d87bcd177cbc42c3f0fdd118728a2c855edea02e0c3b1160d661be67be3f622a

General

Target

d87bcd177cbc42c3f0fdd118728a2c855edea02e0c3b1160d661be67be3f622a
Size

9.6MB
MD5

a29e25fb4965e14b154b01a0c89371d1
SHA1

b371eb58eec12e1c092227051af0211fc41e4c1b
SHA256

d87bcd177cbc42c3f0fdd118728a2c855edea02e0c3b1160d661be67be3f622a
SHA512

52bf9c6cf4be0dbca1b02240e8e4147b5da27bb52c1412ac9fb240bb31da198d6f1cadfc0630277b4efe863fa30beec6791c0a34a95c2b82d5385ed76ce93bfc
SSDEEP

196608:l2MGeZ7mEdDkOp/QV/5Yt6OYCwc0TvPwZUEhiZPxTlZXe:lbGc7mEqbV/5clwc0TkUjPTy

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 1 IoCs

description	ioc
Required by accessibility services to bind with the system. Allows apps to access accessibility features.	android.permission.BIND_ACCESSIBILITY_SERVICE

Requests dangerous framework permissions 16 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to read the user's call log.	android.permission.READ_CALL_LOG
Allows an application to write and read the user's call log data.	android.permission.WRITE_CALL_LOG
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Required to be able to access the camera device.	android.permission.CAMERA
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES
Allows an application to collect component usage statistics.	android.permission.PACKAGE_USAGE_STATS

Files

d87bcd177cbc42c3f0fdd118728a2c855edea02e0c3b1160d661be67be3f622a
.apk android arch:arm

com.mgyun.shua

com.mgyun.shua.ui.WelcomeActivity

Activities

com.mgyun.shua.ui.WelcomeActivity

android.intent.action.MAIN

com.mgyun.shua.ui.MainAct

com.mgyun.shua.MAIN

com.mgyun.shua.ui.ComposeSmsActivity

android.intent.action.SEND
android.intent.action.SENDTO

Permissions

android.permission.MOUNT_UNMOUNT_FILESYSTEMS
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.READ_SETTINGS
android.permission.READ_LOGS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_SETTINGS
android.permission.READ_OWNER_DATA
android.permission.WRITE_OWNER_DATA
android.permission.WRITE_CONTACTS
android.permission.READ_CONTACTS
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.SEND_SMS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.VIBRATE
android.permission.SET_WALLPAPER
android.permission.GET_TASKS
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.GET_PACKAGE_SIZE
android.permission.CLEAR_APP_CACHE
android.permission.READ_CALL_LOG
android.permission.WRITE_CALL_LOG
android.permission.FORCE_STOP_PACKAGES
android.permission.WRITE_APN_SETTINGS
android.permission.DELETE_CACHE_FILES
android.permission.ACCESS_CACHE_FILESYSTEM
android.permission.WRITE_SECURE_SETTINGS
android.permission.INTERACT_ACROSS_USERS_FULL
com.htc.launcher.permission.READ_SETTINGS
com.htc.launcher.permission.WRITE_SETTINGS
com.motorola.mmsp.motoswitch.permission.READ_SETTINGS
com.motorola.mmsp.motoswitch.permission.WRITE_SETTINGS
com.huaqin.launcherEx.permission.READ_SETTINGS
com.huaqin.launcherEx.permission.WRITE_APN_SETTINGS
com.oppo.launcher.permission.READ_SETTINGS
com.oppo.launcher.permission.WRITE_SETTINGS
com.android.launcher3.permission.READ_SETTINGS
com.android.launcher3.permission.WRITE_SETTINGS
org.adw.launcher.permission.READ_SETTINGS
org.adw.launcher.permission.WRITE_SETTINGS
com.qihoo360.launcher.permission.READ_SETTINGS
com.qihoo360.launcher.permission.WRITE_SETTINGS
com.lge.launcher.permission.READ_SETTINGS
com.lge.launcher.permission.WRITE_SETTINGS
net.qihoo.launcher.permission.READ_SETTINGS
net.qihoo.launcher.permission.WRITE_SETTINGS
org.adwfreak.launcher.permission.READ_SETTINGS
org.adwfreak.launcher.permission.WRITE_SETTINGS
com.huawei.launcher3.permission.READ_SETTINGS
com.huawei.launcher3.permission.WRITE_SETTINGS
com.fede.launcher.permission.READ_SETTINGS
com.fede.launcher.permission.WRITE_SETTINGS
com.sec.android.app.twlauncher.settings.READ_SETTINGS
com.sec.android.app.twlauncher.settings.WRITE_SETTINGS
com.anddoes.launcher.permission.READ_SETTINGS
com.anddoes.launcher.permission.WRITE_SETTINGS
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.WAKE_LOCK
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.BROADCAST_PACKAGE_ADDED
android.permission.BROADCAST_PACKAGE_CHANGED
android.permission.BROADCAST_PACKAGE_INSTALL
android.permission.BROADCAST_PACKAGE_REPLACED
android.permission.RESTART_PACKAGES
android.permission.GET_ACCOUNTS
android.permission.CAMERA
android.permission.CHANGE_WIFI_MULTICAST_STATE
android.permission.BLUETOOTH
android.permission.DIAGNOSTIC
android.permission.ACCESS_MTK_MMHW
android.permission.ACCESS_MOCK_LOCATION
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.MANAGE_USERS
android.permission.PACKAGE_USAGE_STATS
android.permission.BATTERY_STATS
android.permission.ACCESS_COARSE_UPDATES

