5b1af9f255f4345962a0fa41dd166a348bc574c18acf12247d3adf13db00e3a2

General

Target

5b1af9f255f4345962a0fa41dd166a348bc574c18acf12247d3adf13db00e3a2
Size

23.4MB
MD5

77c42b050899d9590c4a36c27d1deabe
SHA1

db7d4776d6de3401adde5b1f4d55ec8ee1db9cb5
SHA256

5b1af9f255f4345962a0fa41dd166a348bc574c18acf12247d3adf13db00e3a2
SHA512

a6bf76f288e1806c9cc6faf31380d09d45b93edda6a67ef3c88b292359b5e8e71004098640407b69b260d8f333cb4a714a182fe10f3ac2ac30c5f870058dd207
SSDEEP

393216:Aog5ev0rCGk8q908Hc8oY19GtHIekEsbGK3hrJS1kqV9xad:qrIX9088UG+/iUh6BQ

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 4 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION

Files

5b1af9f255f4345962a0fa41dd166a348bc574c18acf12247d3adf13db00e3a2
.apk android arch:arm

com.sg.android.devil.google

.googleKilldevils

Activities

.googleKilldevils

android.intent.action.MAIN

Permissions

com.android.vending.BILLING
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.READ_LOGS
android.permission.ACCESS_WIFI_STATE
android.permission.SEND_SMS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.CHANGE_WIFI_STATE
android.permission.GET_TASKS
android.permission.ACCESS_FINE_LOCATION
android.permission.RESTART_PACKAGES

Receivers

com.sg.android.google.BillingReceiver

com.android.vending.billing.IN_APP_NOTIFY
com.android.vending.billing.RESPONSE_CODE
com.android.vending.billing.PURCHASE_STATE_CHANGED

Services
alipay_plugin223_0309.apk
.apk android arch:arm

com.alipay.android.app

.activity.Cashier

Activities

.activity.Cashier

android.intent.action.MAIN

.activity.Alerter

android.intent.action.MAIN

.activity.Welcome

android.intent.action.MAIN

.activity.Updater

android.intent.action.MAIN

.activity.PageForBrowser

android.intent.action.VIEW

.activity.CertBiz

android.intent.action.MAIN

.activity.MessageActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.SEND_SMS
com.aliyun.xiaoyunmi.alipay

Receivers

.AlixReceiver

com.aliyun.xiaoyunmi.alipay_exit

Services

.AlixService

com.alipay.android.app.IAlixPay
com.alipay.android.app.IAliPay

Android Permissions

5b1af9f255f4345962a0fa41dd166a348bc574c18acf12247d3adf13db00e3a2

Permissions

com.android.vending.BILLING

android.permission.ACCESS_NETWORK_STATE

android.permission.INTERNET

android.permission.READ_PHONE_STATE

android.permission.READ_LOGS

android.permission.ACCESS_WIFI_STATE

android.permission.SEND_SMS

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.CHANGE_WIFI_STATE

android.permission.GET_TASKS

android.permission.ACCESS_FINE_LOCATION

android.permission.RESTART_PACKAGES

Sharing

General

Malware Config

Signatures

Files

com.sg.android.devil.google

.googleKilldevils

Activities

.googleKilldevils

Permissions

Receivers

com.sg.android.google.BillingReceiver

Services

com.alipay.android.app

.activity.Cashier

Activities

.activity.Cashier

.activity.Alerter

.activity.Welcome

.activity.Updater

.activity.PageForBrowser

.activity.CertBiz

.activity.MessageActivity

Permissions

Receivers

.AlixReceiver

Services

.AlixService

Android Permissions

5b1af9f255f4345962a0fa41dd166a348bc574c18acf12247d3adf13db00e3a2