b381dda0f4b8af38ea756d3f3d9dd263

General

Target

b381dda0f4b8af38ea756d3f3d9dd263
Size

1.5MB
MD5

b381dda0f4b8af38ea756d3f3d9dd263
SHA1

23f7e77450518a3750585794e69903bf0fd2a39a
SHA256

e0e3eb9ffdd5b7a9e2ad5db70daee399f8fa211b7cac92ccd07548d75cb6f909
SHA512

8671fccab4c9f50b05fc258fc0ac15d80f88e424c15ab8da714ccd7058515443cc2e6bb809a840b54c96a1352da0136421ceb0d131fd1134013fba08c6297955
SSDEEP

49152:yc5efSrOAxs31vXbUmhDdFVhqLo7H8h4lpDhOTwp:yjfSi331vgqn57HsCOTk

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 3 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION

Files

b381dda0f4b8af38ea756d3f3d9dd263
.apk android

com.xl.gw.systemappuninstall

.SystemAppUninstall

Activities

.SystemAppUninstall

android.intent.action.MAIN

com.kuguo.pushads.PushAdsActivity

com.android.action_PUSHADSACTIVITY

Permissions

android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.GET_TASKS
android.permission.ACCESS_WIFI_STATE
com.android.launcher.permission.INSTALL_SHORTCUT
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_LOGS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.VIBRATE
android.permission.WAKE_LOCK
com.android.browser.permission.READ_HISTORY_BOOKMARKS
com.android.browser.permission.WRITE_HISTORY_BOOKMARKS

Receivers

com.xl.gw.systemappuninstall.BootReceiver

android.intent.action.BOOT_COMPLETED

com.kuguo.pushads.AdsReceiver

android.intent.action.PACKAGE_ADDED
android.net.wifi.WIFI_STATE_CHANGED

Services

com.airpush.android.PushService

com.airpush.android.PushServiceStart28732
z4root.apk
.apk android arch:arm

com.z4mod.z4root

z4root

Activities

z4root

android.intent.action.MAIN

Permissions

android.permission.WAKE_LOCK
android.permission.INTERNET

Receivers

Android Permissions

b381dda0f4b8af38ea756d3f3d9dd263

Permissions

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_PHONE_STATE

android.permission.GET_TASKS

android.permission.ACCESS_WIFI_STATE

com.android.launcher.permission.INSTALL_SHORTCUT

android.permission.ACCESS_FINE_LOCATION

android.permission.READ_LOGS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.VIBRATE

android.permission.WAKE_LOCK

com.android.browser.permission.READ_HISTORY_BOOKMARKS

com.android.browser.permission.WRITE_HISTORY_BOOKMARKS

Sharing

General

Malware Config

Signatures

Files

com.xl.gw.systemappuninstall

.SystemAppUninstall

Activities

.SystemAppUninstall

com.kuguo.pushads.PushAdsActivity

Permissions

Receivers

com.xl.gw.systemappuninstall.BootReceiver

com.kuguo.pushads.AdsReceiver

Services

com.airpush.android.PushService

com.z4mod.z4root

z4root

Activities

z4root

Permissions

Receivers

Android Permissions

b381dda0f4b8af38ea756d3f3d9dd263