flytrap | 070e039a3e133fd553a0d921eb5a93290661bd244afc484797c8ea2059bcf5d1

General

Target

070e039a3e133fd553a0d921eb5a93290661bd244afc484797c8ea2059bcf5d1
Size

21.5MB
MD5

e9308e5b7dfe149bc5dc44e3bf4dc05c
SHA1

4cfbc029430534e0dde2ea2b4930be4165531438
SHA256

070e039a3e133fd553a0d921eb5a93290661bd244afc484797c8ea2059bcf5d1
SHA512

e50090a276e259eac7e9829b5ec44e68ef1590a17b21ac4b055df716aa1b0730841c1b0da6a59ff1e20a15054dcd01c832d99e4926cc69a966c51137d0e76947
SSDEEP

393216:jMxcz2p1zfNiVT4CFq0c0kHf6K41YneIgPrqNuy/WkEUkWv:0oe1rNgT60cJiR1Xz1y/WkEUtv

Score

10^/10

flytrap

Malware Config

Signatures

Flytrap family
flytrap

Requests dangerous framework permissions 11 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS

Files

070e039a3e133fd553a0d921eb5a93290661bd244afc484797c8ea2059bcf5d1
.apk android arch:arm64 arch:arm arch:mips arch:mips64 arch:x86 arch:x64

com.leho.manicure

com.leho.manicure.ui.PreparePage3

Activities

com.leho.manicure.ui.PreparePage3

android.intent.action.MAIN

com.leho.manicure.ui.activity.EntranceOuterCalledActivity

android.intent.action.VIEW

com.leho.manicure.ui.activity.PublishEvaluationSuccessActivity

com.sina.weibo.sdk.action.ACTION_SDK_REQ_ACTIVITY

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

com.leho.manicure.wxapi.WXEntryActivity

android.intent.action.VIEW

com.leho.manicure.ui.activity.ConversationActivity

android.intent.action.VIEW

Permissions

android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WAKE_LOCK
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.GET_TASKS
android.permission.CALL_PHONE
android.permission.RECEIVE_USER_PRESENT
android.permission.READ_EXTERNAL_STORAGE
android.permission.VIBRATE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.CHANGE_NETWORK_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WRITE_SETTINGS
android.permission.DISABLE_KEYGUARD
android.permission.MANAGE_DOCUMENTS
android.permission.READ_LOGS
android.permission.CAMERA
android.permission.CHANGE_CONFIGURATION
android.permission.RECORD_AUDIO
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.READ_CONTACTS
android.permission.INTERACT_ACROSS_USERS_FULL
android.permission.BROADCAST_PACKAGE_ADDED
android.permission.BROADCAST_PACKAGE_CHANGED
android.permission.BROADCAST_PACKAGE_INSTALL
android.permission.BROADCAST_PACKAGE_REPLACED
android.permission.RESTART_PACKAGES

Receivers

com.umeng.message.SystemReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_REMOVED

com.umeng.message.MessageReceiver

org.agoo.android.intent.action.RECEIVE

com.umeng.message.ElectionReceiver

org.agoo.android.intent.action.ELECTION_RESULT_V4

com.umeng.message.RegistrationReceiver

com.leho.manicure.intent.action.COMMAND

com.umeng.message.UmengMessageBootReceiver

android.intent.action.BOOT_COMPLETED

io.rong.imlib.ipc.PushMessageReceiver

io.rong.push.message

io.rong.push.PushReceiver

io.rong.imlib.action.push.heartbeat
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.BOOT_COMPLETED
android.intent.action.USER_PRESENT
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED
android.intent.action.PACKAGE_REMOVED

Services

com.leho.manicure.service.CacheService

com.leho.manicure.service.CacheService

com.leho.manicure.service.UmengService

com.leho.manicure.service.UmengService

com.umeng.message.UmengService

com.leho.manicure.intent.action.START
com.leho.manicure.intent.action.COCKROACH
org.agoo.android.intent.action.PING_V4

com.umeng.message.UmengMessageIntentReceiverService

org.android.agoo.client.MessageReceiverService
org.android.agoo.client.ElectionReceiverService

com.umeng.message.UmengMessageCallbackHandlerService

com.umeng.messge.registercallback.action
com.umeng.message.unregistercallback.action
com.umeng.message.message.handler.action
com.umeng.message.autoupdate.handler.action

