9face8a6202f91074d32c02c7149a432d73a8df04f3225617eb0f88c50a7b7ed

Sharing

Copy URL Twitter E-mail

General

Target

9face8a6202f91074d32c02c7149a432d73a8df04f3225617eb0f88c50a7b7ed
Size

14.5MB
MD5

4e81d0ddb08dd612e452b1ff228021dd
SHA1

b78ea093bd0335d104b8fb4960e36d204e3ee71c
SHA256

9face8a6202f91074d32c02c7149a432d73a8df04f3225617eb0f88c50a7b7ed
SHA512

6bd07353e11ca292034b27a654e7d46b7d7148eb886c997637daaa7a459286348a66bbfaeadf7b4e1e7778f62472f20ecd2f04e680e51af3ef13d536717823fc
SSDEEP

196608:Wgc7A0gS6PK7aVyzBLg0RjMK0LJenhDVOgc5NS9DdJEOtBIWHIKuQjLGklT+bYcP:pxR1oaoz9RjWgESJ3tu1lQjLfg0fP27

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 15 IoCs

description	ioc
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Required to be able to access the camera device.	android.permission.CAMERA
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE

Files

9face8a6202f91074d32c02c7149a432d73a8df04f3225617eb0f88c50a7b7ed
.apk android arch:arm arch:x86 arch:arm64 arch:x64

cn.intracircle.cnt

com.welinku.me.ui.activity.WelcomeActivity

Activities

com.welinku.me.ui.activity.WelcomeActivity

android.intent.action.MAIN

com.welinku.me.ui.activity.account.RegisterActivity

com.welinku.me.ui.activity.REGISTER_INTRACIRCLE_MARKET

com.welinku.me.ui.activity.account.FindPasswordActivity

com.welinku.me.ui.activity.account.FINDPASSWORD_INTRACIRCLE_MARKET

com.welinku.me.ui.activity.friend.FriendSearchActivity

com.welinku.me.ui.activity.FRIENDSEARCH_INTRACIRCLE_MARKET

com.welinku.me.ui.activity.friend.FriendVerifyActivity

com.welinku.me.ui.activity.FRIENDVERIFY_INTRACIRCLE_MARKET

com.welinku.me.ui.activity.friend.FriendsNewActivity

com.welinku.me.ui.activity.FRIENDSNEW_INTRACIRCLE_MARKET

com.welinku.me.ui.activity.friend.FriendUpdateActivity

com.welinku.me.ui.activity.FRIENDUPDATE_INTRACIRCLE_MARKET

com.welinku.me.ui.activity.friend.AddContactFriendActivity

com.welinku.me.ui.activity.ADD_CONTACT_FRIEND_INTRACIRCLE_MARKET

com.welinku.me.ui.activity.log.PublishCreateActivity

com.welinku.me.ui.activity.PUBLISHCREATE_INTRACIRCLE_MARKET

com.welinku.me.ui.activity.log.VoteCreateActivity

com.welinku.me.ui.activity.VOTECREATE_INTRACIRCLE_MARKET

com.welinku.me.ui.activity.log.SetPermissionActivity

com.welinku.me.ui.activity.log.SET_PERMISSION_INTRACIRCLE_MARKET

com.welinku.me.ui.activity.log.LikeListActivity

com.welinku.me.ui.activity.LIKE_INTRACIRCLE_MARKET

com.welinku.me.ui.activity.common.PhotoSelectActivity

com.welinku.me.ui.activity.common.SELECT_PHOTO_INTRACIRCLE_MARKET

com.welinku.me.ui.activity.friend.FriendSelectActivity

com.welinku.me.ui.activity.friend.SELECT_FRIEND_INTRACIRCLE_MARKET

com.welinku.me.ui.activity.setting.DisturbSettingActivity

com.welinku.me.ui.activity.DISTURB_SETTING_INTRACIRCLE_MARKET

com.welinku.me.ui.activity.setting.SelectCityActivity

com.welinku.me.ui.activity.SELECT_CITY_INTRACIRCLE_MARKET

com.welinku.me.ui.activity.setting.UpdateUserProfileActivity

com.welinku.me.ui.activity.UPDATE_PROFILE_INTRACIRCLE_MARKET

com.welinku.me.ui.activity.log.PublishDraftboxListActivity

com.welinku.me.ui.activity.publish.DRAFTBOX_LIST_INTRACIRCLE_MARKET

com.welinku.me.ui.activity.group.GroupListActivity

com.welinku.me.ui.activity.group.GROUP_LIST_INTRACIRCLE_MARKET

com.welinku.me.ui.activity.group.GroupDetailActivity

com.welinku.me.ui.activity.group.GROUP_DETAIL_INTRACIRCLE_MARKET
com.welinku.me.ui.activity.group.VIEW_SHARE_GROUP_INTRACIRCLE_MARKET

