f00792d8d741bfea74774c79b61f80e0eb8703afc16247d01db38b2a6a69ecfc

General

Target

f00792d8d741bfea74774c79b61f80e0eb8703afc16247d01db38b2a6a69ecfc
Size

28.6MB
MD5

fbc745b351331255d695062a1a12af30
SHA1

cae3ba915c9000b758b92224fb63df21ec9d5d91
SHA256

f00792d8d741bfea74774c79b61f80e0eb8703afc16247d01db38b2a6a69ecfc
SHA512

3f797e46c3e4b5713e6b458016dd4f700b826fd574fa840205ebaa168bfc9e671550d9ec70b05a007d25e02b9692c9eaf03a40bbf902e1f15e6b080d4913e077
SSDEEP

786432:k+/TKVoQYIej/8R94qVP04YvkFeEDs9ZojYC6Rinqk87NSVIfZR4I:ksG4I4/M94aovkFrIZo4iX8EVQd

Score

8^/10

upx

Malware Config

Signatures

Patched UPX-packed file 1 IoCs

Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.

resource	yara_rule
sample	patched_upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Requests dangerous framework permissions 4 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE

Files

f00792d8d741bfea74774c79b61f80e0eb8703afc16247d01db38b2a6a69ecfc
.apk android arch:arm

com.dami.tv

com.mylove.galaxy.activity.MainActivity

Activities

com.mylove.galaxy.activity.MainActivity

android.intent.action.MAIN
com.dami.tv.APP_OPEN
com.dami.tv.CHANNEL_PREV_CHANNEL
com.dami.tv.CHANNEL_NEXT_CHANNEL

Permissions

android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.GET_TASKS
android.permission.READ_LOGS
android.permission.WAKE_LOCK
android.permission.CHANGE_WIFI_STATE
android.permission.BROADCAST_PACKAGE_ADDED
android.permission.BROADCAST_PACKAGE_CHANGED
android.permission.BROADCAST_PACKAGE_INSTALL
android.permission.BROADCAST_PACKAGE_REPLACED
android.permission.RESTART_PACKAGES
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.CHANGE_NETWORK_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.READ_EXTERNAL_STORAGE
android.permission.CHANGE_CONFIGURATION
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN

Receivers

com.mylove.galaxy.receiver.BootReceiver

android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.BOOT_COMPLETED

com.mylove.galaxy.receiver.LogReceiver

com.mylove.receiver.log_action

com.dangbei.euthenia.receiver.NetworkChangeReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.mylove.galaxy.receiver.PkgReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REPLACED
android.intent.action.PACKAGE_REMOVED

com.mylove.galaxy.receiver.PlayUrlReceiver

com.mylove.action.playurl

com.dangbei.euthenia.receiver.NetworkChangeReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.taobao.accs.EventReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_REMOVED
android.intent.action.USER_PRESENT

com.taobao.accs.ServiceReceiver

com.taobao.accs.intent.action.COMMAND
com.taobao.accs.intent.action.START_FROM_AGOO

com.taobao.agoo.AgooCommondReceiver

com.dami.tv.intent.action.COMMAND
android.intent.action.PACKAGE_REMOVED

Services

com.mylove.base.services.XunfeiService

com.iflytek.xiri2.app.NOTIFY

com.taobao.accs.ChannelService

com.taobao.accs.intent.action.SERVICE
com.taobao.accs.intent.action.ELECTION

com.taobao.accs.data.MsgDistributeService

com.taobao.accs.intent.action.RECEIVE

org.android.agoo.accs.AgooService

com.taobao.accs.intent.action.RECEIVE

com.umeng.message.UmengIntentService

org.agoo.android.intent.action.RECEIVE

com.umeng.message.XiaomiIntentService

org.agoo.android.intent.action.RECEIVE

com.umeng.message.UmengMessageIntentReceiverService

org.android.agoo.client.MessageReceiverService

com.umeng.message.UmengMessageCallbackHandlerService

com.umeng.messge.registercallback.action
com.umeng.message.enablecallback.action
com.umeng.message.disablecallback.action
com.umeng.message.message.handler.action
com.umeng.message.message.sendmessage.action

Android Permissions

f00792d8d741bfea74774c79b61f80e0eb8703afc16247d01db38b2a6a69ecfc

Permissions

android.permission.INTERNET

android.permission.ACCESS_WIFI_STATE

android.permission.READ_PHONE_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_NETWORK_STATE

android.permission.GET_TASKS

android.permission.READ_LOGS

android.permission.WAKE_LOCK

android.permission.CHANGE_WIFI_STATE

android.permission.BROADCAST_PACKAGE_ADDED

android.permission.BROADCAST_PACKAGE_CHANGED

android.permission.BROADCAST_PACKAGE_INSTALL

android.permission.BROADCAST_PACKAGE_REPLACED

android.permission.RESTART_PACKAGES

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.CHANGE_NETWORK_STATE

android.permission.ACCESS_COARSE_LOCATION

android.permission.READ_EXTERNAL_STORAGE

android.permission.CHANGE_CONFIGURATION

android.permission.BLUETOOTH

android.permission.BLUETOOTH_ADMIN

Sharing

General

Malware Config

Signatures

Files

com.dami.tv

com.mylove.galaxy.activity.MainActivity

Activities

com.mylove.galaxy.activity.MainActivity

Permissions

Receivers

com.mylove.galaxy.receiver.BootReceiver

com.mylove.galaxy.receiver.LogReceiver

com.dangbei.euthenia.receiver.NetworkChangeReceiver

com.mylove.galaxy.receiver.PkgReceiver

com.mylove.galaxy.receiver.PlayUrlReceiver

com.dangbei.euthenia.receiver.NetworkChangeReceiver

com.taobao.accs.EventReceiver

com.taobao.accs.ServiceReceiver

com.taobao.agoo.AgooCommondReceiver

Services

com.mylove.base.services.XunfeiService

com.taobao.accs.ChannelService

com.taobao.accs.data.MsgDistributeService

org.android.agoo.accs.AgooService

com.umeng.message.UmengIntentService

com.umeng.message.XiaomiIntentService

com.umeng.message.UmengMessageIntentReceiverService

com.umeng.message.UmengMessageCallbackHandlerService

Android Permissions

f00792d8d741bfea74774c79b61f80e0eb8703afc16247d01db38b2a6a69ecfc