1bdf07868c52ea9bcf78d3d7d555fb9bb25002a359854d7033605e4c2479a738

General

Target

1bdf07868c52ea9bcf78d3d7d555fb9bb25002a359854d7033605e4c2479a738
Size

28.0MB
MD5

c2bc605457a0460eed0b671cf5ce942a
SHA1

37d0b8c100c099ead98d9ade4030b53eb8882876
SHA256

1bdf07868c52ea9bcf78d3d7d555fb9bb25002a359854d7033605e4c2479a738
SHA512

d245f97a846c91c20e061b1840ec2a5efe3edce40640ee31a4845f80a2bd11e2b597f814b06beafa4f2c71c8513e19a56e0159698c45c355f43bcc291ceb7174
SSDEEP

786432:Fj0KyW1Tkk6jNh6nRBN3iNbchN8lJAMWpct13y+YHMwIysHa:B0vW1Tkk6Bh6nRBkQuJAMW67VCMksHa

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 9 IoCs

description	ioc
Required to be able to access the camera device.	android.permission.CAMERA
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE

Files

1bdf07868c52ea9bcf78d3d7d555fb9bb25002a359854d7033605e4c2479a738
.apk android arch:arm

cn.els.bhrw.app

cn.els.bhrw.app.activity.SplashActivity

Activities

cn.els.bhrw.app.activity.SplashActivity

android.intent.action.MAIN
android.intent.action.VIEW

com.mob.tools.MobUIShell

android.intent.action.VIEW
com.sina.weibo.sdk.action.ACTION_SDK_REQ_ACTIVITY

cn.els.bhrw.app.activity.PaymentActivity

android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.CAMERA
android.permission.VIBRATE
android.permission.GET_TASKS
android.permission.WAKE_LOCK
android.permission.READ_LOGS
android.permission.GET_ACCOUNTS
android.permission.RECORD_AUDIO
android.permission.WRITE_SETTINGS
android.permission.MANAGE_ACCOUNTS
android.permission.USE_CREDENTIALS
android.permission.DISABLE_KEYGUARD
android.permission.READ_PHONE_STATE
android.permission.BROADCAST_STICKY
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_CONFIGURATION
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.AUTHENTICATE_ACCOUNTS
android.permission.ACCESS_COARSE_LOCATION
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_DOWNLOAD_MANAGER
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
android.permission.EXPAND_STATUS_BAR
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.RECEIVE_BOOT_COMPLETED
com.android.launcher.permission.READ_SETTINGS
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.BLUETOOTH_PRIVILEGED
android.permission.READ_EXTERNAL_STORAGE
android.permission.BROADCAST_PACKAGE_ADDED
android.permission.BROADCAST_PACKAGE_CHANGED
android.permission.BROADCAST_PACKAGE_INSTALL
android.permission.BROADCAST_PACKAGE_REPLACED
android.permission.RESTART_PACKAGES
android.permission.CHANGE_NETWORK_STATE
android.permission.FLASHLIGHT

Receivers

cn.els.bhrw.app.receiver.ApkInstallReceiver

android.intent.action.DOWNLOAD_COMPLETE

cn.els.bhrw.app.receiver.AlarmDrinkReceiver

cn.els.drink.alarm

cn.els.bhrw.app.receiver.AlarmDrugReceiver

cn.els.drug.alarm

com.taobao.accs.EventReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_REMOVED
android.intent.action.USER_PRESENT

com.taobao.accs.ServiceReceiver

com.taobao.accs.intent.action.COMMAND
com.taobao.accs.intent.action.START_FROM_AGOO

com.taobao.agoo.AgooCommondReceiver

cn.els.bhrw.app.intent.action.COMMAND
android.intent.action.PACKAGE_REMOVED

com.today.step.lib.TodayStepBootCompleteReceiver

android.intent.action.BOOT_COMPLETED

com.today.step.lib.TodayStepShutdownReceiver

android.intent.action.ACTION_SHUTDOWN

Services

cn.els.bhrw.app.service.StepService

android.intent.action.BOOT_COMPLETED
android.intent.action.DATE_CHANGED
android.intent.action.MEDIA_MOUNTED
android.intent.action.USER_PRESENT
android.intent.action.ACTION_TIME_TICK
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

