aea5debd714eca59241018a1d643ffdc59e3a0fd7554016202f2dacabbe63297

General

Target

aea5debd714eca59241018a1d643ffdc59e3a0fd7554016202f2dacabbe63297
Size

17.5MB
MD5

20d35cc0779cd1efb46cd36a40f02e46
SHA1

51351d71b3583bf4c55646b9136a8e767953ff9c
SHA256

aea5debd714eca59241018a1d643ffdc59e3a0fd7554016202f2dacabbe63297
SHA512

8cc27e97e37cb02ac21581a8a9c805c35ba6026dbb5549fa84fe0c3284c302b2217c2ee4e8cbd18e9e7fb5b27a20bfc4c73b78f2d8609488d68d6f17d76b0c7e
SSDEEP

393216:LcJ78eFdgvIETf849VPW59vbDW+Xl/w05YYlSch9kXP4cSNQsP:YJ781QETk49VP29vumSYl/h9kXP4JNQA

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 11 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Required to be able to access the camera device.	android.permission.CAMERA

Files

aea5debd714eca59241018a1d643ffdc59e3a0fd7554016202f2dacabbe63297
.apk android arch:arm

com.hangzhoucaimi.financial

com.hangzhoucaimi.financial.activity.LaunchActivity

Activities

com.hangzhoucaimi.financial.activity.LaunchActivity

android.intent.action.MAIN

com.hangzhoucaimi.financial.activity.ProcessNotificationActivity

android.intent.action.VIEW

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

com.sina.weibo.sdk.share.WbShareTransActivity

com.sina.weibo.sdk.action.ACTION_SDK_REQ_ACTIVITY

Permissions

android.permission.BLUETOOTH
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_LOGS
android.permission.READ_PHONE_STATE
android.permission.MOUNT_UNMOUNT_FIFESYSTEMS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.CALL_PHONE
android.permission.WRITE_SETTINGS
android.permission.DISABLE_KEYGUARD
android.permission.VIBRATE
android.permission.ACCESS_DOWNLOAD_MANAGER
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
android.permission.READ_EXTERNAL_STORAGE
android.permission.READ_SMS
android.permission.RECEIVE_SMS
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
android.permission.WRITE_APN_SETTINGS
com.hangzhoucaimi.financial.permission.MIPUSH_RECEIVE
com.hangzhoucaimi.financial.permission.RECEIVE_MSG
android.permission.GET_TASKS
android.permission.CHANGE_WIFI_STATE
android.permission.WAKE_LOCK
android.permission.SYSTEM_ALERT_WINDOW
getui.permission.GetuiService.com.hangzhoucaimi.financial
android.permission.BLUETOOTH_ADMIN
android.permission.CAMERA
android.permission.MOUNT_UNMOUNT_FILESYSTEMS

Receivers

com.hangzhoucaimi.financial.update.UpdateNotifyReceiver

update_notify_cancel
update_notify_click

com.xiaomi.push.service.receivers.NetworkStatusReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.xiaomi.push.service.receivers.PingReceiver

com.xiaomi.push.PING_TIMER

com.wacai.android.pushsdk.receiver.MiPushMessageReceiver

com.xiaomi.mipush.RECEIVE_MESSAGE
com.xiaomi.mipush.MESSAGE_ARRIVED
com.xiaomi.mipush.ERROR

com.igexin.sdk.PushReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT
com.igexin.sdk.action.refreshls
android.intent.action.MEDIA_MOUNTED
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

com.igexin.download.DownloadReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.wacai.android.monitorsdk.NetworkConnectChangedReceiver

android.NET.conn.CONNECTIVITY_CHANGE
android.Net.wifi.WIFI_STATE_CHANGED
android.net.wifi.STATE_CHANGE

com.wacai.httpdns.NetworkReceiver

android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT

Services

com.igexin.sdk.PushService

com.igexin.sdk.action.service.message
kuaidai_plugin.apk
.apk android

com.caimi.grabcontacts

Permissions

android.permission.READ_CONTACTS

Android Permissions

aea5debd714eca59241018a1d643ffdc59e3a0fd7554016202f2dacabbe63297

Permissions

android.permission.BLUETOOTH

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.READ_LOGS

android.permission.READ_PHONE_STATE

android.permission.MOUNT_UNMOUNT_FIFESYSTEMS

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.CALL_PHONE

android.permission.WRITE_SETTINGS

android.permission.DISABLE_KEYGUARD

android.permission.VIBRATE

android.permission.ACCESS_DOWNLOAD_MANAGER

android.permission.DOWNLOAD_WITHOUT_NOTIFICATION

android.permission.READ_EXTERNAL_STORAGE

android.permission.READ_SMS

android.permission.RECEIVE_SMS

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_COARSE_LOCATION

android.permission.WRITE_APN_SETTINGS

com.hangzhoucaimi.financial.permission.MIPUSH_RECEIVE

com.hangzhoucaimi.financial.permission.RECEIVE_MSG

android.permission.GET_TASKS

android.permission.CHANGE_WIFI_STATE

android.permission.WAKE_LOCK

android.permission.SYSTEM_ALERT_WINDOW

getui.permission.GetuiService.com.hangzhoucaimi.financial

android.permission.BLUETOOTH_ADMIN

android.permission.CAMERA

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

Sharing

General

Malware Config

Signatures

Files

com.hangzhoucaimi.financial

com.hangzhoucaimi.financial.activity.LaunchActivity

Activities

com.hangzhoucaimi.financial.activity.LaunchActivity

com.hangzhoucaimi.financial.activity.ProcessNotificationActivity

com.tencent.tauth.AuthActivity

com.sina.weibo.sdk.share.WbShareTransActivity

Permissions

Receivers

com.hangzhoucaimi.financial.update.UpdateNotifyReceiver

com.xiaomi.push.service.receivers.NetworkStatusReceiver

com.xiaomi.push.service.receivers.PingReceiver

com.wacai.android.pushsdk.receiver.MiPushMessageReceiver

com.igexin.sdk.PushReceiver

com.igexin.download.DownloadReceiver

com.wacai.android.monitorsdk.NetworkConnectChangedReceiver

com.wacai.httpdns.NetworkReceiver

Services

com.igexin.sdk.PushService

com.caimi.grabcontacts

Permissions

Android Permissions

aea5debd714eca59241018a1d643ffdc59e3a0fd7554016202f2dacabbe63297