com.welinku.me.ui.activity.group.GroupFieldUpdateActivity

com.welinku.me.ui.activity.group.UPDATE_GROUP_NAME_INTRACIRCLE_MARKET
com.welinku.me.ui.activity.group.UPDATE_GROUP_NICK_NAME_INTRACIRCLE_MARKET

com.welinku.me.ui.activity.account.PublicAccountListActivity

com.welinku.me.ui.activity.account.PUBLIC_ACCOUNT_LIST_INTRACIRCLE_MARKET

com.welinku.me.ui.activity.account.PublicAccountSearchActivity

com.welinku.me.ui.activity.account.PUBLIC_ACCOUNT_SEARCH_INTRACIRCLE_MARKET

com.welinku.me.ui.activity.friend.FansListActivity

com.welinku.me.ui.activity.account.FANS_LIST_INTRACIRCLE_MARKET

com.welinku.me.ui.activity.account.PublicAccountInfoActivity

com.welinku.me.ui.activity.account.PUBLIC_ACCOUNT_INFO_INTRACIRCLE_MARKET

com.welinku.me.ui.activity.group.FaceToFaceCreateGroupActivity

com.welinku.me.ui.activity.account.FACETOFACE_CREATE_GROUP_INTRACIRCLE_MARKET

com.welinku.me.ui.activity.group.FaceToFaceGroupDetailActivity

com.welinku.me.ui.activity.account.FACE_TO_FACE_GROUP_DETAIL_INTRACIRCLE_MARKET

com.welinku.me.ui.activity.SchemeActivity

android.intent.action.VIEW

com.welinku.me.ui.activity.log.SelectAddressActivity

com.welinku.me.ui.activity.log.SELECT_ADDRESS_INTRACIRCLE_MARKET

com.welinku.me.ui.activity.log.ActivityAddressActivity

com.welinku.me.ui.activity.log.SHOW_ADDRESS_INTRACIRCLE_MARKET

com.welinku.me.ui.activity.log.NoticeCreateActivity

com.welinku.me.ui.activity.NOTICE_CREATE_INTRACIRCLE_MARKET

com.welinku.me.ui.activity.group.GroupApplyMemberDetailActivity

com.welinku.me.ui.activity.group.MEMBER_REPLY_INTRACIRCLE_MARKET

com.welinku.me.ui.activity.log.ActivityApplyDetailActivity

com.welinku.me.ui.activity.log.ACTIVITY_MEMBER_REPLY_INTRACIRCLE_MARKET

com.welinku.me.ui.activity.common.WZDialingPhoneDialog

android.intent.action.VIEW

com.welinku.me.ui.activity.common.WZWebViewActivity

android.intent.action.VIEW

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

Permissions

android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.GET_TASKS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.GET_TASKS
android.permission.GET_ACCOUNTS
android.permission.AUTHENTICATE_ACCOUNTS
android.permission.MANAGE_ACCOUNTS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.CALL_PHONE
android.permission.FLASHLIGHT
android.permission.CAMERA
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.BLUETOOTH
android.permission.BLUE_ADMIN
android.permission.RECORD_AUDIO
android.permission.READ_CONTACTS
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_LOGS
android.permission.WAKE_LOCK
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.VIBRATE
getui.permission.GetuiService.cn.intracircle.cnt
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.BAIDU_LOCATION_SERVICE
android.permission.ACCESS_MOCK_LOCATION
com.android.launcher.permission.READ_SETTINGS
android.permission.ACCESS_GPS
android.permission.BROADCAST_STICKY
android.permission.WRITE_SETTINGS
android.permission.CALL_PHONE

Receivers

.wxapi.WXAppRegister

com.tencent.mm.plugin.openapi.Intent.ACTION_REFRESH_WXAPP

com.tendcloud.appcpa.ReferralReceiver

com.android.vending.INSTALL_REFERRER

com.welinku.me.receiver.PushReceiver

com.igexin.sdk.action.kqlDrxyXzo82ff6L09GS31
com.welinku.me.PUSH_SERVICE_INITED_ACTION_INTRACIRCLE_MARKET

com.igexin.sdk.PushReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT
com.igexin.sdk.action.refreshls

com.igexin.sdk.PushManagerReceiver

com.igexin.sdk.action.pushmanager

com.igexin.getuiext.service.PayloadReceiver

com.igexin.sdk.action.7fjUl2Z3LH6xYy7NQK4ni4
com.igexin.sdk.action.kqlDrxyXzo82ff6L09GS31

