3ddcf39716f6975334fdbe16a70cae68

Sharing

Copy URL

Twitter E-mail

General

Target

3ddcf39716f6975334fdbe16a70cae68
Size

13.0MB
MD5

3ddcf39716f6975334fdbe16a70cae68
SHA1

ff06e6e5e8aa857e9529169df462fd63137c3b5f
SHA256

65c960f9ab4a2792e351d17d5646cccfc26ffe96ecd3715f6535e87d743d7ccf
SHA512

465a9da44b6273a8f5402a585847d996618c14e8eaecc858960fe43a6bc278b2403a506eddaebc088fa9d092d127cf236f3f8036836db9ee7f6717e043fe682a
SSDEEP

196608:RBl1ZF2sqrNXzuJf2YmVXeNwBMzC2W60aBWCN5Oz6GQfFtF974ZS5lW:RJriX6JuYweNPzCg0awC3V3TFIS5lW

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 2 IoCs

description	ioc
Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device.	android.permission.BIND_NOTIFICATION_LISTENER_SERVICE
Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device.	android.permission.BIND_NOTIFICATION_LISTENER_SERVICE

Requests dangerous framework permissions 15 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to read the user's calendar data.	android.permission.READ_CALENDAR
Allows an application to write the user's calendar data.	android.permission.WRITE_CALENDAR
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to read the user's call log.	android.permission.READ_CALL_LOG
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to monitor incoming MMS messages.	android.permission.RECEIVE_MMS
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION

Files

3ddcf39716f6975334fdbe16a70cae68
.apk android arch:x64 arch:arm arch:arm64 arch:x86

com.tul.aviate

com.yahoo.aviate.android.ui.AviateLiteActivity

Activities

com.yahoo.aviate.android.ui.AviateLiteActivity

android.intent.action.MAIN

com.tul.aviator.ui.TabbedHomeActivity

android.intent.action.MAIN

com.tul.aviator.appcenter.AppCenterActivity

android.intent.action.MAIN

com.yahoo.aviate.android.ui.view.SearchActionActivity

android.intent.action.MAIN

com.tul.aviator.themes.SetThemeReceiver

com.tul.aviate.SET_THEME

com.yahoo.mobile.client.share.accountmanager.activity.AccountServiceSelectActivity

android.intent.action.MAIN

Permissions

com.tul.aviate.permission.AVIATE_RECEIVE
android.permission.INTERNET
android.permission.WAKE_LOCK
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.GET_TASKS
android.permission.SET_WALLPAPER
android.permission.SET_WALLPAPER_HINTS
android.permission.VIBRATE
android.permission.CALL_PHONE
android.permission.BATTERY_STATS
com.tul.aviate.permission.MAPS_RECEIVE
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.AUTHENTICATE_ACCOUNTS
android.permission.MANAGE_ACCOUNTS
com.android.launcher.permission.READ_SETTINGS
com.android.launcher.permission.WRITE_SETTINGS
com.android.launcher2.permission.READ_SETTINGS
com.android.launcher2.permission.WRITE_SETTINGS
com.android.launcher3.permission.READ_SETTINGS
com.android.launcher3.permission.WRITE_SETTINGS
com.htc.launcher.permission.READ_SETTINGS
com.htc.launcher.permission.WRITE_SETTINGS
com.teslacoilsw.launcher.permission.READ_SETTINGS
com.teslacoilsw.launcher.permission.WRITE_SETTINGS
com.google.android.providers.gsf.permission.READ_GSERVICES
com.google.android.launcher.permission.READ_SETTINGS
com.google.android.launcher.permission.WRITE_SETTINGS
android.permission.EXPAND_STATUS_BAR
com.google.android.c2dm.permission.RECEIVE
android.permission.GET_ACCOUNTS
android.permission.BROADCAST_STICKY
com.android.alarm.permission.SET_ALARM
android.permission.READ_CALENDAR
android.permission.WRITE_CALENDAR
android.permission.CHANGE_WIFI_STATE
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.READ_SYNC_SETTINGS
android.permission.WRITE_SYNC_SETTINGS
android.permission.WRITE_SETTINGS
android.permission.READ_CALL_LOG
android.permission.READ_SMS
android.permission.READ_CONTACTS
android.permission.RECEIVE_SMS
android.permission.RECEIVE_MMS
com.google.android.gm.permission.READ_CONTENT_PROVIDER
com.sec.android.provider.badge.permission.READ
com.sec.android.provider.badge.permission.WRITE
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED
com.tul.aviate.permission.AVIATE_INTER_APP
android.permission.READ_EXTERNAL_STORAGE
android.permission.BIND_APPWIDGET
android.permission.ACCESS_WIFI_STATE
com.tul.aviate.permission.C2D_MESSAGE
android.permission.ACCESS_FINE_LOCATION
com.google.android.gms.permission.ACTIVITY_RECOGNITION
android.permission.BIND_NOTIFICATION_LISTENER_SERVICE
com.tul.aviate.permission.READ_SETTINGS
com.tul.aviate.permission.WRITE_SETTINGS

