be6750a37a4fb58d376935db6cf9f5e8eb7317643dbe67ac105fb8a332e3490f

General

Target

be6750a37a4fb58d376935db6cf9f5e8eb7317643dbe67ac105fb8a332e3490f
Size

19.6MB
MD5

f87f36a8594f642fd407619490d169f4
SHA1

c3aca4d2d8db722bd62f7d97faef8144744f3f7a
SHA256

be6750a37a4fb58d376935db6cf9f5e8eb7317643dbe67ac105fb8a332e3490f
SHA512

1dbcbe2eae81a7c47898763f53e1b928210da0b01c321baf32eab833adb7cb5ed34e437ac8457a34bd48995251bd0aa042a8031012a0a998ebdd8389342988df
SSDEEP

393216:zQdpTXnHcNe4J8WNj9ffQeMfq157tfq157F2v4BIw2FdhZz+0jb:zYgl8g9ffBA2v4gv+0jb

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 11 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to record audio.	android.permission.RECORD_AUDIO
Required to be able to access the camera device.	android.permission.CAMERA

Files

be6750a37a4fb58d376935db6cf9f5e8eb7317643dbe67ac105fb8a332e3490f
.apk android arch:arm arch:mips arch:x86

com.wistronits.yidaifu.patient

com.qihoo.util.StartActivity

Activities

com.wistronits.xinzan.patient.ui.SplashActivity

android.intent.action.MAIN

com.qihoo.util.StartActivity

android.intent.action.MAIN

com.wistronits.xinzan.common.ccp.CCPCallInActivity

com.wistronits.yidaifu.patient.ACTION_VOIP_INCALL
com.wistronits.yidaifu.patient.ACTION_VIDEO_INTCALL

com.wistronits.xinzan.common.justalk.JusTalkVideoCallOutActivity

com.wistronits.yidaifu.patient.ACTION_VIDEO_OUTCALL

com.wistronits.xinzan.common.ccp.CCPAudioCallOutActivity

com.wistronits.yidaifu.patient.ACTION_VOIP_OUTCALL

cn.jpush.android.ui.PushActivity

cn.jpush.android.ui.PushActivity

com.wistronits.yidaifu.patient.wxapi.WXPayEntryActivity

android.intent.action.VIEW

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

Permissions

com.wistronits.yidaifu.patient.permission.JPUSH_MESSAGE
android.permission.RECEIVE_USER_PRESENT
android.permission.INTERNET
android.permission.WAKE_LOCK
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_SETTINGS
android.permission.READ_LOGS
android.permission.VIBRATE
android.permission.CALL_PHONE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.ACCESS_NETWORK_STATE
android.permission.SET_DEBUG_APP
android.permission.SYSTEM_ALERT_WINDOW
android.permission.GET_ACCOUNTS
android.permission.USE_CREDENTIALS
android.permission.MANAGE_ACCOUNTS
android.permission.WRITE_APN_SETTINGS
android.permission.FLASHLIGHT
android.permission.HARDWARE_TEST
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.CHANGE_NETWORK_STATE
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.GET_TASKS
android.permission.RECORD_AUDIO
android.permission.CAMERA
android.permission.KILL_BACKGROUND_PROCESSES
org.simalliance.openmobileapi.SMARTCARD
android.permission.NFC
android.permission.BLUETOOTH
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.DISABLE_KEYGUARD
android.permission.DISABLE_KEYGUARD
android.permission.BROADCAST_STICKY

Receivers

cn.jpush.android.service.PushReceiver

cn.jpush.android.intent.NOTIFICATION_RECEIVED_PROXY
android.intent.action.USER_PRESENT
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED

com.wistronits.xinzan.patient.receiver.PatientJPushReceiver

cn.jpush.android.intent.REGISTRATION
cn.jpush.android.intent.UNREGISTRATION
cn.jpush.android.intent.MESSAGE_RECEIVED
cn.jpush.android.intent.NOTIFICATION_RECEIVED
cn.jpush.android.intent.NOTIFICATION_OPENED
cn.jpush.android.intent.ACTION_RICHPUSH_CALLBACK
cn.jpush.android.intent.CONNECTION

com.wistronits.yidaifu.patient.wxapi.AppRegister

com.tencent.mm.plugin.openapi.Intent.ACTION_REFRESH_WXAPP

Services

com.wistronits.xinzan.patient.service.FloatNoticeService

com.service.FxService

com.baidu.location.f

com.baidu.location.service_v2.2

cn.jpush.android.service.PushService

cn.jpush.android.intent.REGISTER
cn.jpush.android.intent.REPORT
cn.jpush.android.intent.PushService
cn.jpush.android.intent.PUSH_TIME

cn.jpush.android.service.DaemonService

cn.jpush.android.intent.DaemonService

Android Permissions

be6750a37a4fb58d376935db6cf9f5e8eb7317643dbe67ac105fb8a332e3490f

Permissions

com.wistronits.yidaifu.patient.permission.JPUSH_MESSAGE

android.permission.RECEIVE_USER_PRESENT

android.permission.INTERNET

android.permission.WAKE_LOCK

android.permission.READ_PHONE_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_SETTINGS

android.permission.READ_LOGS

android.permission.VIBRATE

android.permission.CALL_PHONE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.ACCESS_NETWORK_STATE

android.permission.SET_DEBUG_APP

android.permission.SYSTEM_ALERT_WINDOW

android.permission.GET_ACCOUNTS

android.permission.USE_CREDENTIALS

android.permission.MANAGE_ACCOUNTS

android.permission.WRITE_APN_SETTINGS

android.permission.FLASHLIGHT

android.permission.HARDWARE_TEST

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_LOCATION_EXTRA_COMMANDS

android.permission.CHANGE_NETWORK_STATE

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.GET_TASKS

android.permission.RECORD_AUDIO

android.permission.CAMERA

android.permission.KILL_BACKGROUND_PROCESSES

org.simalliance.openmobileapi.SMARTCARD

android.permission.NFC

android.permission.BLUETOOTH

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.DISABLE_KEYGUARD

android.permission.BROADCAST_STICKY

Sharing

General

Malware Config

Signatures

Files

com.wistronits.yidaifu.patient

com.qihoo.util.StartActivity

Activities

com.wistronits.xinzan.patient.ui.SplashActivity

com.qihoo.util.StartActivity

com.wistronits.xinzan.common.ccp.CCPCallInActivity

com.wistronits.xinzan.common.justalk.JusTalkVideoCallOutActivity

com.wistronits.xinzan.common.ccp.CCPAudioCallOutActivity

cn.jpush.android.ui.PushActivity

com.wistronits.yidaifu.patient.wxapi.WXPayEntryActivity

com.tencent.tauth.AuthActivity

Permissions

Receivers

cn.jpush.android.service.PushReceiver

com.wistronits.xinzan.patient.receiver.PatientJPushReceiver

com.wistronits.yidaifu.patient.wxapi.AppRegister

Services

com.wistronits.xinzan.patient.service.FloatNoticeService

com.baidu.location.f

cn.jpush.android.service.PushService

cn.jpush.android.service.DaemonService

Android Permissions

be6750a37a4fb58d376935db6cf9f5e8eb7317643dbe67ac105fb8a332e3490f