a2e85043758d6456cfaf6394a7ef8567d255f5de39956dc0c9b3d2683531fbcc

Sharing

Copy URL Twitter E-mail

General

Target

a2e85043758d6456cfaf6394a7ef8567d255f5de39956dc0c9b3d2683531fbcc
Size

23.4MB
MD5

b36cf344e398dae06a68642522f2e4ce
SHA1

d19c4c978c81c1ac186adec771c8a03dce211ed1
SHA256

a2e85043758d6456cfaf6394a7ef8567d255f5de39956dc0c9b3d2683531fbcc
SHA512

a23a8dd4eb07f527c08b2683cafd38acd6cbb393dadda7a63a3d6e47f82d7cac23311d878f90a953fae9a595311b055bafad1e75f64507c973f957ab5f6ccc56
SSDEEP

393216:LI4av/9TDyYdYQTJA+JXq8K9A+OXqYT5WD03xcuArx6EOA+7mYrbgWrtt4xW:E4avta4iEMebfWD0Bgx6bDbgWbd

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 1 IoCs

description	ioc
Required by VPN services to bind with the system. Allows apps to provision VPN services.	android.permission.BIND_VPN_SERVICE

Requests dangerous framework permissions 10 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to record audio.	android.permission.RECORD_AUDIO
Required to be able to access the camera device.	android.permission.CAMERA
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS

Files

a2e85043758d6456cfaf6394a7ef8567d255f5de39956dc0c9b3d2683531fbcc
.apk android arch:arm

com.bhu.wifioverlook

com.bhu.wifioverlook.ui.InitAct

Activities

com.bhu.wifioverlook.ui.InitAct

android.intent.action.MAIN

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

de.blinkt.openvpn.api.ConfirmDialog

android.intent.action.MAIN

de.blinkt.openvpn.utils.LaunchVPN

android.intent.action.MAIN

de.blinkt.openvpn.api.GrantPermissionsActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.CHANGE_WIFI_MULTICAST_STATE
adnroid.permission.ACCESS_CHECKIN_PROPERTTES
android.permission.WAKE_LOCK
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.VIBRATE
android.permission.WRITE_SETTINGS
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_COARSE_UPDATES
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.BROADCAST_STICKY
android.permission.SYSTEM_ALERT_WINDOW
android.permission.CHANGE_NETWORK_STATE
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.RECORD_AUDIO
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.DISABLE_KEYGUARD
android.permission.READ_LOGS
android.permission.GET_TASKS
android.permission.CAMERA
android.permission.FLASHLIGHT
android.permission.ACCESS_MTK_MMHW
android.permission.READ_SYNC_SETTINGS
android.permission.WRITE_SYNC_SETTINGS
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
getui.permission.GetuiService.com.bhu.wifioverlook
android.permission.MANAGE_ACCOUNTS
android.permission.GET_ACCOUNTS

Receivers

com.bhu.wifioverlook.model.PushMsgRecv

com.igexin.sdk.action.Wuv3UJ1kQq77NCXiSlUIl

com.igexin.sdk.PushReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT
com.igexin.sdk.action.refreshls
android.intent.action.MEDIA_MOUNTED
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

com.igexin.sdk.PushManagerReceiver

com.igexin.sdk.action.pushmanager

com.igexin.download.DownloadReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.igexin.getuiext.service.PayloadReceiver

com.igexin.sdk.action.7fjUl2Z3LH6xYy7NQK4ni4
com.igexin.sdk.action.Wuv3UJ1kQq77NCXiSlUIl

com.bhu.wifioverlook.UploadUserInfoReceiver

android.net.wifi.STATE_CHANGE

de.blinkt.openvpn.utils.OnBootReceiver

android.intent.action.BOOT_COMPLETED

Services

com.screenlock.ScreenService

com.screenlock.service

de.blinkt.openvpn.core.OpenVPNService

android.net.VpnService

de.blinkt.openvpn.api.ExternalOpenVPNService

de.blinkt.openvpn.api.IOpenVPNAPIService
dynamic.jar
.apk android
dynamic1117.jar
.apk android
gdtadv2.jar
.apk android
libad_v2.jar
.apk android

Android Permissions

a2e85043758d6456cfaf6394a7ef8567d255f5de39956dc0c9b3d2683531fbcc

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_PHONE_STATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.CHANGE_WIFI_MULTICAST_STATE

adnroid.permission.ACCESS_CHECKIN_PROPERTTES

android.permission.WAKE_LOCK

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.VIBRATE

android.permission.WRITE_SETTINGS

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_COARSE_UPDATES

android.permission.ACCESS_LOCATION_EXTRA_COMMANDS

android.permission.BROADCAST_STICKY

android.permission.SYSTEM_ALERT_WINDOW

android.permission.CHANGE_NETWORK_STATE

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.RECORD_AUDIO

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.DISABLE_KEYGUARD

android.permission.READ_LOGS

android.permission.GET_TASKS

android.permission.CAMERA

android.permission.FLASHLIGHT

android.permission.ACCESS_MTK_MMHW

android.permission.READ_SYNC_SETTINGS

android.permission.WRITE_SYNC_SETTINGS

android.permission.BLUETOOTH

android.permission.BLUETOOTH_ADMIN

getui.permission.GetuiService.com.bhu.wifioverlook

android.permission.MANAGE_ACCOUNTS

android.permission.GET_ACCOUNTS

Sharing

General

Malware Config

Signatures

Files

com.bhu.wifioverlook

com.bhu.wifioverlook.ui.InitAct

Activities

com.bhu.wifioverlook.ui.InitAct

com.tencent.tauth.AuthActivity

de.blinkt.openvpn.api.ConfirmDialog

de.blinkt.openvpn.utils.LaunchVPN

de.blinkt.openvpn.api.GrantPermissionsActivity

Permissions

Receivers

com.bhu.wifioverlook.model.PushMsgRecv

com.igexin.sdk.PushReceiver

com.igexin.sdk.PushManagerReceiver

com.igexin.download.DownloadReceiver

com.igexin.getuiext.service.PayloadReceiver

com.bhu.wifioverlook.UploadUserInfoReceiver

de.blinkt.openvpn.utils.OnBootReceiver

Services

com.screenlock.ScreenService

de.blinkt.openvpn.core.OpenVPNService

de.blinkt.openvpn.api.ExternalOpenVPNService

Android Permissions

a2e85043758d6456cfaf6394a7ef8567d255f5de39956dc0c9b3d2683531fbcc