215d10800047f8df07f78f5d7b9efc399e9ffc6beb2ca3be412a39bcd2de8dcf

Sharing

Copy URL Twitter E-mail

General

Target

215d10800047f8df07f78f5d7b9efc399e9ffc6beb2ca3be412a39bcd2de8dcf
Size

23.1MB
MD5

9f609887db882f263d683b3270cb8ed3
SHA1

913d040cad327a897f5449f8443a7e1e1a705c59
SHA256

215d10800047f8df07f78f5d7b9efc399e9ffc6beb2ca3be412a39bcd2de8dcf
SHA512

3997bbdbf0a2bb317d7f8e9ddc90fe28eaeec83cd7b879a8d54e9c26437f5f5501e9bb6d2946d77c8c3bfa2cecfbf14d1f7b455afb25f3b08eb9c2d53fe4269a
SSDEEP

393216:Ge9DMW2vb5fRvUPjDXhP7exT58Qvq+Ua3/qnwZP18/OZUBGj29XwkmwwuJNSs0:JBc9fREjDXhirhnPZP18/OZZsXKwwuJe

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 6 IoCs

description	ioc
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE

Files

215d10800047f8df07f78f5d7b9efc399e9ffc6beb2ca3be412a39bcd2de8dcf
.apk android arch:arm arch:x86

