9d0d10b499b5d8e75e9c013481c708725d5f6610a026473896ec678ad6ce3fda

Sharing

Copy URL

Twitter E-mail

General

Target

9d0d10b499b5d8e75e9c013481c708725d5f6610a026473896ec678ad6ce3fda
Size

13.7MB
MD5

3d8125ab109cf128ee4dae2e1b0e8d1c
SHA1

6ff304bf89fd97af89ad0a50f883ef8a2c433d18
SHA256

9d0d10b499b5d8e75e9c013481c708725d5f6610a026473896ec678ad6ce3fda
SHA512

31e12613d19c47dab47cbd22d422c3c4b6f8cf5af498b31ed70db95f1eb51c4eb4f6ab5b47865182e084bb49c6f36786902d5bea955dd83747af467ed9eb4817
SSDEEP

393216:OHyhIBMhwVBeimKPCIp86PJqnJVkYuMuUNB/v+FEen16LHdCHLwyIdi5ime:OShIBMhwVPRikqjsdYBpen16LHAHLQiA

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 2 IoCs

description	ioc
Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device.	android.permission.BIND_NOTIFICATION_LISTENER_SERVICE
Required by accessibility services to bind with the system. Allows apps to access accessibility features.	android.permission.BIND_ACCESSIBILITY_SERVICE

Requests dangerous framework permissions 9 IoCs

description	ioc
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES
Allows an application to read the user's call log.	android.permission.READ_CALL_LOG
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Required to be able to access the camera device.	android.permission.CAMERA

Files

9d0d10b499b5d8e75e9c013481c708725d5f6610a026473896ec678ad6ce3fda
.apk android arch:arm arch:x86

com.yscall.kulaidian

com.yscall.kulaidian.activity.main.WelcomeActivity

Activities

com.yscall.kulaidian.activity.main.WelcomeActivity

android.intent.action.MAIN

com.sina.weibo.sdk.share.WbShareTransActivity

com.sina.weibo.sdk.action.ACTION_SDK_REQ_ACTIVITY

Permissions

android.permission.INTERNET
android.permission.READ_CONTACTS
android.permission.WRITE_SETTINGS
android.permission.READ_PHONE_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WAKE_LOCK
android.permission.BROADCAST_PACKAGE_ADDED
android.permission.BROADCAST_PACKAGE_CHANGED
android.permission.BROADCAST_PACKAGE_INSTALL
android.permission.BROADCAST_PACKAGE_REPLACED
android.permission.RESTART_PACKAGES
android.permission.GET_TASKS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.READ_LOGS
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.RECEIVE_USER_PRESENT
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_CALL_LOG
android.permission.SYSTEM_ALERT_WINDOW
com.yscall.kulaidian.permission.MIPUSH_RECEIVE
android.permission.CAMERA
android.permission.FLASHLIGHT