Receivers

com.mgyun.shua.service.BootReceiver

android.intent.action.BOOT_COMPLETED

com.mgyun.shua.service.SmsReceiver

android.provider.Telephony.SMS_DELIVER

com.mgyun.shua.service.MmsReceiver

android.provider.Telephony.WAP_PUSH_DELIVER

com.plusive.BootUpReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.ACTION_POWER_CONNECTED

com.plusive.PackageInstallReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_REPLACED

com.plusive.AddJobCreatorReceiver

com.evernote.android.job.ADD_JOB_CREATOR

com.evernote.android.job.v14.PlatformAlarmReceiver

com.evernote.android.job.v14.RUN_JOB
net.vrallev.android.job.v14.RUN_JOB

com.evernote.android.job.JobBootReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
com.htc.intent.action.QUICKBOOT_POWERON
android.intent.action.MY_PACKAGE_REPLACED

com.taobao.accs.EventReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_REMOVED
android.intent.action.USER_PRESENT

com.taobao.accs.ServiceReceiver

com.taobao.accs.intent.action.COMMAND
com.taobao.accs.intent.action.START_FROM_AGOO

com.taobao.agoo.AgooCommondReceiver

com.mgyun.shua.intent.action.COMMAND
android.intent.action.PACKAGE_REMOVED

Services

com.mgyun.shua.service.WorkService

com.mgyun.shua.boot.restore

com.mgyun.shua.service.HeadlessSmsSendService

android.intent.action.RESPOND_VIA_MESSAGE

com.evernote.android.job.gcm.PlatformGcmService

com.google.android.gms.gcm.ACTION_TASK_READY

com.taobao.accs.ChannelService

com.taobao.accs.intent.action.SERVICE
com.taobao.accs.intent.action.ELECTION

com.taobao.accs.data.MsgDistributeService

com.taobao.accs.intent.action.RECEIVE

org.android.agoo.accs.AgooService

com.taobao.accs.intent.action.RECEIVE

com.umeng.message.UmengIntentService

org.agoo.android.intent.action.RECEIVE

com.umeng.message.UmengMessageCallbackHandlerService

com.umeng.messge.registercallback.action
com.umeng.message.enablecallback.action
com.umeng.message.disablecallback.action
com.umeng.message.message.handler.action

com.umeng.message.UmengMessageIntentReceiverService

org.android.agoo.client.MessageReceiverService

com.mgyun.accessibility.server.NRIAccessibilityServer

android.accessibilityservice.AccessibilityService

com.ss.android.socialbase.downloader.downloader.IndependentProcessDownloadService

com.ss.android.socialbase.downloader.remote
gdtadv2.jar
.apk android arch:arm arch:arm64

