543194aa1d2ddd085dea3173faef3ae08fbcd64322ed6887e713ed9efbf57973

General

Target

543194aa1d2ddd085dea3173faef3ae08fbcd64322ed6887e713ed9efbf57973
Size

7.0MB
MD5

003bfda553eee1d46d58e7332cb1add5
SHA1

9fecefadf0cb3f1a7d87a2cd9688820b382810f1
SHA256

543194aa1d2ddd085dea3173faef3ae08fbcd64322ed6887e713ed9efbf57973
SHA512

1a372dcd6d8a35b9c6f76c95755f2d538a613113721d591ecce720fde47ce82603124dc227a65398828d24510a5c21b926cbf5722ba12192bb6e312b9b9652c0
SSDEEP

98304:aupcKjChXHOf/tLOvD0VUAzLwPbedd3E8dtZ/oCHv2+PJccfWQEA7cIP7vKG4vzZ:hcKjsXQJLL/wKTJdtFOcuA7cIPjKG4vt

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 5 IoCs

description	ioc
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW

Files

543194aa1d2ddd085dea3173faef3ae08fbcd64322ed6887e713ed9efbf57973
.apk android arch:arm64 arch:arm arch:x86 arch:x64

io.vinci.ff.android

com.qihoo.util.StartActivity

Activities

io.vinci.ff.android.MainActivity

android.intent.action.MAIN

com.qihoo.util.StartActivity

android.intent.action.MAIN

io.vinci.afBG.vh

android.intent.action.CREATE_SHORTCUT
android.intent.action.DELETE

io.vinci.afBG.kik

android.intent.action.CREATE_SHORTCUT
android.intent.action.DELETE

Permissions

android.permission.CAMERA
android.permission.INTERNET
android.permission.FLASHLIGHT
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.WAKE_LOCK
com.google.android.c2dm.permission.RECEIVE
io.vinci.android.permission.C2D_MESSAGE
android.permission.VIBRATE
android.permission.RECEIVE_BOOT_COMPLETED
com.sec.android.provider.badge.permission.READ
com.sec.android.provider.badge.permission.WRITE
com.htc.launcher.permission.READ_SETTINGS
com.htc.launcher.permission.UPDATE_SHORTCUT
com.sonyericsson.home.permission.BROADCAST_BADGE
com.sonymobile.home.permission.PROVIDER_INSERT_BADGE
com.anddoes.launcher.permission.UPDATE_COUNT
com.majeur.launcher.permission.UPDATE_BADGE
com.huawei.android.launcher.permission.CHANGE_BADGE
com.huawei.android.launcher.permission.READ_SETTINGS
com.huawei.android.launcher.permission.WRITE_SETTINGS
android.permission.READ_PHONE_STATE
android.permission.SYSTEM_ALERT_WINDOW
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
com.android.launcher.permission.READ_SETTINGS
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.GET_TASKS
android.permission.RESTART_PACKAGES

Receivers

com.appsflyer.MultipleInstallBroadcastReceiver

com.android.vending.INSTALL_REFERRER

com.my.tracker.campaign.CampaignReceiver

com.android.vending.INSTALL_REFERRER

com.google.android.gms.measurement.AppMeasurementReceiver

com.google.android.gms.measurement.UPLOAD

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE
com.google.android.c2dm.intent.REGISTRATION

com.onesignal.GcmBroadcastReceiver

com.google.android.c2dm.intent.RECEIVE

com.onesignal.BootUpReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

com.onesignal.UpgradeReceiver

android.intent.action.MY_PACKAGE_REPLACED

io.vinci.afBG.uq

android.intent.action.PACKAGE_ADDED

Services

com.google.firebase.iid.FirebaseInstanceIdService

com.google.firebase.INSTANCE_ID_EVENT

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

Android Permissions

543194aa1d2ddd085dea3173faef3ae08fbcd64322ed6887e713ed9efbf57973

Permissions

android.permission.CAMERA

android.permission.INTERNET

android.permission.FLASHLIGHT

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.WAKE_LOCK

com.google.android.c2dm.permission.RECEIVE

io.vinci.android.permission.C2D_MESSAGE

android.permission.VIBRATE

android.permission.RECEIVE_BOOT_COMPLETED

com.sec.android.provider.badge.permission.READ

com.sec.android.provider.badge.permission.WRITE

com.htc.launcher.permission.READ_SETTINGS

com.htc.launcher.permission.UPDATE_SHORTCUT

com.sonyericsson.home.permission.BROADCAST_BADGE

com.sonymobile.home.permission.PROVIDER_INSERT_BADGE

com.anddoes.launcher.permission.UPDATE_COUNT

com.majeur.launcher.permission.UPDATE_BADGE

com.huawei.android.launcher.permission.CHANGE_BADGE

com.huawei.android.launcher.permission.READ_SETTINGS

com.huawei.android.launcher.permission.WRITE_SETTINGS

android.permission.READ_PHONE_STATE

android.permission.SYSTEM_ALERT_WINDOW

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher.permission.UNINSTALL_SHORTCUT

com.android.launcher.permission.READ_SETTINGS

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.GET_TASKS

android.permission.RESTART_PACKAGES

Sharing

General

Malware Config

Signatures

Files

io.vinci.ff.android

com.qihoo.util.StartActivity

Activities

io.vinci.ff.android.MainActivity

com.qihoo.util.StartActivity

io.vinci.afBG.vh

io.vinci.afBG.kik

Permissions

Receivers

com.appsflyer.MultipleInstallBroadcastReceiver

com.my.tracker.campaign.CampaignReceiver

com.google.android.gms.measurement.AppMeasurementReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.onesignal.GcmBroadcastReceiver

com.onesignal.BootUpReceiver

com.onesignal.UpgradeReceiver

io.vinci.afBG.uq

Services

com.google.firebase.iid.FirebaseInstanceIdService

com.google.firebase.messaging.FirebaseMessagingService

Android Permissions

543194aa1d2ddd085dea3173faef3ae08fbcd64322ed6887e713ed9efbf57973