67c23ece41cc881da6cd0bbade7d59b7cc26754edc4bb75afdf77f7edb6d118e

Sharing

Copy URL Twitter E-mail

General

Target

67c23ece41cc881da6cd0bbade7d59b7cc26754edc4bb75afdf77f7edb6d118e
Size

16.2MB
MD5

59433f912226b52c444d8c3aff33967b
SHA1

abc08a03b21352a9ac182aa8e3b6b5dc94d3d6f2
SHA256

67c23ece41cc881da6cd0bbade7d59b7cc26754edc4bb75afdf77f7edb6d118e
SHA512

96876ec9e8f4e800b47740e2f15df836b119f9110bde80238be95ccc4633e0c30ef469092862bd5bc6966617804bf6120094cd46d89c01efac6045f0d913f468
SSDEEP

393216:rpJHie5GTgLtQ/l/SxmvejORNO55wZN8D3:Pimu2Q/5Ym2jORMTwMb

Score

6^/10

Malware Config

Signatures

Declares broadcast receivers with permission to handle system events 1 IoCs

description	ioc
Required by device admin receivers to bind with the system. Allows apps to manage device administration features.	android.permission.BIND_DEVICE_ADMIN

Declares services with permission to bind to the system 1 IoCs

description	ioc
Required by remote views services to bind with the system. Allows apps to share and display views across different processes.	android.permission.BIND_REMOTEVIEWS

Requests dangerous framework permissions 12 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS
Allows an application to read the user's calendar data.	android.permission.READ_CALENDAR
Allows an application to write the user's calendar data.	android.permission.WRITE_CALENDAR
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION

Files

67c23ece41cc881da6cd0bbade7d59b7cc26754edc4bb75afdf77f7edb6d118e
.apk android arch:arm64 arch:arm arch:mips arch:mips64 arch:x86 arch:x64

com.kingsoft.email

com.kingsoft.email.ui.launch.WelcomeActivity

Activities

com.kingsoft.email.activity.ComposeActivityEmail

android.intent.action.VIEW
android.intent.action.SENDTO
android.intent.action.SEND
android.intent.action.SEND_MULTIPLE
com.android.email.intent.action.REPLY
android.intent.action.SEND
android.nfc.action.NDEF_DISCOVERED

com.kingsoft.email.activity.EventViewer

android.intent.action.VIEW

com.kingsoft.email2.ui.MailboxSelectionActivityEmail

android.appwidget.action.APPWIDGET_CONFIGURE

com.kingsoft.mail.ui.MailboxSelectionActivity

android.appwidget.action.APPWIDGET_CONFIGURE

com.kingsoft.email2.ui.MailActivityEmail

android.intent.action.VIEW
android.intent.action.SEARCH
android.intent.action.VIEW
android.intent.action.MAIN
android.intent.action.CREATE_SHORTCUT

com.kingsoft.wpsaccount.view.WPSLoginActivity

com.kingsoft.wpsaccount.view.WPSLoginActivity

com.kingsoft.email.ui.launch.WelcomeActivity

android.intent.action.MAIN

com.kingsoft.email.activity.setup.AccountSetupBasics

com.kingsoft.email.CREATE_ACCOUNT

com.kingsoft.email.activity.setup.AccountSettings

com.kingsoft.email.activity.setup.ACCOUNT_MANAGER_ENTRY
android.intent.action.EDIT
android.intent.action.MANAGE_NETWORK_USAGE

