69be43d6ba607463370ce4ba30b04feb4eb008905b1bd44a8505e9e9e5d5fce3

General

Target

69be43d6ba607463370ce4ba30b04feb4eb008905b1bd44a8505e9e9e5d5fce3
Size

21.0MB
MD5

de621229aa2423f636ee6c734f42fbbd
SHA1

2c01b791e4d2033eabda6b9cebfba64be3135303
SHA256

69be43d6ba607463370ce4ba30b04feb4eb008905b1bd44a8505e9e9e5d5fce3
SHA512

67a926afe1b4f53d3509d23dceac570da3516c2058fdc8010312fd6e9659886f8e8c530a6dd5145ed0c4dd097bfe029f1696044ee9dc9d8c1c82c0b934d596c5
SSDEEP

393216:JchAQ+Zi7tfK+vGI747fJ9Z0rq5c7yOzgM4A/D3g1cSt0w7rDYTLFUQv39DLOxfE:NnclK+vHU7fF0rq5Sl447gX2q4HDv9DV

Score

8^/10

upx

Malware Config

Signatures

Patched UPX-packed file 10 IoCs

Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.

resource	yara_rule
sample	patched_upx
sample	patched_upx
sample	patched_upx
sample	patched_upx
sample	patched_upx
sample	patched_upx
sample	patched_upx
sample	patched_upx
sample	patched_upx
sample	patched_upx

UPX packed file 10 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx
sample	upx
sample	upx
sample	upx
sample	upx
sample	upx
sample	upx
sample	upx
sample	upx
sample	upx

Requests dangerous framework permissions 11 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE

Files

69be43d6ba607463370ce4ba30b04feb4eb008905b1bd44a8505e9e9e5d5fce3
.apk android arch:arm

com.zz.yidaijia.sj

com.zz.yidaijia.sj.IndexActivity

Activities

com.zz.yidaijia.sj.IndexActivity

android.intent.action.MAIN

com.zz.yidaijia.sj.PushActivity

android.intent.action.VIEW

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_PHONE_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.WAKE_LOCK
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.CALL_PHONE
android.permission.WRITE_SETTINGS
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.BROADCAST_PACKAGE_CHANGED
android.permission.BROADCAST_PACKAGE_REPLACED
android.permission.RESTART_PACKAGES
android.permission.GET_TASKS
android.permission.GET_ACCOUNTS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.VIBRATE
android.permission.REORDER_TASKS
android.permission.READ_EXTERNAL_STORAGE
android.permission.CAMERA
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.WRITE_MEDIA_STORAGE
android.permission.RECORD_AUDIO
android.permission.READ_EXTERNAL_STORAGE
com.zz.yidaijia.sj.permission.MIPUSH_RECEIVE
com.google.android.c2dm.permission.RECEIVE
com.zz.yidaijia.sj.permission.C2D_MESSAGE

Receivers

com.taobao.accs.EventReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_REMOVED
android.intent.action.USER_PRESENT

com.taobao.accs.ServiceReceiver

com.taobao.accs.intent.action.COMMAND
com.taobao.accs.intent.action.START_FROM_AGOO

com.taobao.agoo.AgooCommondReceiver

com.zz.yidaijia.sj.intent.action.COMMAND
android.intent.action.PACKAGE_REMOVED

com.alibaba.sdk.android.push.SystemEventReceiver

android.intent.action.MEDIA_MOUNTED
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

com.easymi.common.receiver.AliPushReceiver

com.alibaba.push2.action.NOTIFICATION_OPENED
com.alibaba.push2.action.NOTIFICATION_REMOVED
com.taobao.accs.intent.action.COMMAND
com.taobao.taobao.intent.action.COMMAND
com.alibaba.sdk.android.push.RECEIVE
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT
android.intent.action.BOOT_COMPLETED
android.intent.action.PACKAGE_REMOVED

com.easymi.component.loc.LocReceiver

com.easymi.eomponent.LOC_CHANGED

com.alibaba.sdk.android.push.MiPushBroadcastReceiver

com.xiaomi.mipush.RECEIVE_MESSAGE
com.xiaomi.mipush.MESSAGE_ARRIVED
com.xiaomi.mipush.ERROR

com.xiaomi.push.service.receivers.NetworkStatusReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.alibaba.sdk.android.push.HuaWeiReceiver

com.huawei.android.push.intent.REGISTRATION
com.huawei.android.push.intent.RECEIVE
com.huawei.intent.action.PUSH
com.huawei.intent.action.PUSH_STATE