com.duowan.groundhog.mctools

com.duowan.groundhog.mctools.activity.StarActivity

Activities

com.duowan.groundhog.mctools.activity.StarActivity

android.intent.action.MAIN
android.intent.action.VIEW

com.duowan.groundhog.mctools.activity.MainActivity

com.duowan.groundhog.mctools.loginsuc
com.duowan.groundhog.mctools.home

com.duowan.groundhog.mctools.activity.plug.PluginDetailActivity

android.intent.action.VIEW

com.duowan.groundhog.mctools.activity.map.MapDetailActivity

android.intent.action.VIEW

com.duowan.groundhog.mctools.activity.skin.SkinDetailActivity

android.intent.action.VIEW

com.duowan.groundhog.mctools.activity.addon.AddonDetailActivity

android.intent.action.VIEW

com.duowan.groundhog.mctools.activity.texture.TextureDetailActivity

android.intent.action.VIEW

com.duowan.groundhog.mctools.activity.web.WebDirectionsActivity

android.intent.action.VIEW

com.duowan.groundhog.mctools.activity.user.UserHomePageActivity

android.intent.action.VIEW

com.duowan.groundhog.mctools.share.SharePlaformActivity

com.sina.weibo.sdk.action.ACTION_SDK_REQ_ACTIVITY

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

com.duowan.groundhog.mctools.activity.login.LoginActivity

com.duowan.mctools.login

com.duowan.groundhog.mctools.activity.mycontribute.review.MapDetailActivity

android.intent.action.VIEW

com.duowan.groundhog.mctools.activity.mycontribute.review.SkinDetailActivity

android.intent.action.VIEW

com.duowan.groundhog.mctools.activity.seed.SeedDetailActivity

android.intent.action.VIEW

com.duowan.groundhog.mctools.activity.signin.SigninActivity

android.intent.action.MAIN

com.duowan.groundhog.mctools.activity.signin.LuckyRollActivity

android.intent.action.VIEW

com.duowan.groundhog.mctools.activity.switchversion.DownloadGameActivity

com.duowan.groundhog.mctools.action.switchversion

com.duowan.groundhog.mctools.activity.switchversion.DownloadGameActivityOld

com.duowan.groundhog.mctools.action.switchversion

com.duowan.groundhog.mctools.activity.community.TopicDetailActivity

android.intent.action.VIEW

com.duowan.groundhog.mctools.activity.plug.PluginOutsideImportActivity

android.intent.action.VIEW

com.duowan.groundhog.mctools.activity.community.VFansTopicDetailActivity

android.intent.action.VIEW

com.duowan.groundhog.mctools.activity.wallet.MyWalletChargeActivity

com.duowan.groundhog.mctools.action.ACTION_MYWALLET_CHARGE

com.duowan.groundhog.mctools.activity.vip.VipStateNoPayActivity

android.intent.action.VIEW

com.duowan.groundhog.mctools.activity.vip.VipStateHasPayActivity

android.intent.action.VIEW

com.duowan.groundhog.mctools.activity.vip.VipStateHasExpiredActivity

android.intent.action.VIEW

com.tuboshu.sdk.kpay.activity.QQWalletCallbackActivity

android.intent.action.VIEW

Permissions

android.permission.RECORD_AUDIO
android.permission.GET_PERMISSIONS
android.permission.WAKE_LOCK
android.permission.INTERNET
android.permission.VIBRATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_SUPERUSER
android.permission.RESTART_PACKAGES
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.GET_TASKS
android.permission.FORCE_STOP_PACKAGES
android.permission.WRITE_APN_SETTINGS
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.WRITE_SETTINGS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE
android.permission.BROADCAST_PACKAGE_ADDED
android.permission.BROADCAST_PACKAGE_CHANGED
android.permission.BROADCAST_PACKAGE_INSTALL
android.permission.BROADCAST_PACKAGE_REPLACED
android.permission.GET_ACCOUNTS
android.permission.CHANGE_WIFI_STATE
com.yy.android.udbopensdk.app.udb_message
android.permission.READ_EXTERNAL_STORAGE
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.READ_LOGS
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
com.android.launcher.permission.READ_SETTINGS
android.permission.INTERACT_ACROSS_USERS_FULL
android.permission.DELETE_PACKAGES
android.permission.CHANGE_NETWORK_STATE
com.duowan.groundhog.mctools.permission.MIPUSH_RECEIVE

Receivers

com.mcbox.core.update.UpdateReceiver

com.duowan.groundhog.mctools.update.intent.action.ACTION_PROCRESS

com.duowan.groundhog.mctools.activity.message.MessageBroadCastReceiver

duowan_action_application_custom_message

com.duowan.groundhog.mctools.activity.message.NotifyMessageBroadCastReceiver

mctools_action_message_notify_click
mctools_action_message_notify_click_custom
mctools_action_message_notify_delete

com.duowan.groundhog.mctools.activity.appwall.CompleteReceiver

android.intent.action.DOWNLOAD_COMPLETE

com.taobao.accs.EventReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_REMOVED
android.intent.action.USER_PRESENT

com.taobao.accs.ServiceReceiver

com.taobao.accs.intent.action.COMMAND
com.taobao.accs.intent.action.START_FROM_AGOO

com.taobao.agoo.AgooCommondReceiver

com.duowan.groundhog.mctools.intent.action.COMMAND
android.intent.action.PACKAGE_REMOVED

org.android.agoo.xiaomi.MiPushBroadcastReceiver

com.xiaomi.mipush.RECEIVE_MESSAGE
com.xiaomi.mipush.ERROR

org.android.agoo.huawei.HuaWeiReceiver

com.huawei.android.push.intent.REGISTRATION
com.huawei.android.push.intent.RECEIVE
com.huawei.intent.action.PUSH
com.huawei.intent.action.PUSH_STATE

Services

com.taobao.accs.ChannelService

com.taobao.accs.intent.action.SERVICE
com.taobao.accs.intent.action.ELECTION

com.taobao.accs.data.MsgDistributeService

com.taobao.accs.intent.action.RECEIVE

org.android.agoo.accs.AgooService

com.taobao.accs.intent.action.RECEIVE

com.umeng.message.UmengIntentService

org.agoo.android.intent.action.RECEIVE

com.umeng.message.UmengMessageCallbackHandlerService

com.umeng.messge.registercallback.action
com.umeng.message.enablecallback.action
com.umeng.message.disablecallback.action
com.umeng.message.message.handler.action

com.umeng.message.UmengMessageIntentReceiverService

org.android.agoo.client.MessageReceiverService
GooglePlay_1.0.apk
.apk android

com.android.vending

Services

com.android.vending.billing.InAppBillingService

com.android.vending.billing.InAppBillingService.BIND
lp_v100.dat
.apk android

com.mcbox.pesdk.launcher.lib017
lp_v110.dat
.apk android

com.mcbox.pesdk.launcher.lib017
lp_v16.dat
.apk android

com.mcbox.pesdk.launcher.lib016
lp_v17.dat
.apk android

com.mcbox.pesdk.launcher.lib017
lp_v6.dat
.apk android

com.mcbox.pesdk.launcher.lib015
sk.dat
.apk android

com.mcbox.apkplugin

Android Permissions

215d10800047f8df07f78f5d7b9efc399e9ffc6beb2ca3be412a39bcd2de8dcf

Permissions

android.permission.RECORD_AUDIO

android.permission.GET_PERMISSIONS

android.permission.WAKE_LOCK

android.permission.INTERNET

android.permission.VIBRATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_SUPERUSER

android.permission.RESTART_PACKAGES

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.GET_TASKS

android.permission.FORCE_STOP_PACKAGES

android.permission.WRITE_APN_SETTINGS

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.WRITE_SETTINGS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.READ_PHONE_STATE

