a2e4b69e9e4df408f9aa8770c9be5b13d34a571b41dc46616a335c02a3241af3

General

Target

a2e4b69e9e4df408f9aa8770c9be5b13d34a571b41dc46616a335c02a3241af3
Size

2.2MB
MD5

75c386e3839f369d21dadba9a5c88e66
SHA1

9f70faf1a5b0a34c36e50e4be88fbcf2d7d83a0d
SHA256

a2e4b69e9e4df408f9aa8770c9be5b13d34a571b41dc46616a335c02a3241af3
SHA512

bfebe678632262a8a8fbdb9632db5002a738b18141c6363c10e5a3b9f7d88c1307cf84cd52b3307dbe5342396a37f3097b08c49e9fde1d2ca62d42929a32f989
SSDEEP

24576:LN+OI4FgG4qCndiOOVYCCSuj7wbg1SgCuPA2uPz8VOEF+1EsaP6EOPAARRxy5KIa:ZgGJKw5xLrnPAiEoJXRGKNlczTGr

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 11 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to see the number being dialed during an outgoing call with the option to redirect the call to a different number or abort the call altogether.	android.permission.PROCESS_OUTGOING_CALLS
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to record audio.	android.permission.RECORD_AUDIO

Files

a2e4b69e9e4df408f9aa8770c9be5b13d34a571b41dc46616a335c02a3241af3
.apk android

com.anysoft.tyyd.dz.j1bd1

com.anysoft.tyyd.dz.j1bd1.Loading

Activities

com.anysoft.tyyd.dz.j1bd1.Loading

android.intent.action.MAIN

com.anysoft.tyyd.dz.j1bd1.activities.PlayToolActivity

android.intent.action.VIEW

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

com.anysoft.tyyd.dz.j1bd1.activities.ShareJumpActivity

android.intent.action.VIEW

Permissions

android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCES_MOCK_LOCATION
android.permission.READ_CONTACTS
android.permission.RESTART_PACKAGES
android.permission.PROCESS_OUTGOING_CALLS
android.permission.VIBRATE
android.permission.RECEIVE_SMS
android.permission.SEND_SMS
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.BROADCAST_STICKY
android.permission.GET_ACCOUNTS
android.permission.USE_CREDENTIALS
android.permission.MANAGE_ACCOUNTS
android.permission.RECORD_AUDIO
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
com.android.launcher.permission.READ_SETTINGS

Receivers

com.anysoft.tyyd.dz.j1bd1.services.SmsRecevier

android.provider.Telephony.SMS_RECEIVED

com.anysoft.tyyd.dz.j1bd1.services.GGReceiver

GGReceiver

com.anysoft.tyyd.dz.j1bd1.poll.ConnectReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE

com.anysoft.tyyd.dz.j1bd1.poll.ActionReceiver

com.anysoft.tyyd.dz.j1bd1.Action

com.anysoft.tyyd.dz.j1bd1.yxapi.AppRegister

im.yixin.sdk.api.Intent.ACTION_REFRESH_YXAPP

com.anysoft.tyyd.dz.j1bd1.services.CardReceiver

android.intent.action.MEDIA_MOUNTED
android.intent.action.MEDIA_BAD_REMOVAL
android.intent.action.MEDIA_REMOVED
android.intent.action.MEDIA_UNMOUNTED

Services
alipay_plugin231_0901.apk
.apk android

com.alipay.android.app

.Cashier

Activities

.Cashier

android.intent.action.MAIN

.Alerter

android.intent.action.MAIN

.Welcome

android.intent.action.MAIN

.Updater

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.SEND_SMS
android.permission.ACCESS_COARSE_LOCATION

Services

.AlixService

com.alipay.android.app.IAlixPay
com.alipay.android.app.IAliPay

Android Permissions

a2e4b69e9e4df408f9aa8770c9be5b13d34a571b41dc46616a335c02a3241af3

Permissions

android.permission.BLUETOOTH

android.permission.BLUETOOTH_ADMIN

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.INTERNET

android.permission.READ_PHONE_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCES_MOCK_LOCATION

android.permission.READ_CONTACTS

android.permission.RESTART_PACKAGES

android.permission.PROCESS_OUTGOING_CALLS

android.permission.VIBRATE

android.permission.RECEIVE_SMS

android.permission.SEND_SMS

android.permission.GET_TASKS

android.permission.WRITE_SETTINGS

android.permission.SYSTEM_ALERT_WINDOW

android.permission.BROADCAST_STICKY

android.permission.GET_ACCOUNTS

android.permission.USE_CREDENTIALS

android.permission.MANAGE_ACCOUNTS

android.permission.RECORD_AUDIO

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher.permission.UNINSTALL_SHORTCUT

com.android.launcher.permission.READ_SETTINGS

Sharing

General

Malware Config

Signatures

Files

com.anysoft.tyyd.dz.j1bd1

com.anysoft.tyyd.dz.j1bd1.Loading

Activities

com.anysoft.tyyd.dz.j1bd1.Loading

com.anysoft.tyyd.dz.j1bd1.activities.PlayToolActivity

com.tencent.tauth.AuthActivity

com.anysoft.tyyd.dz.j1bd1.activities.ShareJumpActivity

Permissions

Receivers

com.anysoft.tyyd.dz.j1bd1.services.SmsRecevier

com.anysoft.tyyd.dz.j1bd1.services.GGReceiver

com.anysoft.tyyd.dz.j1bd1.poll.ConnectReceiver

com.anysoft.tyyd.dz.j1bd1.poll.ActionReceiver

com.anysoft.tyyd.dz.j1bd1.yxapi.AppRegister

com.anysoft.tyyd.dz.j1bd1.services.CardReceiver

Services

com.alipay.android.app

.Cashier

Activities

.Cashier

.Alerter

.Welcome

.Updater

Permissions

Services

.AlixService

Android Permissions

a2e4b69e9e4df408f9aa8770c9be5b13d34a571b41dc46616a335c02a3241af3