.apk android arch:arm arch:x86

com.alipay.android.app

com.alipay.android.app.pay.MainActivity

Activities

com.alipay.android.app.pay.MainActivity

android.intent.action.MAIN

com.alipay.android.app.pay.TransContainer

android.intent.action.MAIN

com.alipay.android.app.pay.HyperlinkActivity

android.intent.action.MAIN

com.alipay.android.app.pay.PageForBrowser

android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_FINE_LOCATION
android.permission.RECEIVE_USER_PRESENT
android.permission.VIBRATE
android.permission.CHANGE_NETWORK_STATE
com.alipay.android.app.gphone.SHARE

Receivers

Services

com.alipay.android.app.MspService

com.alipay.android.app.IAlixPay
com.alipay.android.app.IAliPay

Android Permissions

8c1b930330294e90e2523cad7ea1a2d27876678518d378445a13df56216caf67

Permissions

com.ldw.music.permission.JPUSH_MESSAGE

android.permission.RECEIVE_USER_PRESENT

android.permission.VIBRATE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.SYSTEM_ALERT_WINDOW

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.READ_PHONE_STATE

android.permission.READ_LOGS

android.permission.WRITE_SETTINGS

android.permission.WAKE_LOCK

android.permission.GET_TASKS

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

Sharing

General

Malware Config

Signatures

Files

com.ldw.music

.activity.MainContentActivity

Activities

.activity.MainContentActivity

.activity.VideoViewPlayingActivity

cn.jpush.android.ui.PushActivity

io.rong.imkit.RongActivity

io.rong.imkit.RongSingleActivity

io.rong.imkit.RongSecActivity

io.rong.voipkit.activity.CalledSideActivity

Permissions

Receivers

cn.jpush.android.service.PushReceiver

com.ldw.music.jpush.MyReceiver

net.youmi.android.AdReceiver

.service.fileObserver.ApkAddReciver

io.rong.imlib.push.PushReceiver

io.rong.imlib.push.PushMessageReceiver

Services

.service.MediaService

cn.jpush.android.service.PushService

io.rong.imlib.push.PushService

io.rong.imlib.push.CommandService

com.alipay.android.app

com.alipay.android.app.pay.MainActivity

Activities

com.alipay.android.app.pay.MainActivity

com.alipay.android.app.pay.TransContainer

com.alipay.android.app.pay.HyperlinkActivity

com.alipay.android.app.pay.PageForBrowser

Permissions

Receivers

Services

com.alipay.android.app.MspService

Android Permissions

8c1b930330294e90e2523cad7ea1a2d27876678518d378445a13df56216caf67