android.permission.BROADCAST_PACKAGE_ADDED

android.permission.BROADCAST_PACKAGE_CHANGED

android.permission.BROADCAST_PACKAGE_INSTALL

android.permission.BROADCAST_PACKAGE_REPLACED

android.permission.GET_ACCOUNTS

android.permission.CHANGE_WIFI_STATE

com.yy.android.udbopensdk.app.udb_message

android.permission.READ_EXTERNAL_STORAGE

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.READ_LOGS

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher.permission.UNINSTALL_SHORTCUT

com.android.launcher.permission.READ_SETTINGS

android.permission.INTERACT_ACROSS_USERS_FULL

android.permission.DELETE_PACKAGES

android.permission.CHANGE_NETWORK_STATE

com.duowan.groundhog.mctools.permission.MIPUSH_RECEIVE

Sharing

General

Malware Config

Signatures

Files

com.duowan.groundhog.mctools

com.duowan.groundhog.mctools.activity.StarActivity

Activities

com.duowan.groundhog.mctools.activity.StarActivity

com.duowan.groundhog.mctools.activity.MainActivity

com.duowan.groundhog.mctools.activity.plug.PluginDetailActivity

com.duowan.groundhog.mctools.activity.map.MapDetailActivity

com.duowan.groundhog.mctools.activity.skin.SkinDetailActivity

com.duowan.groundhog.mctools.activity.addon.AddonDetailActivity

com.duowan.groundhog.mctools.activity.texture.TextureDetailActivity

com.duowan.groundhog.mctools.activity.web.WebDirectionsActivity

com.duowan.groundhog.mctools.activity.user.UserHomePageActivity

com.duowan.groundhog.mctools.share.SharePlaformActivity

com.tencent.tauth.AuthActivity

com.duowan.groundhog.mctools.activity.login.LoginActivity

com.duowan.groundhog.mctools.activity.mycontribute.review.MapDetailActivity

com.duowan.groundhog.mctools.activity.mycontribute.review.SkinDetailActivity

com.duowan.groundhog.mctools.activity.seed.SeedDetailActivity

com.duowan.groundhog.mctools.activity.signin.SigninActivity

com.duowan.groundhog.mctools.activity.signin.LuckyRollActivity

com.duowan.groundhog.mctools.activity.switchversion.DownloadGameActivity

com.duowan.groundhog.mctools.activity.switchversion.DownloadGameActivityOld

com.duowan.groundhog.mctools.activity.community.TopicDetailActivity

com.duowan.groundhog.mctools.activity.plug.PluginOutsideImportActivity

com.duowan.groundhog.mctools.activity.community.VFansTopicDetailActivity

com.duowan.groundhog.mctools.activity.wallet.MyWalletChargeActivity

com.duowan.groundhog.mctools.activity.vip.VipStateNoPayActivity

com.duowan.groundhog.mctools.activity.vip.VipStateHasPayActivity

com.duowan.groundhog.mctools.activity.vip.VipStateHasExpiredActivity

com.tuboshu.sdk.kpay.activity.QQWalletCallbackActivity

Permissions

Receivers

com.mcbox.core.update.UpdateReceiver

com.duowan.groundhog.mctools.activity.message.MessageBroadCastReceiver

com.duowan.groundhog.mctools.activity.message.NotifyMessageBroadCastReceiver

com.duowan.groundhog.mctools.activity.appwall.CompleteReceiver

com.taobao.accs.EventReceiver

com.taobao.accs.ServiceReceiver

com.taobao.agoo.AgooCommondReceiver

org.android.agoo.xiaomi.MiPushBroadcastReceiver

org.android.agoo.huawei.HuaWeiReceiver

Services

com.taobao.accs.ChannelService

com.taobao.accs.data.MsgDistributeService

org.android.agoo.accs.AgooService

com.umeng.message.UmengIntentService

com.umeng.message.UmengMessageCallbackHandlerService

com.umeng.message.UmengMessageIntentReceiverService

com.android.vending

Services

com.android.vending.billing.InAppBillingService

com.mcbox.pesdk.launcher.lib017

com.mcbox.pesdk.launcher.lib017

com.mcbox.pesdk.launcher.lib016

com.mcbox.pesdk.launcher.lib017

com.mcbox.pesdk.launcher.lib015

com.mcbox.apkplugin

Android Permissions

215d10800047f8df07f78f5d7b9efc399e9ffc6beb2ca3be412a39bcd2de8dcf