Services

com.alibaba.sdk.android.push.MsgService

com.alibaba.sdk.android.push.NOTIFY_ACTION

com.alibaba.sdk.android.push.channel.CheckService

com.alibaba.sdk.android.push.CHECK_SERVICE

com.taobao.accs.ChannelService

com.taobao.accs.intent.action.SERVICE

com.taobao.accs.data.MsgDistributeService

com.taobao.accs.intent.action.RECEIVE

org.android.agoo.accs.AgooService

com.taobao.accs.intent.action.RECEIVE

com.alibaba.sdk.android.push.AliyunPushIntentService

org.agoo.android.intent.action.RECEIVE

com.alibaba.sdk.android.push.channel.TaobaoRecvService

org.android.agoo.client.MessageReceiverService

com.easymi.component.loc.LocService

com.easymi.eomponent.START_LOC
com.easymi.eomponent.STOP_LOC

com.easymi.component.loc.LocationHelperService

com.easymi.component.loc.ACTIVATE
amap_resource1_0_0.png
.apk android

com.example.amapsdkv2

com.amap.api.maps.offlinemap.OfflineMapActivity

Activities

com.amap.api.maps.offlinemap.OfflineMapActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_SETTINGS
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_PHONE_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_WIFI_STATE
autonavi_Resource1_1_0.png
.apk android

com.example.navigationsdk

.WelcomeActivity

Activities

.WelcomeActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WRITE_SETTINGS
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_PHONE_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_CONFIGURATION
android.permission.WAKE_LOCK
android.permission.READ_EXTERNAL_STORAGE

Receivers

com.example.navigationsdk.MockReceiver

com.navi.mockgps

Services

Android Permissions

69be43d6ba607463370ce4ba30b04feb4eb008905b1bd44a8505e9e9e5d5fce3

Permissions

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_FINE_LOCATION

android.permission.READ_PHONE_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.WAKE_LOCK

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.CALL_PHONE

android.permission.WRITE_SETTINGS

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.BROADCAST_PACKAGE_CHANGED

android.permission.BROADCAST_PACKAGE_REPLACED

android.permission.RESTART_PACKAGES

android.permission.GET_TASKS

android.permission.GET_ACCOUNTS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.VIBRATE

android.permission.REORDER_TASKS

android.permission.READ_EXTERNAL_STORAGE

android.permission.CAMERA

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.WRITE_MEDIA_STORAGE

android.permission.RECORD_AUDIO

android.permission.READ_EXTERNAL_STORAGE

com.zz.yidaijia.sj.permission.MIPUSH_RECEIVE

com.google.android.c2dm.permission.RECEIVE

com.zz.yidaijia.sj.permission.C2D_MESSAGE

Sharing

General

Malware Config

Signatures

Files

com.zz.yidaijia.sj

com.zz.yidaijia.sj.IndexActivity

Activities

com.zz.yidaijia.sj.IndexActivity

com.zz.yidaijia.sj.PushActivity

com.tencent.tauth.AuthActivity

Permissions

Receivers

com.taobao.accs.EventReceiver

com.taobao.accs.ServiceReceiver

com.taobao.agoo.AgooCommondReceiver

com.alibaba.sdk.android.push.SystemEventReceiver

com.easymi.common.receiver.AliPushReceiver

com.easymi.component.loc.LocReceiver

com.alibaba.sdk.android.push.MiPushBroadcastReceiver

com.xiaomi.push.service.receivers.NetworkStatusReceiver

com.alibaba.sdk.android.push.HuaWeiReceiver

Services

com.alibaba.sdk.android.push.MsgService

com.alibaba.sdk.android.push.channel.CheckService

com.taobao.accs.ChannelService

com.taobao.accs.data.MsgDistributeService

org.android.agoo.accs.AgooService

com.alibaba.sdk.android.push.AliyunPushIntentService

com.alibaba.sdk.android.push.channel.TaobaoRecvService

com.easymi.component.loc.LocService

com.easymi.component.loc.LocationHelperService

com.example.amapsdkv2

com.amap.api.maps.offlinemap.OfflineMapActivity

Activities

com.amap.api.maps.offlinemap.OfflineMapActivity

Permissions

com.example.navigationsdk

.WelcomeActivity

Activities

.WelcomeActivity

Permissions

Receivers

com.example.navigationsdk.MockReceiver

Services

Android Permissions

69be43d6ba607463370ce4ba30b04feb4eb008905b1bd44a8505e9e9e5d5fce3