io.rong.push.PushService

io.rong.push

io.rong.push.CommandService

io.rong.command
alipay_msp.apk
.apk android arch:arm

com.alipay.android.app

.activity.Cashier

Activities

.activity.Cashier

android.intent.action.MAIN

.activity.Alerter

android.intent.action.MAIN

.activity.Welcome

android.intent.action.MAIN

.activity.Updater

android.intent.action.MAIN

.activity.PageForBrowser

android.intent.action.VIEW

.activity.CertBiz

android.intent.action.MAIN

.activity.MessageActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.SEND_SMS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.RECEIVE_USER_PRESENT
android.permission.VIBRATE
android.permission.CHANGE_NETWORK_STATE
com.alipay.notify.permission.PUSHSERVICE
com.alipay.android.permission.BOOT_COMPLETED
com.alipay.android.app.gphone.SHARE

Receivers

com.alipay.notify.BroadcastActionReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT
android.intent.action.PACKAGE_ADDED

Services

.AlixService

com.alipay.android.app.IAlixPay
com.alipay.android.app.IAliPay

com.alipay.notify.push.NotificationService

com.alipay.notify.push.NotificationService

com.alipay.notify.poll.config.ConfigService

com.alipay.notify.poll.config.ConfigService

Android Permissions

070e039a3e133fd553a0d921eb5a93290661bd244afc484797c8ea2059bcf5d1

Permissions

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.READ_PHONE_STATE

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.WAKE_LOCK

android.permission.CHANGE_WIFI_STATE

android.permission.ACCESS_COARSE_LOCATION

android.permission.GET_TASKS

android.permission.CALL_PHONE

android.permission.RECEIVE_USER_PRESENT

android.permission.READ_EXTERNAL_STORAGE

android.permission.VIBRATE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.SYSTEM_ALERT_WINDOW

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_LOCATION_EXTRA_COMMANDS

android.permission.CHANGE_NETWORK_STATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.WRITE_SETTINGS

android.permission.DISABLE_KEYGUARD

android.permission.MANAGE_DOCUMENTS

android.permission.READ_LOGS

android.permission.CAMERA

android.permission.CHANGE_CONFIGURATION

android.permission.RECORD_AUDIO

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.READ_CONTACTS

android.permission.INTERACT_ACROSS_USERS_FULL

android.permission.BROADCAST_PACKAGE_ADDED

android.permission.BROADCAST_PACKAGE_CHANGED

android.permission.BROADCAST_PACKAGE_INSTALL

android.permission.BROADCAST_PACKAGE_REPLACED

android.permission.RESTART_PACKAGES

Sharing

General

Malware Config

Signatures

Files

com.leho.manicure

com.leho.manicure.ui.PreparePage3

Activities

com.leho.manicure.ui.PreparePage3

com.leho.manicure.ui.activity.EntranceOuterCalledActivity

com.leho.manicure.ui.activity.PublishEvaluationSuccessActivity

com.tencent.tauth.AuthActivity

com.leho.manicure.wxapi.WXEntryActivity

com.leho.manicure.ui.activity.ConversationActivity

Permissions

Receivers

com.umeng.message.SystemReceiver

com.umeng.message.MessageReceiver

com.umeng.message.ElectionReceiver

com.umeng.message.RegistrationReceiver

com.umeng.message.UmengMessageBootReceiver

io.rong.imlib.ipc.PushMessageReceiver

io.rong.push.PushReceiver

Services

com.leho.manicure.service.CacheService

com.leho.manicure.service.UmengService

com.umeng.message.UmengService

com.umeng.message.UmengMessageIntentReceiverService

com.umeng.message.UmengMessageCallbackHandlerService

io.rong.push.PushService

io.rong.push.CommandService

com.alipay.android.app

.activity.Cashier

Activities

.activity.Cashier

.activity.Alerter

.activity.Welcome

.activity.Updater

.activity.PageForBrowser

.activity.CertBiz

.activity.MessageActivity

Permissions

Receivers

com.alipay.notify.BroadcastActionReceiver

Services

.AlixService

com.alipay.notify.push.NotificationService

com.alipay.notify.poll.config.ConfigService

Android Permissions

070e039a3e133fd553a0d921eb5a93290661bd244afc484797c8ea2059bcf5d1