Receivers

com.tul.aviator.pushnotification.CardPushNotifier$NotificationTapReceiver

com.tul.aviator.pushnotification.CardPushNotifier.action.TAP
com.tul.aviator.pushnotification.CardPushNotifier.action.DISMISS
com.tul.aviator.pushnotification.CardPushNotifier.action.EXPIRE

com.yahoo.aviate.android.agent.AgentReminderBroadcastReceiver

com.yahoo.aviate.android.agent.AgentReminderBroadcastReceiver.SHOW_DUE_REMINDERS
com.yahoo.aviate.android.agent.AgentReminderBroadcastReceiver.TAPPED_REMINDER
com.yahoo.aviate.android.agent.AgentReminderBroadcastReceiver.DISMISSED_REMINDER

com.tul.aviator.InstallReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.yahoo.mobile.client.android.search.aviate.PackageChangeReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_CHANGED
android.intent.action.PACKAGE_REMOVED

com.tul.aviator.device.InstallShortcutReceiver

com.android.launcher.action.INSTALL_SHORTCUT

com.tul.aviator.device.UninstallShortcutReceiver

com.android.launcher.action.UNINSTALL_SHORTCUT

com.tul.aviator.GCMBroadcastReceiver

com.google.android.c2dm.intent.RECEIVE
com.google.android.c2dm.intent.REGISTRATION

com.tul.aviator.dailydelight.DailyDelightService$DailyDelightAlarmReceiver

com.tul.aviator.dailydelight.DailyDelightService.FETCH

com.tul.aviator.RingerModeChangedReceiver

android.media.RINGER_MODE_CHANGED

com.tul.aviator.cards.quickactions.BatteryQuickActionProvider

com.tul.aviate.card.UPDATED
com.tul.aviate.BATTERY_CHANGED

com.tul.aviator.cards.quickactions.DoNotDisturbQuickActionProvider

com.tul.aviate.card.UPDATED
android.intent.action.USER_PRESENT
com.tul.aviator.cards.quickactions.DoNotDisturbQuickActionProvider.TOGGLE

com.tul.aviator.cards.quickactions.PowerSaveQuickActionProvider

com.tul.aviate.card.UPDATED
com.tul.aviator.cards.quickactions.PowerSaveQuickActionProvider.TOGGLE

com.tul.aviator.cards.quickactions.SetAlarmQuickActionProvider

com.tul.aviate.card.UPDATED
com.tul.aviate.cards.quickactions.ALARM_LAUNCHED
com.yahoo.sensors.android.NEXT_ALARM_CHANGED

com.tul.aviator.NetworkChangeReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.tul.aviator.device.LocaleChangedReceiver

android.intent.action.LOCALE_CHANGED

com.tul.aviator.device.AppPackageChangeReceiver

android.intent.action.PACKAGE_CHANGED
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_REPLACED

com.tul.aviator.device.DeviceHasBootUpReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.ACTION_SHUTDOWN

com.yahoo.mobile.client.share.account.AccountUnlinkedReceiver

com.yahoo.android.account.internal.unlinked

com.yahoo.mobile.client.share.account.AccountChangedReceiver

com.yahoo.android.account.modified

com.yahoo.mobile.client.share.account.AccountRemovedReceiver

com.yahoo.android.account.removed

com.yahoo.mobile.client.share.accountmanager.AccountDataReceiver

com.yahoo.android.account.cookie
com.yahoo.android.account.globalsalt
com.yaho.android.account.fallback

com.yahoo.mobile.client.android.snoopy.partner.InstallReferrerBroadcastReceiver

com.android.vending.INSTALL_REFERRER

com.yahoo.mobile.client.share.search.suggest.PackageChangeReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_CHANGED
android.intent.action.PACKAGE_REMOVED

com.yahoo.platform.mobile.crt.service.push.MessagingSDKGCMReceiver

com.google.android.c2dm.intent.RECEIVE

com.yahoo.sensors.android.music.SpotifyBroadcastReceiver

com.spotify.music.playbackstatechanged
com.spotify.music.metadatachanged

com.yahoo.sensors.android.battery.BatteryStats$ShutdownReceiver

android.intent.action.ACTION_SHUTDOWN

com.growth.flash.core.NetworkChangeReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.kochava.android.tracker.ReferralCapture