com.kingsoft.email.provider.FolderPickerActivity

android.intent.action.EDIT

com.kingsoft.mail.browse.EmlViewerActivity

android.intent.action.VIEW

com.kingsoft.mail.secureconversation.SecureConversationActivity

android.intent.action.VIEW

com.kingsoft.exchange.EasCertificateRequestor

com.android.emailcommon.REQUEST_CERT

com.kingsoft.exchange.SettingsRedirector

android.intent.action.MANAGE_NETWORK_USAGE

com.kingsoft.pushmessage.NotifyDialogActivity

com.kingsoft.pushmessage.NotifyDialogActivity

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

com.kingsoft.integral.ui.WPSIntegralActivity

com.kingsoft.integral.ui.WPSIntegralActivity

com.kingsoft.vip.paymember.PayMemberWithH5Activity

com.kingsoft.vip.paymember.PayMemberWithH5Activity

com.kingsoft.dynamicloader.proxy.DLActivityProxy

com.ryg.dynamicload.proxy.activity.VIEW

com.kingsoft.dynamicloader.proxy.DLFragmentActivityProxy

com.ryg.dynamicload.proxy.fragmentactivity.VIEW

com.kingsoft.pdf.PDFPluginSignActivity

com.kingsoft.pdf.PDFPluginSignActivity

com.kingsoft.wpsaccount.view.WPSAccountActivity

android.intent.action.VIEW

Permissions

android.permission.RECEIVE_BOOT_COMPLETED
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.VIBRATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.GET_ACCOUNTS
android.permission.MANAGE_ACCOUNTS
android.permission.AUTHENTICATE_ACCOUNTS
android.permission.READ_SYNC_SETTINGS
android.permission.WRITE_SYNC_SETTINGS
android.permission.READ_CONTACTS
android.permission.WRITE_CONTACTS
android.permission.READ_CALENDAR
android.permission.WRITE_CALENDAR
android.permission.READ_PROFILE
android.permission.WAKE_LOCK
android.permission.READ_PHONE_STATE
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
android.permission.SYSTEM_ALERT_WINDOW
android.permission.GET_TASKS
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_CONFIGURATION
android.permission.WRITE_SETTINGS
com.android.launcher.permission.READ_SETTINGS
com.android.launcher.permission.INSTALL_SHORTCUT
android.permission.READ_LOGS
android.permission.MANAGE_DOCUMENTS
android.permission.READ_EXTERNAL_STORAGE
com.sec.android.provider.badge.permission.READ
com.sec.android.provider.badge.permission.WRITE
com.huawei.android.launcher.permission.CHANGE_BADGE
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
com.kingsoft.email.permission.READ_ATTACHMENT
android.permission.USE_CREDENTIALS
com.kingsoft.email.permission.ACCESS_PROVIDER
com.kingsoft.email.permission.MIPUSH_RECEIVE
android.permission.CHANGE_WIFI_STATE
getui.permission.GetuiService.com.kingsoft.email

Receivers

com.kingsoft.promotion.PromotionBroadCastReceiver

com.kingsoft.email.PROMOTION_RECEIVER

com.kingsoft.email.NotificationController$NotificationBroadcastReceiver

notification_cancelled

com.kingsoft.email.service.MailSendProgressManager$NotificationCancelReceiver

progress_cancelled

com.kingsoft.email.provider.WidgetProvider

android.appwidget.action.APPWIDGET_UPDATE
com.kingsoft.mail.ACTION_NOTIFY_DATASET_CHANGED
com.kingsoft.mail.ACTION_UPDATE_WIDGET
com.kingsoft.mail.ACTION_VALIDATE_ALL_WIDGETS

com.kingsoft.email.service.ImapPushService$NetworkStatusBroadcastReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.kingsoft.email.service.EmailUpgradeBroadcastReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.MY_PACKAGE_REPLACED

com.kingsoft.email.service.EmailBroadcastReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK
android.accounts.LOGIN_ACCOUNTS_CHANGED
com.kingsoft.email.action.SILENCE_SETTING_CHANGED
com.kingsoft.email.action.PROCESS_EMAIL
com.kingsoft.email.action.ACTION_SET_ALARM_TIME
com.kingsoft.email.action.ACTION_CANCEL_DELAY
com.kingsoft.email.action.ACTION_DELAY_ALARM
com.kingsoft.email.action.ACTION_BILL_ALARM
com.kingsoft.email.action.ACTION_RECOGNIZE_ALARM
com.kingsoft.email.action.ACTION_MEETING_ALARM
com.kingsoft.email.action.ACTION_LOCAL_EMAIL
com.android.mail.action.update_notification
android.provider.Telephony.SECRET_CODE

com.kingsoft.email.SecurityPolicy$PolicyAdmin

android.app.action.DEVICE_ADMIN_ENABLED

com.kingsoft.email.statistics.DownloadCompleteReceiver

android.intent.action.DOWNLOAD_COMPLETE

com.xiaomi.push.service.receivers.NetworkStatusReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.xiaomi.push.service.receivers.PingReceiver

com.xiaomi.push.PING_TIMER

com.kingsoft.mail.mipush.EmailPushNetworkReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.kingsoft.pushmessage.MIReceiver

com.xiaomi.mipush.RECEIVE_MESSAGE
com.xiaomi.mipush.ERROR

com.kingsoft.email.service.ContactSyncCloudReceiver

com.kingsoft.email.CONTACT_SYNC_CLOUD_RECEIVER

com.igexin.sdk.PushReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT
com.igexin.sdk.action.refreshls
android.intent.action.MEDIA_MOUNTED
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

