d2e03109c6451f30939dc2ab120930f332cafbfb9b1db75ba1fb82b9e74d7d36

General

Target

d2e03109c6451f30939dc2ab120930f332cafbfb9b1db75ba1fb82b9e74d7d36
Size

10.0MB
MD5

7e32c835c0c4c7b1434c71306bf37992
SHA1

a46547872e18f8a8d85a4a094225e7382667ba46
SHA256

d2e03109c6451f30939dc2ab120930f332cafbfb9b1db75ba1fb82b9e74d7d36
SHA512

2ebee6766d382e4c77ff9abf8626fb92a9fd97c4ee46f613849b7910acbbeae63e37a23fe61f1ab76fd42bd46c4169259d71a09b0210932ab0f7558cfc23a5b7
SSDEEP

196608:OhzL0HqzApgWFZglPh+iRKG72L1lfXsDg+hc8DqqGRNsML:OVL0HqkpgWFKlp+iInLDkDFhJiPL

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Requests dangerous framework permissions 14 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW

Files

d2e03109c6451f30939dc2ab120930f332cafbfb9b1db75ba1fb82b9e74d7d36
.apk android arch:arm

com.cltd.klaxc.cps

cn.cmgame.billing.api.GameOpenActivity

Activities

cn.cmgame.billing.api.GameOpenActivity

android.intent.action.MAIN
android.intent.action.CHINAMOBILE_OMS_GAME

cn.cmgame2_0.launch_model.shortcut.main.MiguHomeActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.RESTART_PACKAGES
android.permission.SEND_SMS
android.permission.GET_TASKS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.SEND_SMS
android.permission.READ_PHONE_STATE
android.permission.READ_CONTACTS
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.SYSTEM_ALERT_WINDOW
android.permission.GET_TASKS
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
com.android.launcher.permission.READ_SETTINGS
com.android.launcher.permission.WRITE_SETTINGS

Services
unicom_channel_resource.dat
.apk android

com.xiaowo.resourcepro

Android Permissions

d2e03109c6451f30939dc2ab120930f332cafbfb9b1db75ba1fb82b9e74d7d36

Permissions

android.permission.INTERNET

android.permission.READ_PHONE_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_COARSE_LOCATION

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.RESTART_PACKAGES

android.permission.SEND_SMS

android.permission.GET_TASKS

android.permission.SYSTEM_ALERT_WINDOW

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.SEND_SMS

android.permission.READ_PHONE_STATE

android.permission.READ_CONTACTS

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_COARSE_LOCATION

android.permission.BLUETOOTH

android.permission.BLUETOOTH_ADMIN

android.permission.SYSTEM_ALERT_WINDOW

android.permission.GET_TASKS

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher.permission.UNINSTALL_SHORTCUT

com.android.launcher.permission.READ_SETTINGS

com.android.launcher.permission.WRITE_SETTINGS

Sharing

General

Malware Config

Signatures

Files

com.cltd.klaxc.cps

cn.cmgame.billing.api.GameOpenActivity

Activities

cn.cmgame.billing.api.GameOpenActivity

cn.cmgame2_0.launch_model.shortcut.main.MiguHomeActivity

Permissions

Services

com.xiaowo.resourcepro

Android Permissions

d2e03109c6451f30939dc2ab120930f332cafbfb9b1db75ba1fb82b9e74d7d36