a0a93e69689655936899efee6acbb70958c8fb6ed1b6f76b48bd4e7debb7ee24

General

Target

a0a93e69689655936899efee6acbb70958c8fb6ed1b6f76b48bd4e7debb7ee24
Size

29.3MB
MD5

b57cd5589b6e08724e789053b501c3bb
SHA1

6bf162e74b12b91629e986ed0b049b557fb17cb8
SHA256

a0a93e69689655936899efee6acbb70958c8fb6ed1b6f76b48bd4e7debb7ee24
SHA512

8a661d4670a509717609d1dc8a9d28359cb8bfa947ba23b7639bdcb219379df9a9fea547202965821974029377f8f00609c160ba7b714d551254dac00abf5d7b
SSDEEP

393216:po0R6ADmv4Q+OiW1RIR99MHT46clRkyCLMlpfn/OVtdsfKRTtolyDxIQhxmf1ujw:eX0qyos6cHjLfn/6tGfYTrhxmfEa

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 10 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access location in the background.	android.permission.ACCESS_BACKGROUND_LOCATION
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS

Files

a0a93e69689655936899efee6acbb70958c8fb6ed1b6f76b48bd4e7debb7ee24
.apk android arch:arm64 arch:arm arch:x86

com.njky.mnxsrkp.nearme.gamecenter

com.example.carson_ho.webview_demo.utils.LandSplashActivity

Activities

com.example.carson_ho.webview_demo.utils.LandSplashActivity

android.intent.action.MAIN

Permissions

android.permission.WAKE_LOCK
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECORD_AUDIO
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.VIBRATE
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_BACKGROUND_LOCATION
android.permission.GET_TASKS
android.permission.QUERY_ALL_PACKAGES
android.permission.CHANGE_NETWORK_STATE
com.asus.msa.SupplementaryDID.ACCESS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.USE_CREDENTIALS
android.permission.GET_ACCOUNTS

Receivers

com.nearme.game.sdk.component.proxy.ProxyUserCenterOperateReceiver

com.oppo.usercenter.account_login
com.oppo.usercenter.account_logout
com.oppo.usercenter.modify_name
com.usercenter.action.receiver.account_login
com.heytap.usercenter.account_logout

Services

com.ss.android.socialbase.downloader.downloader.IndependentProcessDownloadService

com.ss.android.socialbase.downloader.remote
gdtadv2.jar
.apk android arch:arm64 arch:arm
nearme.apk
.apk android arch:arm

com.nearme.atlas

com.nearme.oppowallet.activity.WalletEntryActivity

Activities

com.nearme.plugin.pay.activity.MainChargeActivity

nearme.plugin.host.startup.action.single_pay
android.intent.action.VIEW

com.nearme.plugin.pay.activity.WeChatPayActivity

android.intent.action.VIEW

com.nearme.atlas.qqwallet.MqqPayCallbackActivity

android.intent.action.VIEW

com.nearme.atlas.alipay.FastAlipaySettingAcitviy

nearme.atlas.settings.fastalipay

com.nearme.atlas.alipay.FastAlipaySignCallbackAcitviy

android.intent.action.VIEW
android.intent.action.VIEW

com.nearme.oppowallet.activity.WalletEntryActivity

android.intent.action.MAIN
android.intent.action.VIEW

com.coloros.lifestyle.WebActivity

com.coloros.lifestyle.action.innerbrowser

com.nearme.plugin.pay.activity.QRCodePayActivity

com.nearme.pay.qrcode
com.nearme.pay.qrscan

Permissions

android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.RESTART_PACKAGES
android.permission.READ_PHONE_STATE
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.RECEIVE_SMS
android.permission.READ_EXTERNAL_STORAGE
android.permission.VIBRATE
android.permission.GET_ACCOUNTS
android.permission.AUTHENTICATE_ACCOUNTS
android.permission.READ_SETTINGS
android.permission.READ_LOGS
android.permission.GET_TASKS
android.permission.DISABLE_KEYGUARD
android.permission.CHANGE_CONFIGURATION
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.RUN_INSTRUMENTATION
android.permission.WRITE_SETTINGS
com.oppo.findmyphone.permission.AUTH_TOKEN
com.android.launcher.permission.INSTALL_SHORTCUT
android.permission.READ_CONTACTS
android.permission.CALL_PHONE
android.permission.REORDER_TASKS
android.permission.VIBRATE
android.permission.CAMERA