com.android.vending.INSTALL_REFERRER

Services

com.yahoo.mobile.client.share.accountmanager.AccountAuthenticatorService

android.accounts.AccountAuthenticator

com.yahoo.sensors.android.music.KitKatRemoteMediaListenerService

android.service.notification.NotificationListenerService

com.yahoo.sensors.android.music.LollipopRemoteMediaListenerService

android.service.notification.NotificationListenerService

Android Permissions

3ddcf39716f6975334fdbe16a70cae68

Permissions

com.tul.aviate.permission.AVIATE_RECEIVE

android.permission.INTERNET

android.permission.WAKE_LOCK

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.GET_TASKS

android.permission.SET_WALLPAPER

android.permission.SET_WALLPAPER_HINTS

android.permission.VIBRATE

android.permission.CALL_PHONE

android.permission.BATTERY_STATS

com.tul.aviate.permission.MAPS_RECEIVE

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_PHONE_STATE

android.permission.AUTHENTICATE_ACCOUNTS

android.permission.MANAGE_ACCOUNTS

com.android.launcher.permission.READ_SETTINGS

com.android.launcher.permission.WRITE_SETTINGS

com.android.launcher2.permission.READ_SETTINGS

com.android.launcher2.permission.WRITE_SETTINGS

com.android.launcher3.permission.READ_SETTINGS

com.android.launcher3.permission.WRITE_SETTINGS

com.htc.launcher.permission.READ_SETTINGS

com.htc.launcher.permission.WRITE_SETTINGS

com.teslacoilsw.launcher.permission.READ_SETTINGS

com.teslacoilsw.launcher.permission.WRITE_SETTINGS

com.google.android.providers.gsf.permission.READ_GSERVICES

com.google.android.launcher.permission.READ_SETTINGS

com.google.android.launcher.permission.WRITE_SETTINGS

android.permission.EXPAND_STATUS_BAR

com.google.android.c2dm.permission.RECEIVE

android.permission.GET_ACCOUNTS

android.permission.BROADCAST_STICKY

com.android.alarm.permission.SET_ALARM

android.permission.READ_CALENDAR

android.permission.WRITE_CALENDAR

android.permission.CHANGE_WIFI_STATE

android.permission.BLUETOOTH

android.permission.BLUETOOTH_ADMIN

android.permission.READ_SYNC_SETTINGS

android.permission.WRITE_SYNC_SETTINGS

android.permission.WRITE_SETTINGS

android.permission.READ_CALL_LOG

android.permission.READ_SMS

android.permission.READ_CONTACTS

android.permission.RECEIVE_SMS

android.permission.RECEIVE_MMS

com.google.android.gm.permission.READ_CONTENT_PROVIDER

com.sec.android.provider.badge.permission.READ

com.sec.android.provider.badge.permission.WRITE

android.permission.MODIFY_AUDIO_SETTINGS

Sharing

General

Malware Config

Signatures

Files

com.tul.aviate

com.yahoo.aviate.android.ui.AviateLiteActivity

Activities

com.yahoo.aviate.android.ui.AviateLiteActivity

com.tul.aviator.ui.TabbedHomeActivity

com.tul.aviator.appcenter.AppCenterActivity

com.yahoo.aviate.android.ui.view.SearchActionActivity

com.tul.aviator.themes.SetThemeReceiver

com.yahoo.mobile.client.share.accountmanager.activity.AccountServiceSelectActivity

Permissions

Receivers

com.tul.aviator.pushnotification.CardPushNotifier$NotificationTapReceiver

com.yahoo.aviate.android.agent.AgentReminderBroadcastReceiver

com.tul.aviator.InstallReferrerReceiver

com.yahoo.mobile.client.android.search.aviate.PackageChangeReceiver

com.tul.aviator.device.InstallShortcutReceiver

com.tul.aviator.device.UninstallShortcutReceiver

com.tul.aviator.GCMBroadcastReceiver

com.tul.aviator.dailydelight.DailyDelightService$DailyDelightAlarmReceiver

com.tul.aviator.RingerModeChangedReceiver

com.tul.aviator.cards.quickactions.BatteryQuickActionProvider

com.tul.aviator.cards.quickactions.DoNotDisturbQuickActionProvider

com.tul.aviator.cards.quickactions.PowerSaveQuickActionProvider

com.tul.aviator.cards.quickactions.SetAlarmQuickActionProvider

com.tul.aviator.NetworkChangeReceiver

com.tul.aviator.device.LocaleChangedReceiver

com.tul.aviator.device.AppPackageChangeReceiver

com.tul.aviator.device.DeviceHasBootUpReceiver

com.yahoo.mobile.client.share.account.AccountUnlinkedReceiver

com.yahoo.mobile.client.share.account.AccountChangedReceiver

com.yahoo.mobile.client.share.account.AccountRemovedReceiver

com.yahoo.mobile.client.share.accountmanager.AccountDataReceiver

com.yahoo.mobile.client.android.snoopy.partner.InstallReferrerBroadcastReceiver

com.yahoo.mobile.client.share.search.suggest.PackageChangeReceiver

com.yahoo.platform.mobile.crt.service.push.MessagingSDKGCMReceiver

com.yahoo.sensors.android.music.SpotifyBroadcastReceiver

com.yahoo.sensors.android.battery.BatteryStats$ShutdownReceiver

com.growth.flash.core.NetworkChangeReceiver

com.kochava.android.tracker.ReferralCapture

Services

com.yahoo.mobile.client.share.accountmanager.AccountAuthenticatorService

com.yahoo.sensors.android.music.KitKatRemoteMediaListenerService

com.yahoo.sensors.android.music.LollipopRemoteMediaListenerService

Android Permissions

3ddcf39716f6975334fdbe16a70cae68