Receivers

com.yscall.kulaidian.service.guardian.ExternalReceiver

action_get_and_install_plugin
ACTION_NOTIFY_MEM_CHANGE
action_v5_push_message
android.intent.action.ACTION_UNSOL_RESPONSE_OEM_HOOK_RAW
android.intent.action.ALARM_CHANGED
android.intent.action.BADGE_COUNT_UPDATE
android.intent.action.GTALK_CONNECTED
android.intent.action.GTALK_DISCONNECTED
android.intent.action.MEDIA_SCANNER_FINISHED
android.intent.action.MEDIA_SCANNER_STARTED
android.intent.action.PROVIDER_CHANGED
android.intent.action.RINGTONE_ADD
android.intent.action.ultimatesnapshot
android.net.sip.SIP_SERVICE_UP
applock_cloudcfg_changed_notification
broadcast_action_close_pop
broadcast_action_request_query
com.android.calendar.APPWIDGET_UPDATE
com.android.contacts.favorites.updated
com.android.huawei.DATASERVICE_SETTING_CHANGED
com.android.internal.telephony
com.android.launcher.action.INSTALL_SHORTCUT
com.android.launcher.action.UNINSTALL_SHORTCUT
com.baidu.android.pushservice.action.METHOD
com.baidu.ufosdk.getappkeysuccess_getnewhistoryflag
com.bytedance.frameworks.plugin.ACTION_REPORTER
com.cmcm.screensaver.screen_off
com.cmcm.screensaver.screen_on
com.google.android.checkin.CHECKIN_COMPLETE
com.google.android.talk.MCS_CONNECTION_SERVICE_STARTED
com.huawei.android.push.intent.REGISTER
com.huawei.android.push.intent.SOCKET_INFO
com.huawei.intent.action.PUSH_STATE
com.huawei.mms.RINGER_MODE_CHANGED
com.kingroot.common.ACTION_NEW_APP_STARTED
com.kingroot.common.ACTION_NOTIFY_IN_SELF_APP_MAIN
com.kingroot.common.ACTION_NOTIFY_OUT_SELF_APP_BY_MAIN
com.kingroot.common.ACTION_SWITCH_IN_DESKTOP
com.kingroot.common.ACTION_SWITCH_OUT_DESKTOP
com.kingroot.common.ACTION_TOP_ACTIVITY_CHANGED
com.kingroot.common.ACTION_TOP_APP_CHANGED
com.kingroot.kinguser.gamebox.ACTION_GAME_ADDED
com.morgoo.doirplugin.PACKAGE_ADDED
com.qihoo.action.UPDATE_NOTIFY
com.qihoo.antivirus.sync.ActivityResultChange
com.qihoo.appstore.appwatcher.removeall
com.qihoo.appstore.appwatcher.reset
com.qihoo.root.rooting
com.qihoo.root.rootover
com.qihoo360.launcher.action.APP_ICON_NOTIFICATION_COUNT
com.sina.weibo.action.push.active.groupscheme
com.sina.weibo.action.push.active.record.complete
com.sina.weibo.guardunion.NEW_DATA
com.sina.weibo.photo.action.UPDATE_VIDEO_CONFIG
com.sina.weibo.video.debug.ACTION_PLAYER_LOG_SAVED
com.sina.weibo.video.debug.ACTION_PLAYER_LOG_START
com.taobao.bootimage.show.coldstart
com.taobao.bootimage.show.finish
com.taobao.event.HomePageLoadFinished
com.taobao.tao.messagkit.receive
com.taobao.taobao.action.BUNDLES_INSTALLED
com.taobao.taobao.intent.action.INIT
com.tencent.android.qqdownloader.action.CAN_UPDATE_APP_SUM_CHANGED
com.tencent.assistant.ipc.firststart.action
com.tencent.intent.QZONE_PRE_DOWNLOAD_CANCEL
com.tencent.mm.Intent.ACTION_CLICK_FLOW_REPORT
com.tencent.mm.plugin.openapi.Intent.ACTION_HANDLE_APP_REGISTER
com.tencent.mm.ui.ACTION_ACTIVE
com.tencent.mm.ui.ACTION_DEACTIVE
com.tencent.mobileqq.activity.NotifyPushSettingActivity.ConfigPCActive
com.tencent.mobileqq.broadcast.qq
com.tencent.mobileqq.cooperation.plugin.comic_plugin.apk
com.tencent.mobileqq.cooperation.plugin.Photoplus.apk
com.tencent.mobileqq.cooperation.plugin.qlink_plugin.apk
com.tencent.mobileqq.cooperation.plugin.qqreaderplugin.apk
com.tencent.mobileqq.msf.wakeup
com.tencent.mobileqq.openapi.ACTION_LOGIN
com.tencent.mobileqq.PreLoadComicProcess
com.tencent.mobileqq.qqwifi.scanStateChange
com.tencent.mobileqq.secmsg.NetReconnect
com.tencent.plugin.state.change
com.tencent.process.exit
com.tencent.process.starting
com.tencent.process.stopping
com.tencent.process.tmdownloader.exit
com.tencent.qplus.THEME_INVALIDATE
com.tencent.qplus.THEME_UPDATE
com.tencent.qq.syncQQMessage
com.tencent.qqhead.getheadreq
com.tencent.qqmusic.ACTION_FREE_FLOW_INFO_REFRESH.QQMusicPhone
com.tencent.qqmusic.ACTION_META_CHANGED.QQMusicPhone
com.tencent.qqmusic.ACTION_SDCARD_STATE_CHANGED.QQMusicPhone
com.tencent.qqmusic.ACTION_SERVICE_REPAINT_WIDGET.QQMusicPhone
com.tencent.receiver.qfav.srvaddr
com.tencent.receiver.soso
com.tencent.redpoint.broadcast.push.av
com.tentcent.mobileqq.dpc.broadcast
com.xiaomi.push.service_started
download.app.DOWNLOAD_APP
event_checked_result
event_file_downloaded
event_update_begin
event_update_end
event_update_progress
finishNOOSN
home_search_enable
hotfix.action.update
huawei.intent.action.POWER_MODE_CHANGED_ACTION
miui.intent.action.NETWORK_BLOCKED
miui.intent.action.NETWORK_CONNECTED
mqq.intent.action.EXITcom.tencent.mobileqq
mqq.intent.action.LAUNCH_com.tencent.mobileqq
netAnaly.day.flow.collect
qqcomic.downloader.tasksfinished.broadcast
qy.player.core.type
sina.weibo.action.NOUSER
TAOBAO_DELAY_START_LOGIN
TAOBAO_DELAY_START_POWMSG
tencent.video.q2v.GroupSystemMsg
wifi.intent.action.INTERNET_ACCESS_ENABLED
android.intent.action.BOOT_COMPLETED
android.intent.action.ACTION_SHUTDOWN
android.intent.action.QUICKBOOT_POWERON
android.intent.action.REBOOT
android.intent.action.USER_PRESENT
android.intent.action.DATE_CHANGED
android.intent.action.ACTION_NEW_PICTURE
android.intent.action.ACTION_NEW_VIDEO
android.intent.action.SCREEN_OFF
android.intent.action.SCREEN_ON
android.intent.action.PACKAGE_CHANGED
android.intent.action.PACKAGE_REPLACED
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_DATA_CLEARED
android.intent.action.MY_PACKAGE_REPLACED
android.intent.action.NEW_OUTGOING_CALL
android.intent.action.TIME_SET
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED
android.intent.action.ACTION_BATTERY_LOW
android.intent.action.ACTION_BATTERY_OKAY