Receivers

com.nearme.plugin.pay.receiver.ProcessReceiver

com.nearme.plugin.pay.action.directpay

com.nearme.atlas.wxapi.AppRegister

com.tencent.mm.plugin.openapi.Intent.ACTION_REFRESH_WXAPP

com.oppo.usercenter.sdk.helper.UserCenterOperateReceiver

com.oppo.usercenter.account_login
com.oppo.usercenter.account_logout
com.oppo.usercenter.modify_name

com.oppo.usercenter.sdk.helper.UserCenterOperateReceiver

com.oppo.usercenter.account_login
com.oppo.usercenter.account_logout
com.oppo.usercenter.modify_name

Services

.PayActionService

com.oppo.action.PAY_ACTION
oppo_game_service_301004.so
.apk android arch:arm64 arch:arm

com.nearme.game.service

com.nearme.game.service.ui.activity.PermissionActivity

Activities

com.oppo.usercenter.opensdk.dialog.register.UserCenterOperateActivity

com.oppo.usercenter.opensdk_register_dialog

Permissions

android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_PHONE_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.GET_ACCOUNTS
android.permission.USE_CREDENTIALS
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.INTERNET
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.RECEIVE_SMS
android.permission.WRITE_SMS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.GET_TASKS
android.permission.CHANGE_NETWORK_STATE
android.permission.QUERY_ALL_PACKAGES
android.permission.READ_PRIVILEGED_PHONE_STATE

Receivers

com.heytap.usercenter.accountsdk.utils.app.UserCenterOperateReceiver

com.usercenter.action.receiver.SUPPORT_LOGIN

Services

Android Permissions

a0a93e69689655936899efee6acbb70958c8fb6ed1b6f76b48bd4e7debb7ee24

Permissions

android.permission.WAKE_LOCK

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.RECORD_AUDIO

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.ACCESS_WIFI_STATE

android.permission.READ_PHONE_STATE

android.permission.VIBRATE

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_BACKGROUND_LOCATION

android.permission.GET_TASKS

android.permission.QUERY_ALL_PACKAGES

android.permission.CHANGE_NETWORK_STATE

com.asus.msa.SupplementaryDID.ACCESS

android.permission.SYSTEM_ALERT_WINDOW

android.permission.USE_CREDENTIALS

android.permission.GET_ACCOUNTS

Sharing

General

Malware Config

Signatures

Files

com.njky.mnxsrkp.nearme.gamecenter

com.example.carson_ho.webview_demo.utils.LandSplashActivity

Activities

com.example.carson_ho.webview_demo.utils.LandSplashActivity

Permissions

Receivers

com.nearme.game.sdk.component.proxy.ProxyUserCenterOperateReceiver

Services

com.ss.android.socialbase.downloader.downloader.IndependentProcessDownloadService

com.nearme.atlas

com.nearme.oppowallet.activity.WalletEntryActivity

Activities

com.nearme.plugin.pay.activity.MainChargeActivity

com.nearme.plugin.pay.activity.WeChatPayActivity

com.nearme.atlas.qqwallet.MqqPayCallbackActivity

com.nearme.atlas.alipay.FastAlipaySettingAcitviy

com.nearme.atlas.alipay.FastAlipaySignCallbackAcitviy

com.nearme.oppowallet.activity.WalletEntryActivity

com.coloros.lifestyle.WebActivity

com.nearme.plugin.pay.activity.QRCodePayActivity

Permissions

Receivers

com.nearme.plugin.pay.receiver.ProcessReceiver

com.nearme.atlas.wxapi.AppRegister

com.oppo.usercenter.sdk.helper.UserCenterOperateReceiver

com.oppo.usercenter.sdk.helper.UserCenterOperateReceiver

Services

.PayActionService

com.nearme.game.service

com.nearme.game.service.ui.activity.PermissionActivity

Activities

com.oppo.usercenter.opensdk.dialog.register.UserCenterOperateActivity

Permissions

Receivers

com.heytap.usercenter.accountsdk.utils.app.UserCenterOperateReceiver

Services

Android Permissions

a0a93e69689655936899efee6acbb70958c8fb6ed1b6f76b48bd4e7debb7ee24