com.igexin.download.DownloadReceiver

android.net.conn.CONNECTIVITY_CHANGE

Services

com.kingsoft.email.service.Pop3AuthenticatorService

android.accounts.AccountAuthenticator

com.kingsoft.email.service.ImapAuthenticatorService

android.accounts.AccountAuthenticator

com.kingsoft.email.service.Pop3SyncAdapterService

android.content.SyncAdapter

com.kingsoft.email.service.LegacyImapSyncAdapterService

android.content.SyncAdapter

com.kingsoft.email.service.PolicyService

com.kingsoft.email.POLICY_INTENT

com.kingsoft.email.service.AccountService

com.kingsoft.email.ACCOUNT_INTENT

com.kingsoft.email.service.ImapService

com.android.email.IMAP_INTENT

com.kingsoft.email.service.Pop3Service

com.android.email.POP3_INTENT

com.kingsoft.email.service.EasAuthenticatorService

android.accounts.AccountAuthenticator

com.kingsoft.email.service.EasTestAuthenticatorService

android.accounts.AccountAuthenticator

com.kingsoft.email.service.EasAuthenticatorServiceAlternate

android.accounts.AccountAuthenticator

com.kingsoft.email.service.LegacyImapAuthenticatorService

android.accounts.AccountAuthenticator

com.kingsoft.email.service.LegacyEasAuthenticatorService

android.accounts.AccountAuthenticator

com.kingsoft.mail.MailIntentService

android.intent.action.LOCALE_CHANGED
com.android.mail.action.RESEND_NOTIFICATIONS
com.android.mail.action.CLEAR_NEW_MAIL_NOTIFICATIONS

com.kingsoft.mail.NotificationActionIntentService

com.android.mail.action.notification.MARK_ALARM
com.android.mail.action.notification.MARK_READ_ALL
com.android.mail.action.notification.MARK_READ
com.android.mail.action.notification.ARCHIVE
com.android.mail.action.notification.DELETE
com.android.mail.action.notification.UNDO
com.android.mail.action.notification.DESTRUCT
com.android.mail.action.notification.UNDO_TIMEOUT
com.android.mail.action.notification.REPLY
com.android.mail.action.notification.REPLY_ALL
com.android.mail.action.notification.FORWARD
com.android.mail.action.notification.RESEND
com.android.mail.action.notification.NO_RESEND
com.kingsoft.email.action.DEALY_EMAIL
com.kingsoft.email.action.CANCEL_EMAIL
com.kingsoft.email.action.CANCEL_BILL_ALARM
com.kingsoft.email.action.CANCEL_RECOGNIZE_ALARM

com.kingsoft.exchange.service.EmailSyncAdapterService

android.content.SyncAdapter
com.kingsoft.email.EXCHANGE_INTENT

com.kingsoft.exchange.service.ContactsSyncAdapterService

android.content.SyncAdapter

com.kingsoft.exchange.service.CalendarSyncAdapterService

android.content.SyncAdapter

com.kingsoft.pushmessage.NotifyService

com.kingsoft.pushmessage.NotifyService

com.kingsoft.email.service.ContactSyncCloudService

com.kingsoft.email.CONTACT_SYNC_CLOUD_SERVICE

com.kingsoft.email.service.CheckSendingMailStateService

com.kingsoft.email.action.CHECK_SENDING_STATE

com.kingsoft.email.service.EmailProcessService

com.kingsoft.email.EMAIL_PROCESS

com.igexin.sdk.PushService

com.igexin.sdk.action.service.message

Android Permissions

67c23ece41cc881da6cd0bbade7d59b7cc26754edc4bb75afdf77f7edb6d118e

Permissions

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.ACCESS_NETWORK_STATE

android.permission.INTERNET

android.permission.VIBRATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.GET_ACCOUNTS

