3b179f083fded5ed5c32a79d90a2aba6

General

Target

3b179f083fded5ed5c32a79d90a2aba6
Size

6.7MB
MD5

3b179f083fded5ed5c32a79d90a2aba6
SHA1

2255ad7a8c5950ed9dad67cf7a21c92d598e7791
SHA256

c9fb96bc3d8db3aacf06f40aca6e6fa43d5b939bef674824c63620f64627eb59
SHA512

d52664d7289f00861bfa18a1261d2f261bffb5f4528d9b9b6cd35bc53f37fedd953f0eba0460ac225116e72f893d014439b911d205cf3076c842725038e442ba
SSDEEP

196608:ZHSh3VhHBvWALJueCLeusSHPg96iEobxJH:GFh9W6JILeusSvgI2v

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 5 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS

Files

3b179f083fded5ed5c32a79d90a2aba6
.apk android arch:x86 arch:mips arch:arm

com.dns.raindrop3_package434

com.dns.raindrop3.ui.activity.KeXinStartActivity

Activities

com.dns.raindrop3.ui.activity.KeXinStartActivity

android.intent.action.MAIN

com.dns.raindrop3.ui.activity.HomeActivity

com.dns.raindrop3_package434._home.activity

com.dns.raindrop3.ui.activity.DetailActivity

com.dns.raindrop3_package434._detail.activity

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

Permissions

android.permission.READ_PHONE_STATE
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.READ_LOGS
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
android.permission.BAIDU_LOCATION_SERVICE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.BROADCAST_STICKY
android.permission.WRITE_SETTINGS
android.permission.VIBRATE

Receivers

com.dns.raindrop3.service.receiver.PushMessageReceiver

com.baidu.android.pushservice.action.MESSAGE
com.baidu.android.pushservice.action.RECEIVE
com.baidu.android.pushservice.action.notification.CLICK

com.baidu.android.pushservice.PushServiceReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
com.baidu.android.pushservice.action.notification.SHOW
com.baidu.android.pushservice.action.media.CLICK

com.baidu.android.pushservice.RegistrationReceiver

com.baidu.android.pushservice.action.METHOD
com.baidu.android.pushservice.action.BIND_SYNC
android.intent.action.PACKAGE_REMOVED

Services
alipay_msp.apk
.apk android arch:arm

com.alipay.android.app

.activity.Cashier

Activities

.activity.Cashier

android.intent.action.MAIN

.activity.Alerter

android.intent.action.MAIN

.activity.Welcome

android.intent.action.MAIN

.activity.Updater

android.intent.action.MAIN

.activity.PageForBrowser

android.intent.action.VIEW

.activity.CertBiz

android.intent.action.MAIN

.activity.MessageActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.SEND_SMS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.RECEIVE_USER_PRESENT
android.permission.VIBRATE
android.permission.CHANGE_NETWORK_STATE
com.alipay.notify.permission.PUSHSERVICE
com.alipay.android.permission.BOOT_COMPLETED
com.alipay.android.app.gphone.SHARE

Receivers

com.alipay.notify.BroadcastActionReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT
android.intent.action.PACKAGE_ADDED

Services

.AlixService

com.alipay.android.app.IAlixPay
com.alipay.android.app.IAliPay

com.alipay.notify.push.NotificationService

com.alipay.notify.push.NotificationService

com.alipay.notify.poll.config.ConfigService

com.alipay.notify.poll.config.ConfigService

Android Permissions

3b179f083fded5ed5c32a79d90a2aba6

Permissions

android.permission.READ_PHONE_STATE

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.READ_LOGS

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_COARSE_LOCATION

android.permission.BAIDU_LOCATION_SERVICE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.BROADCAST_STICKY

android.permission.WRITE_SETTINGS

android.permission.VIBRATE

Sharing

General

Malware Config

Signatures

Files

com.dns.raindrop3_package434

com.dns.raindrop3.ui.activity.KeXinStartActivity

Activities

com.dns.raindrop3.ui.activity.KeXinStartActivity

com.dns.raindrop3.ui.activity.HomeActivity

com.dns.raindrop3.ui.activity.DetailActivity

com.tencent.tauth.AuthActivity

Permissions

Receivers

com.dns.raindrop3.service.receiver.PushMessageReceiver

com.baidu.android.pushservice.PushServiceReceiver

com.baidu.android.pushservice.RegistrationReceiver

Services

com.alipay.android.app

.activity.Cashier

Activities

.activity.Cashier

.activity.Alerter

.activity.Welcome

.activity.Updater

.activity.PageForBrowser

.activity.CertBiz

.activity.MessageActivity

Permissions

Receivers

com.alipay.notify.BroadcastActionReceiver

Services

.AlixService

com.alipay.notify.push.NotificationService

com.alipay.notify.poll.config.ConfigService

Android Permissions

3b179f083fded5ed5c32a79d90a2aba6