com.igexin.download.DownloadReceiver

android.net.conn.CONNECTIVITY_CHANGE

Services

com.baidu.location.f

com.baidu.location.service_v2.2

com.welinku.me.service.PushKeeperService

com.welinku.me.service.PUSHKEEPERSERVICE_INTRACIRCLE_MARKET

com.think.dam.external.DamDownloadService

com.think.downloaderlib.downloaderService

Android Permissions

9face8a6202f91074d32c02c7149a432d73a8df04f3225617eb0f88c50a7b7ed

Permissions

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_WIFI_STATE

android.permission.READ_PHONE_STATE

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_NETWORK_STATE

android.permission.GET_TASKS

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.GET_TASKS

android.permission.GET_ACCOUNTS

android.permission.AUTHENTICATE_ACCOUNTS

android.permission.MANAGE_ACCOUNTS

android.permission.SYSTEM_ALERT_WINDOW

android.permission.CALL_PHONE

android.permission.FLASHLIGHT

android.permission.CAMERA

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.READ_PHONE_STATE

android.permission.BLUETOOTH

android.permission.BLUE_ADMIN

android.permission.RECORD_AUDIO

android.permission.READ_CONTACTS

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.READ_LOGS

android.permission.WAKE_LOCK

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.VIBRATE

getui.permission.GetuiService.cn.intracircle.cnt

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.BAIDU_LOCATION_SERVICE

android.permission.ACCESS_MOCK_LOCATION

com.android.launcher.permission.READ_SETTINGS

android.permission.ACCESS_GPS

android.permission.BROADCAST_STICKY

android.permission.WRITE_SETTINGS

android.permission.CALL_PHONE

Sharing

General

Malware Config

Signatures

Files

cn.intracircle.cnt

com.welinku.me.ui.activity.WelcomeActivity

Activities

com.welinku.me.ui.activity.WelcomeActivity

com.welinku.me.ui.activity.account.RegisterActivity

com.welinku.me.ui.activity.account.FindPasswordActivity

com.welinku.me.ui.activity.friend.FriendSearchActivity

com.welinku.me.ui.activity.friend.FriendVerifyActivity

com.welinku.me.ui.activity.friend.FriendsNewActivity

com.welinku.me.ui.activity.friend.FriendUpdateActivity

com.welinku.me.ui.activity.friend.AddContactFriendActivity

com.welinku.me.ui.activity.log.PublishCreateActivity

com.welinku.me.ui.activity.log.VoteCreateActivity

com.welinku.me.ui.activity.log.SetPermissionActivity

com.welinku.me.ui.activity.log.LikeListActivity

com.welinku.me.ui.activity.common.PhotoSelectActivity

com.welinku.me.ui.activity.friend.FriendSelectActivity

com.welinku.me.ui.activity.setting.DisturbSettingActivity

com.welinku.me.ui.activity.setting.SelectCityActivity

com.welinku.me.ui.activity.setting.UpdateUserProfileActivity

com.welinku.me.ui.activity.log.PublishDraftboxListActivity

com.welinku.me.ui.activity.group.GroupListActivity

com.welinku.me.ui.activity.group.GroupDetailActivity

com.welinku.me.ui.activity.group.GroupFieldUpdateActivity

com.welinku.me.ui.activity.account.PublicAccountListActivity

com.welinku.me.ui.activity.account.PublicAccountSearchActivity

com.welinku.me.ui.activity.friend.FansListActivity

com.welinku.me.ui.activity.account.PublicAccountInfoActivity

com.welinku.me.ui.activity.group.FaceToFaceCreateGroupActivity

com.welinku.me.ui.activity.group.FaceToFaceGroupDetailActivity

com.welinku.me.ui.activity.SchemeActivity

com.welinku.me.ui.activity.log.SelectAddressActivity

com.welinku.me.ui.activity.log.ActivityAddressActivity

com.welinku.me.ui.activity.log.NoticeCreateActivity

com.welinku.me.ui.activity.group.GroupApplyMemberDetailActivity

com.welinku.me.ui.activity.log.ActivityApplyDetailActivity

com.welinku.me.ui.activity.common.WZDialingPhoneDialog

com.welinku.me.ui.activity.common.WZWebViewActivity

com.tencent.tauth.AuthActivity

Permissions

Receivers

.wxapi.WXAppRegister

com.tendcloud.appcpa.ReferralReceiver

com.welinku.me.receiver.PushReceiver

com.igexin.sdk.PushReceiver

com.igexin.sdk.PushManagerReceiver

com.igexin.getuiext.service.PayloadReceiver

com.igexin.download.DownloadReceiver

Services

com.baidu.location.f

com.welinku.me.service.PushKeeperService

com.think.dam.external.DamDownloadService

Android Permissions

9face8a6202f91074d32c02c7149a432d73a8df04f3225617eb0f88c50a7b7ed