dbbcbcd581db87511aa2b31d1170b648b3b6e81972dc20c4664e879384d1f4a8

Sharing

Copy URL Twitter E-mail

General

Target

dbbcbcd581db87511aa2b31d1170b648b3b6e81972dc20c4664e879384d1f4a8
Size

5.9MB
MD5

579aa88c8615089ae66786f21c6eeeca
SHA1

5b7d870b96b467d663cccea1177e0ba655863a30
SHA256

dbbcbcd581db87511aa2b31d1170b648b3b6e81972dc20c4664e879384d1f4a8
SHA512

aefc44949879d16abc363b358b489144ac5c01d4be974854c4b4a559d8cd5bbd6a2de0b82f842c2f66e72e71ceab26d2db04b966d9dcf7f0704770f286c28162
SSDEEP

98304:T7zy/Ipi62OWLzry3DsWinXxuq3vHZ62cV70npr5+nrWGjk8i1yjFvGYUzGxtbp0:T7zdDjiN3vHdfpr5FGjw1yBVGkb7Q74W

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 12 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION

Files

dbbcbcd581db87511aa2b31d1170b648b3b6e81972dc20c4664e879384d1f4a8
.apk android arch:arm64 arch:arm arch:mips arch:x86 arch:x64

com.tdfm.mv.qipa

com.qpgame.sdk.SplashActivity

Activities

com.qpgame.sdk.SplashActivity

android.intent.action.MAIN

Permissions

android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_MOCK_LOCATION
android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_EXTERNAL_STORAGE
android.permission.ACCESS_FINE_LOCATION
android.permission.SYSTEM_ALERT_WINDOW
android.permission.GET_TASKS
android.permission.WAKE_LOCK
android.permission.CHANGE_NETWORK_STATE
org.simalliance.openmobileapi.SMARTCARD
android.permission.NFC
android.permission.RECORD_AUDIO
android.permission.SEND_SMS
android.permission.VIBRATE
android.webkit.permission.PLUGIN
android.permission.CHANGE_NETWORK_STATE
android.permission.WRITE_SETTINGS
android.permission.INTERNET
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.CALL_PHONE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_COARSE_LOCATION
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT

Services

com.snowfish.a.a.s.ABGSvc

com.snowfish.a.a.s.ABGSvc
core.jar
.apk android
res.bin
.apk android
update.jar
.apk android

Android Permissions

dbbcbcd581db87511aa2b31d1170b648b3b6e81972dc20c4664e879384d1f4a8

Permissions

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_MOCK_LOCATION

android.permission.INTERNET

android.permission.READ_PHONE_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.READ_EXTERNAL_STORAGE

android.permission.ACCESS_FINE_LOCATION

android.permission.SYSTEM_ALERT_WINDOW

android.permission.GET_TASKS

android.permission.WAKE_LOCK

android.permission.CHANGE_NETWORK_STATE

org.simalliance.openmobileapi.SMARTCARD

android.permission.NFC

android.permission.RECORD_AUDIO

android.permission.SEND_SMS

android.permission.VIBRATE

android.webkit.permission.PLUGIN

android.permission.CHANGE_NETWORK_STATE

android.permission.WRITE_SETTINGS

android.permission.INTERNET

android.permission.CHANGE_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_PHONE_STATE

android.permission.CALL_PHONE

android.permission.READ_PHONE_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_COARSE_LOCATION

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher.permission.UNINSTALL_SHORTCUT

Sharing

General

Malware Config

Signatures

Files

com.tdfm.mv.qipa

com.qpgame.sdk.SplashActivity

Activities

com.qpgame.sdk.SplashActivity

Permissions

Services

com.snowfish.a.a.s.ABGSvc

Android Permissions

dbbcbcd581db87511aa2b31d1170b648b3b6e81972dc20c4664e879384d1f4a8