Android Permissions

d87bcd177cbc42c3f0fdd118728a2c855edea02e0c3b1160d661be67be3f622a

Permissions

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher.permission.READ_SETTINGS

android.permission.READ_LOGS

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_SETTINGS

android.permission.READ_OWNER_DATA

android.permission.WRITE_OWNER_DATA

android.permission.WRITE_CONTACTS

android.permission.READ_CONTACTS

android.permission.READ_SMS

android.permission.WRITE_SMS

android.permission.SEND_SMS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.VIBRATE

android.permission.SET_WALLPAPER

android.permission.GET_TASKS

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.GET_PACKAGE_SIZE

android.permission.CLEAR_APP_CACHE

android.permission.READ_CALL_LOG

android.permission.WRITE_CALL_LOG

android.permission.FORCE_STOP_PACKAGES

android.permission.WRITE_APN_SETTINGS

android.permission.DELETE_CACHE_FILES

android.permission.ACCESS_CACHE_FILESYSTEM

android.permission.WRITE_SECURE_SETTINGS

android.permission.INTERACT_ACROSS_USERS_FULL

com.htc.launcher.permission.READ_SETTINGS

com.htc.launcher.permission.WRITE_SETTINGS

com.motorola.mmsp.motoswitch.permission.READ_SETTINGS

com.motorola.mmsp.motoswitch.permission.WRITE_SETTINGS

com.huaqin.launcherEx.permission.READ_SETTINGS

com.huaqin.launcherEx.permission.WRITE_APN_SETTINGS

com.oppo.launcher.permission.READ_SETTINGS

com.oppo.launcher.permission.WRITE_SETTINGS

com.android.launcher3.permission.READ_SETTINGS

com.android.launcher3.permission.WRITE_SETTINGS

org.adw.launcher.permission.READ_SETTINGS

org.adw.launcher.permission.WRITE_SETTINGS

com.qihoo360.launcher.permission.READ_SETTINGS

com.qihoo360.launcher.permission.WRITE_SETTINGS

com.lge.launcher.permission.READ_SETTINGS

com.lge.launcher.permission.WRITE_SETTINGS

net.qihoo.launcher.permission.READ_SETTINGS

net.qihoo.launcher.permission.WRITE_SETTINGS

org.adwfreak.launcher.permission.READ_SETTINGS

org.adwfreak.launcher.permission.WRITE_SETTINGS

com.huawei.launcher3.permission.READ_SETTINGS

Sharing

General

Malware Config

Signatures

Files

com.mgyun.shua

com.mgyun.shua.ui.WelcomeActivity

Activities

com.mgyun.shua.ui.WelcomeActivity

com.mgyun.shua.ui.MainAct

com.mgyun.shua.ui.ComposeSmsActivity

Permissions

Receivers

com.mgyun.shua.service.BootReceiver

com.mgyun.shua.service.SmsReceiver

com.mgyun.shua.service.MmsReceiver

com.plusive.BootUpReceiver

com.plusive.PackageInstallReceiver

com.plusive.AddJobCreatorReceiver

com.evernote.android.job.v14.PlatformAlarmReceiver

com.evernote.android.job.JobBootReceiver

com.taobao.accs.EventReceiver

com.taobao.accs.ServiceReceiver

com.taobao.agoo.AgooCommondReceiver

Services

com.mgyun.shua.service.WorkService

com.mgyun.shua.service.HeadlessSmsSendService

com.evernote.android.job.gcm.PlatformGcmService

com.taobao.accs.ChannelService

com.taobao.accs.data.MsgDistributeService

org.android.agoo.accs.AgooService

com.umeng.message.UmengIntentService

com.umeng.message.UmengMessageCallbackHandlerService

com.umeng.message.UmengMessageIntentReceiverService

com.mgyun.accessibility.server.NRIAccessibilityServer

com.ss.android.socialbase.downloader.downloader.IndependentProcessDownloadService

Android Permissions

d87bcd177cbc42c3f0fdd118728a2c855edea02e0c3b1160d661be67be3f622a