d0c3f5e600e75bbe0ff20c7918bbdac8

General

Target

d0c3f5e600e75bbe0ff20c7918bbdac8
Size

4.0MB
MD5

d0c3f5e600e75bbe0ff20c7918bbdac8
SHA1

3bbb5c6a5294a02c2e58121fd449eefc0c185c0b
SHA256

6db3408126da0e3f3b8fce1bf01f28b1aaeeb072a7feedcc7d5005c9550d78e2
SHA512

9701895bed785d060dc03c7c50229f42e4e52ae7de5a282799b1fbac96a7c425e23cbfcf0a44ad3001301e5ab790d2d6e28ae02429292adaea8dd42dbb96d638
SSDEEP

98304:nOFwXBNLXLZX8cp2p7RtKlkt/ZXLXOAs3hN9R0HV/7u274:OF8BFLZ9pYtPt0AsxN2i

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 6 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW

Files

d0c3f5e600e75bbe0ff20c7918bbdac8
.apk android arch:arm

ning.utility.gzmetro

ning.utility.gzmetro.MainActivity

Activities

ning.utility.gzmetro.MainActivity

android.intent.action.MAIN

ning.tools.four.WActivity

android.intent.action.CREATE_SHORTCUT

Permissions

android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_MOCK_LOCATION
android.permission.ACCESS_GPS
android.permission.READ_PHONE_STATE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_LOGS
android.permission.WRITE_SETTINGS
com.google.android.providers.gsf.permission.READ_GSERVICES
android.permission.GET_TASKS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.WAKE_LOCK
android.permission.VIBRATE
android.permission.RESTART_PACKAGES

Receivers

ning.utility.gzmetro.MyViewThree

android.intent.action.PACKAGE_ADDED
android.net.conn.CONNECTIVITY_CHANGE

ning.utility.gzmetro.MyViewFive

android.intent.action.PACKAGE_ADDED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT

ning.utility.gzmetro.MyViewEight

android.intent.action.PACKAGE_ADDED
android.net.conn.CONNECTIVITY_CHANGE

ning.tools.four.KReceiver

android.intent.action.PACKAGE_ADDED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT

ning.tools.five.LCReceiver

android.intent.action.PACKAGE_ADDED
android.net.conn.CONNECTIVITY_CHANGE

Services
alipay-newmsp-5.0.9.apk
.apk android arch:arm arch:x86

com.alipay.android.app

com.alipay.android.app.pay.MainActivity

Activities

com.alipay.android.app.pay.MainActivity

android.intent.action.MAIN

com.alipay.android.app.pay.TransContainer

android.intent.action.MAIN

com.alipay.android.app.pay.HyperlinkActivity

android.intent.action.MAIN

com.alipay.android.app.pay.PageForBrowser

android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_FINE_LOCATION
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.RECEIVE_USER_PRESENT
android.permission.VIBRATE
android.permission.CHANGE_NETWORK_STATE
com.alipay.notify.permission.PUSHSERVICE
com.alipay.android.permission.BOOT_COMPLETED
com.alipay.android.app.gphone.SHARE

Receivers

com.alipay.notify.BroadcastActionReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT

Services

com.alipay.android.app.MspService

com.alipay.android.app.IAlixPay
com.alipay.android.app.IAliPay

com.alipay.notify.push.NotificationService

com.alipay.notify.push.NotificationService

com.alipay.notify.poll.config.ConfigService

com.alipay.notify.poll.config.ConfigService

Android Permissions

d0c3f5e600e75bbe0ff20c7918bbdac8

Permissions

android.permission.ACCESS_NETWORK_STATE

android.permission.INTERNET

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_MOCK_LOCATION

android.permission.ACCESS_GPS

android.permission.READ_PHONE_STATE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.READ_LOGS

android.permission.WRITE_SETTINGS

com.google.android.providers.gsf.permission.READ_GSERVICES

android.permission.GET_TASKS

android.permission.SYSTEM_ALERT_WINDOW

android.permission.WAKE_LOCK

android.permission.VIBRATE

android.permission.RESTART_PACKAGES

Sharing

General

Malware Config

Signatures

Files

ning.utility.gzmetro

ning.utility.gzmetro.MainActivity

Activities

ning.utility.gzmetro.MainActivity

ning.tools.four.WActivity

Permissions

Receivers

ning.utility.gzmetro.MyViewThree

ning.utility.gzmetro.MyViewFive

ning.utility.gzmetro.MyViewEight

ning.tools.four.KReceiver

ning.tools.five.LCReceiver

Services

com.alipay.android.app

com.alipay.android.app.pay.MainActivity

Activities

com.alipay.android.app.pay.MainActivity

com.alipay.android.app.pay.TransContainer

com.alipay.android.app.pay.HyperlinkActivity

com.alipay.android.app.pay.PageForBrowser

Permissions

Receivers

com.alipay.notify.BroadcastActionReceiver

Services

com.alipay.android.app.MspService

com.alipay.notify.push.NotificationService

com.alipay.notify.poll.config.ConfigService

Android Permissions

d0c3f5e600e75bbe0ff20c7918bbdac8