Overview

overview

6

Static

static

6

508d52a5a3...e6.apk

android-9-x86

1

dmss_v2.apk

android-9-x86

dmss_v2.apk

android-10-x64

dmss_v2.apk

android-11-x64

oclt_v3.apk

android-9-x86

oclt_v3.apk

android-10-x64

oclt_v3.apk

android-11-x64

oclt_v6.apk

android-9-x86

oclt_v6.apk

android-10-x64

oclt_v6.apk

android-11-x64

qsms.apk

android-9-x86

1

qsms.apk

android-10-x64

1

qsms.apk

android-11-x64

1

p1.apk

android-9-x86

p1.apk

android-10-x64

p1.apk

android-11-x64

wifipush_internal.apk

android-9-x86

wifipush_internal.apk

android-10-x64

wifipush_internal.apk

android-11-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    508d52a5a3061f18ff9b0d5ad41130606f24f1619ca3f9a0c91c4a36a818d2e6

  • Size

    12.5MB

  • MD5

    57b6be1faaffa9ddfc784f94941b12e1

  • SHA1

    1711be0743bbcdfc87f34e344347cadf8ebfe723

  • SHA256

    508d52a5a3061f18ff9b0d5ad41130606f24f1619ca3f9a0c91c4a36a818d2e6

  • SHA512

    b624e5ffc7fadd8aa47d9338e7e21a4d7d85552a0c10e7db1f99a38bc5bbb10c2cea9b11103e0e38795feb0e6f23e78f2d6fb380191d2d832cfea47cb6a94fb1

  • SSDEEP

    196608:EJal1POs89lIczP/9x7e68033UbSQ+QuN+MBEOMxIzCN4Ngd0AcTbpKbmam:EYl787hzH9xKqnTz2MyIzCNOAcaK

Score
6/10

Malware Config

Signatures

  • Declares broadcast receivers with permission to handle system events 1 IoCs
  • Declares services with permission to bind to the system 2 IoCs
  • Requests dangerous framework permissions 17 IoCs

Files

  • 508d52a5a3061f18ff9b0d5ad41130606f24f1619ca3f9a0c91c4a36a818d2e6
    .apk android arch:arm

    com.mobikeeper.jcdm

    com.mobikeeper.sjgj.gui.SplashScreenAcitivity


  • dmss_v2.jar
    .apk android
  • oclt_v3.jar
    .apk android
  • oclt_v6.jar
    .apk android
  • qsms.jar
    .apk android

    com.qihoo360.mobilesafe.qsms


  • p1.jar
    .apk android
  • wifipush_internal.dwt
    .apk android

Android Permissions

508d52a5a3061f18ff9b0d5ad41130606f24f1619ca3f9a0c91c4a36a818d2e6

Permissions

com.android.launcher3.permission.INSTALL_SHORTCUT

android.permission.BATTERY_STATS

android.permission.INJECT_EVENTS

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher.permission.UNINSTALL_SHORTCUT

com.android.launcher.permission.READ_SETTINGS

com.huawei.launcher3.permission.WRITE_SETTINGS

android.permission.WRITE_SECURE_SETTINGS

android.permission.WRITE_SETTINGS

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.WAKE_LOCK

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.CHANGE_NETWORK_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.INTERNET

android.permission.VIBRATE

android.permission.CHANGE_CONFIGURATION

android.permission.GET_TASKS

android.permission.CAMERA

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_DOWNLOAD_MANAGER

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher.permission.UNINSTALL_SHORTCUT

android.permission.SYSTEM_ALERT_WINDOW

oppo.permission.OPPO_COMPONENT_SAFE

android.permission.GET_PACKAGE_SIZE

android.permission.CLEAR_APP_CACHE

android.permission.RESTART_PACKAGES

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.REORDER_TASKS

android.permission.GET_ACCOUNTS

android.permission.CALL_PHONE

android.permission.MODIFY_PHONE_STATE

android.permission.DELETE_CACHE_FILES

com.mobikeeper.sjgj.update.permission.partner_vdb

com.qihoo.antivirus.update.permission.block_sdk_107409

android.permission.READ_CALL_LOG

android.permission.READ_CONTACTS

android.permission.READ_PHONE_STATE

android.permission.PROCESS_OUTGOING_CALLS

android.permission.MODIFY_PHONE_STATE

android.permission.READ_SYNC_SETTINGS

android.permission.WRITE_SYNC_SETTINGS

android.permission.AUTHENTICATE_ACCOUNTS

android.permission.READ_SMS

android.permission.SEND_SMS