com.taobao.accs.ChannelService

com.taobao.accs.intent.action.SERVICE
com.taobao.accs.intent.action.ELECTION

com.taobao.accs.data.MsgDistributeService

com.taobao.accs.intent.action.RECEIVE

org.android.agoo.accs.AgooService

com.taobao.accs.intent.action.RECEIVE

com.umeng.message.UmengIntentService

org.agoo.android.intent.action.RECEIVE

com.umeng.message.XiaomiIntentService

org.agoo.android.intent.action.RECEIVE

com.umeng.message.UmengMessageIntentReceiverService

org.android.agoo.client.MessageReceiverService

com.umeng.message.UmengMessageCallbackHandlerService

com.umeng.messge.registercallback.action
com.umeng.message.enablecallback.action
com.umeng.message.disablecallback.action
com.umeng.message.message.handler.action
com.umeng.message.message.sendmessage.action

com.today.step.lib.TodayStepService

android.intent.action.BOOT_COMPLETED
android.intent.action.DATE_CHANGED
android.intent.action.MEDIA_MOUNTED
android.intent.action.USER_PRESENT
android.intent.action.ACTION_TIME_TICK
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

Android Permissions

1bdf07868c52ea9bcf78d3d7d555fb9bb25002a359854d7033605e4c2479a738

Permissions

android.permission.INTERNET

android.permission.CAMERA

android.permission.VIBRATE

android.permission.GET_TASKS

android.permission.WAKE_LOCK

android.permission.READ_LOGS

android.permission.GET_ACCOUNTS

android.permission.RECORD_AUDIO

android.permission.WRITE_SETTINGS

android.permission.MANAGE_ACCOUNTS

android.permission.USE_CREDENTIALS

android.permission.DISABLE_KEYGUARD

android.permission.READ_PHONE_STATE

android.permission.BROADCAST_STICKY

android.permission.CHANGE_WIFI_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_NETWORK_STATE

android.permission.CHANGE_CONFIGURATION

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.AUTHENTICATE_ACCOUNTS

android.permission.ACCESS_COARSE_LOCATION

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_DOWNLOAD_MANAGER

android.permission.DOWNLOAD_WITHOUT_NOTIFICATION

android.permission.EXPAND_STATUS_BAR

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.RECEIVE_BOOT_COMPLETED

com.android.launcher.permission.READ_SETTINGS

android.permission.BLUETOOTH

android.permission.BLUETOOTH_ADMIN

android.permission.BLUETOOTH_PRIVILEGED

android.permission.READ_EXTERNAL_STORAGE

android.permission.BROADCAST_PACKAGE_ADDED

android.permission.BROADCAST_PACKAGE_CHANGED

android.permission.BROADCAST_PACKAGE_INSTALL

android.permission.BROADCAST_PACKAGE_REPLACED

android.permission.RESTART_PACKAGES

android.permission.CHANGE_NETWORK_STATE

android.permission.FLASHLIGHT

Sharing

General

Malware Config

Signatures

Files

cn.els.bhrw.app

cn.els.bhrw.app.activity.SplashActivity

Activities

cn.els.bhrw.app.activity.SplashActivity

com.mob.tools.MobUIShell

cn.els.bhrw.app.activity.PaymentActivity

Permissions

Receivers

cn.els.bhrw.app.receiver.ApkInstallReceiver

cn.els.bhrw.app.receiver.AlarmDrinkReceiver

cn.els.bhrw.app.receiver.AlarmDrugReceiver

com.taobao.accs.EventReceiver

com.taobao.accs.ServiceReceiver

com.taobao.agoo.AgooCommondReceiver

com.today.step.lib.TodayStepBootCompleteReceiver

com.today.step.lib.TodayStepShutdownReceiver

Services

cn.els.bhrw.app.service.StepService

com.taobao.accs.ChannelService

com.taobao.accs.data.MsgDistributeService

org.android.agoo.accs.AgooService

com.umeng.message.UmengIntentService

com.umeng.message.XiaomiIntentService

com.umeng.message.UmengMessageIntentReceiverService

com.umeng.message.UmengMessageCallbackHandlerService

com.today.step.lib.TodayStepService

Android Permissions

1bdf07868c52ea9bcf78d3d7d555fb9bb25002a359854d7033605e4c2479a738