com.taobao.accs.EventReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_REMOVED
android.intent.action.USER_PRESENT

com.taobao.accs.ServiceReceiver

com.taobao.accs.intent.action.COMMAND
com.taobao.accs.intent.action.START_FROM_AGOO

com.taobao.agoo.AgooCommondReceiver

com.yscall.kulaidian.intent.action.COMMAND
android.intent.action.PACKAGE_REMOVED

org.android.agoo.xiaomi.MiPushBroadcastReceiver

com.xiaomi.mipush.RECEIVE_MESSAGE
com.xiaomi.mipush.ERROR

org.android.agoo.huawei.HuaWeiReceiver

com.huawei.android.push.intent.REGISTRATION
com.huawei.android.push.intent.RECEIVE
com.huawei.intent.action.PUSH
com.huawei.intent.action.PUSH_STATE

Services

com.yscall.kulaidian.service.notification.SystemNotificationService

android.service.notification.NotificationListenerService

com.yscall.accessibility.service.MyAccessibilityService

android.accessibilityservice.AccessibilityService

com.taobao.accs.ChannelService

com.taobao.accs.intent.action.SERVICE
com.taobao.accs.intent.action.ELECTION

com.taobao.accs.data.MsgDistributeService

com.taobao.accs.intent.action.RECEIVE

org.android.agoo.accs.AgooService

com.taobao.accs.intent.action.RECEIVE

com.umeng.message.UmengIntentService

org.agoo.android.intent.action.RECEIVE

com.umeng.message.XiaomiIntentService

org.agoo.android.intent.action.RECEIVE

com.umeng.message.UmengMessageIntentReceiverService

org.android.agoo.client.MessageReceiverService

com.umeng.message.UmengMessageCallbackHandlerService

com.umeng.messge.registercallback.action
com.umeng.message.enablecallback.action
com.umeng.message.disablecallback.action
com.umeng.message.message.handler.action
com.umeng.message.message.sendmessage.action

Android Permissions

9d0d10b499b5d8e75e9c013481c708725d5f6610a026473896ec678ad6ce3fda

Permissions

android.permission.INTERNET

android.permission.READ_CONTACTS

android.permission.WRITE_SETTINGS

android.permission.READ_PHONE_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.WAKE_LOCK

android.permission.BROADCAST_PACKAGE_ADDED

android.permission.BROADCAST_PACKAGE_CHANGED

android.permission.BROADCAST_PACKAGE_INSTALL

android.permission.BROADCAST_PACKAGE_REPLACED

android.permission.RESTART_PACKAGES

android.permission.GET_TASKS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.CHANGE_NETWORK_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.READ_LOGS

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.RECEIVE_USER_PRESENT

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.READ_CALL_LOG

android.permission.SYSTEM_ALERT_WINDOW

com.yscall.kulaidian.permission.MIPUSH_RECEIVE

android.permission.CAMERA

android.permission.FLASHLIGHT

Sharing

General

Malware Config

Signatures

Files

com.yscall.kulaidian

com.yscall.kulaidian.activity.main.WelcomeActivity

Activities

com.yscall.kulaidian.activity.main.WelcomeActivity

com.sina.weibo.sdk.share.WbShareTransActivity

Permissions

Receivers

com.yscall.kulaidian.service.guardian.ExternalReceiver

com.taobao.accs.EventReceiver

com.taobao.accs.ServiceReceiver

com.taobao.agoo.AgooCommondReceiver

org.android.agoo.xiaomi.MiPushBroadcastReceiver

org.android.agoo.huawei.HuaWeiReceiver

Services

com.yscall.kulaidian.service.notification.SystemNotificationService

com.yscall.accessibility.service.MyAccessibilityService

com.taobao.accs.ChannelService

com.taobao.accs.data.MsgDistributeService

org.android.agoo.accs.AgooService

com.umeng.message.UmengIntentService

com.umeng.message.XiaomiIntentService

com.umeng.message.UmengMessageIntentReceiverService

com.umeng.message.UmengMessageCallbackHandlerService

Android Permissions

9d0d10b499b5d8e75e9c013481c708725d5f6610a026473896ec678ad6ce3fda