12eb73d9c72d4b478e71c7bb29b5767b74faff28e81ec60584e0d5da65563c68

General

Target

12eb73d9c72d4b478e71c7bb29b5767b74faff28e81ec60584e0d5da65563c68
Size

16.6MB
MD5

619fca797e16c45e8490aef6ec9a6ca9
SHA1

e3c87b61d2e64b94b608e39f83dc3c53633000a9
SHA256

12eb73d9c72d4b478e71c7bb29b5767b74faff28e81ec60584e0d5da65563c68
SHA512

ab8ddad1070403adb3e07de2fbb856b4037270a5b6d08e6d44cfb68c9ec6c4b2942b6b906a17507a0b4f974550b4552cf6bd6a3b9e1140b18e384f923721bcf2
SSDEEP

393216:KW+o6RG8SD9UTp+4rNBzv9dvxtG5oM/+DzAyf/w8ami:kG5D9UTbvReazAAotmi

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 2 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE

Files

12eb73d9c72d4b478e71c7bb29b5767b74faff28e81ec60584e0d5da65563c68
.apk android arch:arm

com.ciwen.xhb.pad

com.ciwen.xhb.ui.Welcome

Activities

com.ciwen.xhb.ui.Welcome

android.intent.action.MAIN
android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_PHONE_STATE

Receivers

com.ciwen.xhb.reciver.NetState

android.net.conn.CONNECTIVITY_CHANGE

com.yunshang.android.sdk.receiver.MonitorNetWorkReceiver

android.net.conn.CONNECTIVITY_CHANGE

Services

com.yunshang.android.sdk.service.MonitorService

com.yunshang.android.startmonitorservice

com.yunshang.android.sdk.service.DataCloudService

com.yunshang.android.startdatacloudservice
alipay_msp.apk
.apk android arch:arm

com.alipay.android.app

.activity.Cashier

Activities

.activity.Cashier

android.intent.action.MAIN

.activity.Alerter

android.intent.action.MAIN

.activity.Welcome

android.intent.action.MAIN

.activity.Updater

android.intent.action.MAIN

.activity.PageForBrowser

android.intent.action.VIEW

.activity.CertBiz

android.intent.action.MAIN

.activity.MessageActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.SEND_SMS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.RECEIVE_USER_PRESENT
android.permission.VIBRATE
android.permission.CHANGE_NETWORK_STATE
com.alipay.notify.permission.PUSHSERVICE
com.alipay.android.permission.BOOT_COMPLETED
com.alipay.android.app.gphone.SHARE

Receivers

com.alipay.notify.BroadcastActionReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT
android.intent.action.PACKAGE_ADDED

Services

.AlixService

com.alipay.android.app.IAlixPay
com.alipay.android.app.IAliPay

com.alipay.notify.push.NotificationService

com.alipay.notify.push.NotificationService

com.alipay.notify.poll.config.ConfigService

com.alipay.notify.poll.config.ConfigService
ys-service.jar
.apk android

Android Permissions

12eb73d9c72d4b478e71c7bb29b5767b74faff28e81ec60584e0d5da65563c68

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.READ_PHONE_STATE

Sharing

General

Malware Config

Signatures

Files

com.ciwen.xhb.pad

com.ciwen.xhb.ui.Welcome

Activities

com.ciwen.xhb.ui.Welcome

Permissions

Receivers

com.ciwen.xhb.reciver.NetState

com.yunshang.android.sdk.receiver.MonitorNetWorkReceiver

Services

com.yunshang.android.sdk.service.MonitorService

com.yunshang.android.sdk.service.DataCloudService

com.alipay.android.app

.activity.Cashier

Activities

.activity.Cashier

.activity.Alerter

.activity.Welcome

.activity.Updater

.activity.PageForBrowser

.activity.CertBiz

.activity.MessageActivity

Permissions

Receivers

com.alipay.notify.BroadcastActionReceiver

Services

.AlixService

com.alipay.notify.push.NotificationService

com.alipay.notify.poll.config.ConfigService

Android Permissions

12eb73d9c72d4b478e71c7bb29b5767b74faff28e81ec60584e0d5da65563c68