android.permission.MANAGE_ACCOUNTS

android.permission.AUTHENTICATE_ACCOUNTS

android.permission.READ_SYNC_SETTINGS

android.permission.WRITE_SYNC_SETTINGS

android.permission.READ_CONTACTS

android.permission.WRITE_CONTACTS

android.permission.READ_CALENDAR

android.permission.WRITE_CALENDAR

android.permission.READ_PROFILE

android.permission.WAKE_LOCK

android.permission.READ_PHONE_STATE

android.permission.DOWNLOAD_WITHOUT_NOTIFICATION

android.permission.SYSTEM_ALERT_WINDOW

android.permission.GET_TASKS

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_CONFIGURATION

android.permission.WRITE_SETTINGS

com.android.launcher.permission.READ_SETTINGS

com.android.launcher.permission.INSTALL_SHORTCUT

android.permission.READ_LOGS

android.permission.MANAGE_DOCUMENTS

android.permission.READ_EXTERNAL_STORAGE

com.sec.android.provider.badge.permission.READ

com.sec.android.provider.badge.permission.WRITE

com.huawei.android.launcher.permission.CHANGE_BADGE

android.permission.BLUETOOTH

android.permission.BLUETOOTH_ADMIN

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_COARSE_LOCATION

com.kingsoft.email.permission.READ_ATTACHMENT

android.permission.USE_CREDENTIALS

com.kingsoft.email.permission.ACCESS_PROVIDER

com.kingsoft.email.permission.MIPUSH_RECEIVE

android.permission.CHANGE_WIFI_STATE

getui.permission.GetuiService.com.kingsoft.email

Sharing

General

Malware Config

Signatures

Files

com.kingsoft.email

com.kingsoft.email.ui.launch.WelcomeActivity

Activities

com.kingsoft.email.activity.ComposeActivityEmail

com.kingsoft.email.activity.EventViewer

com.kingsoft.email2.ui.MailboxSelectionActivityEmail

com.kingsoft.mail.ui.MailboxSelectionActivity

com.kingsoft.email2.ui.MailActivityEmail

com.kingsoft.wpsaccount.view.WPSLoginActivity

com.kingsoft.email.ui.launch.WelcomeActivity

com.kingsoft.email.activity.setup.AccountSetupBasics

com.kingsoft.email.activity.setup.AccountSettings

com.kingsoft.email.provider.FolderPickerActivity

com.kingsoft.mail.browse.EmlViewerActivity

com.kingsoft.mail.secureconversation.SecureConversationActivity

com.kingsoft.exchange.EasCertificateRequestor

com.kingsoft.exchange.SettingsRedirector

com.kingsoft.pushmessage.NotifyDialogActivity

com.tencent.tauth.AuthActivity

com.kingsoft.integral.ui.WPSIntegralActivity

com.kingsoft.vip.paymember.PayMemberWithH5Activity

com.kingsoft.dynamicloader.proxy.DLActivityProxy

com.kingsoft.dynamicloader.proxy.DLFragmentActivityProxy

com.kingsoft.pdf.PDFPluginSignActivity

com.kingsoft.wpsaccount.view.WPSAccountActivity

Permissions

Receivers

com.kingsoft.promotion.PromotionBroadCastReceiver

com.kingsoft.email.NotificationController$NotificationBroadcastReceiver

com.kingsoft.email.service.MailSendProgressManager$NotificationCancelReceiver

com.kingsoft.email.provider.WidgetProvider

com.kingsoft.email.service.ImapPushService$NetworkStatusBroadcastReceiver

com.kingsoft.email.service.EmailUpgradeBroadcastReceiver

com.kingsoft.email.service.EmailBroadcastReceiver

com.kingsoft.email.SecurityPolicy$PolicyAdmin

com.kingsoft.email.statistics.DownloadCompleteReceiver

com.xiaomi.push.service.receivers.NetworkStatusReceiver

com.xiaomi.push.service.receivers.PingReceiver

com.kingsoft.mail.mipush.EmailPushNetworkReceiver

com.kingsoft.pushmessage.MIReceiver

com.kingsoft.email.service.ContactSyncCloudReceiver

com.igexin.sdk.PushReceiver

com.igexin.download.DownloadReceiver

Services

com.kingsoft.email.service.Pop3AuthenticatorService

com.kingsoft.email.service.ImapAuthenticatorService

com.kingsoft.email.service.Pop3SyncAdapterService

com.kingsoft.email.service.LegacyImapSyncAdapterService

com.kingsoft.email.service.PolicyService

com.kingsoft.email.service.AccountService

com.kingsoft.email.service.ImapService

com.kingsoft.email.service.Pop3Service

com.kingsoft.email.service.EasAuthenticatorService

com.kingsoft.email.service.EasTestAuthenticatorService

com.kingsoft.email.service.EasAuthenticatorServiceAlternate

com.kingsoft.email.service.LegacyImapAuthenticatorService

com.kingsoft.email.service.LegacyEasAuthenticatorService

com.kingsoft.mail.MailIntentService

com.kingsoft.mail.NotificationActionIntentService

com.kingsoft.exchange.service.EmailSyncAdapterService

com.kingsoft.exchange.service.ContactsSyncAdapterService

com.kingsoft.exchange.service.CalendarSyncAdapterService

com.kingsoft.pushmessage.NotifyService

com.kingsoft.email.service.ContactSyncCloudService

com.kingsoft.email.service.CheckSendingMailStateService

com.kingsoft.email.service.EmailProcessService

com.igexin.sdk.PushService

Android Permissions

67c23ece41cc881da6cd0bbade7d59b7cc26754edc4bb75afdf77f7edb6d118e