General

  • Target

    6235de7ffb28deb6043b529b3e42050e7853fb5bfd081b9c744843e53a9e7062

  • Size

    26.0MB

  • MD5

    85cf20d987890b4487f5a8775faf97a5

  • SHA1

    53e9aad782ca7e8e59944328f1483bd99cc5fd4c

  • SHA256

    6235de7ffb28deb6043b529b3e42050e7853fb5bfd081b9c744843e53a9e7062

  • SHA512

    8338ca0e497127a50d96ec7ec2e36ac6b40a87ea65892eb8a8badb211ff3572ab4c334fa6e18252245b77821abc2eb8848759a9549848f49d22743e436761f90

  • SSDEEP

    393216:ZKmqaLeURXPxF5ejGe47kOpHNlSWlo473zgPO9wD1JIUZQo7BzgPO9wXhFkNdK4W:ZOaNl1fpHpi47UP73IuQ4OPvhEsjXqsD

Score
8/10
upx

Malware Config

Signatures

  • Patched UPX-packed file 2 IoCs

    Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Requests dangerous framework permissions 10 IoCs

Files

  • 6235de7ffb28deb6043b529b3e42050e7853fb5bfd081b9c744843e53a9e7062
    .apk android arch:arm

    com.xianzaiyue.xyz

    com.tianchengshiguang.wx.activity.SplashActivity


  • amap_resource1_0_0.png
    .apk android

    com.example.amapsdkv2


Android Permissions

6235de7ffb28deb6043b529b3e42050e7853fb5bfd081b9c744843e53a9e7062

Permissions

android.permission.READ_LOGS

android.permission.READ_EXTERNAL_STORAGE

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.READ_PHONE_STATE

android.permission.INTERNET

android.permission.READ_CONTACTS

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.CHANGE_WIFI_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.CAMERA

android.permission.RECORD_AUDIO

com.xianzaiyue.xyz.permission.RECEIVE_MSG

android.permission.SYSTEM_ALERT_WINDOW

android.permission.ACCESS_LOCATION_EXTRA_COMMANDS

android.permission.CHANGE_NETWORK_STATE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

com.xianzaiyue.xyz.permission.JPUSH_MESSAGE

android.permission.RECEIVE_USER_PRESENT

android.permission.WAKE_LOCK

android.permission.WRITE_SETTINGS

android.permission.VIBRATE

com.sec.android.provider.badge.permission.READ

com.sec.android.provider.badge.permission.WRITE

com.htc.launcher.permission.READ_SETTINGS

com.htc.launcher.permission.UPDATE_SHORTCUT

com.sonyericsson.home.permission.BROADCAST_BADGE

com.sonymobile.home.permission.PROVIDER_INSERT_BADGE

com.anddoes.launcher.permission.UPDATE_COUNT

com.majeur.launcher.permission.UPDATE_BADGE

com.huawei.android.launcher.permission.CHANGE_BADGE

com.huawei.android.launcher.permission.READ_SETTINGS

com.huawei.android.launcher.permission.WRITE_SETTINGS

android.permission.READ_APP_BADGE

com.oppo.launcher.permission.READ_SETTINGS

com.oppo.launcher.permission.WRITE_SETTINGS

me.everything.badger.permission.BADGE_COUNT_READ

me.everything.badger.permission.BADGE_COUNT_WRITE

android.permission.GET_TASKS