HY_Delivery[.]apk

General

Target

HY_Delivery.apk
Size

36.2MB
MD5

a9f39f0bdb186c0039252fe26de6ac1a
SHA1

9dbfaf5f4c306d00b0550bb2792f7ecb1de50981
SHA256

693b10add4b595adddf87a0c02be8baeb7db287e205fdb40eb6c0788b1af222e
SHA512

7e5a517383bdbb8a616ba3e32c51c3fc72bddcb811a41e1c4c7f92210d199b7d55ccbe2d3e31be29267eea16bb0aeffde80cbaac8290814fc005ab453ac45ddb
SSDEEP

786432:VO7QnFd83rQbG8B270qJ8BzbhEbsjqoglRBRK+XLSKM75J4JD:FFqrQVB20qJeHhEqgmKkJ4JD

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 9 IoCs

description	ioc
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to monitor incoming MMS messages.	android.permission.RECEIVE_MMS
Allows an application to receive WAP push messages.	android.permission.RECEIVE_WAP_PUSH
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an app to post notifications.	android.permission.POST_NOTIFICATIONS

Files

HY_Delivery.apk
.apk android arch:arm64 arch:arm arch:x86 arch:x64

com.twshopp.cytes

io.dcloud.PandoraEntry

Activities

com.twshopp.cytes.MainSmsActivity

android.intent.action.SEND
android.intent.action.SENDTO

com.twshopp.cytes.service.SmsPermissionService

android.intent.action.SEND
android.intent.action.SENDTO

io.dcloud.PandoraEntry

android.intent.action.MAIN

io.dcloud.PandoraEntryActivity

android.intent.action.VIEW

Permissions

android.permission.CAMERA
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.RECEIVE_SMS
android.permission.SEND_SMS
android.permission.RECEIVE_MMS
android.permission.RECEIVE_WAP_PUSH
android.permission.INTERNET
android.permission.FOREGROUND_SERVICE
android.permission.GET_TASKS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.BROADCAST_STICKY
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.ACCESS_NETWORK_STATE
com.huawei.android.launcher.permission.CHANGE_BADGE
com.vivo.notification.permission.BADGE_ICON
android.permission.READ_EXTERNAL_STORAGE
com.asus.msa.SupplementaryDID.ACCESS
freemme.permission.msa
android.permission.WAKE_LOCK
android.permission.POST_NOTIFICATIONS
com.google.android.c2dm.permission.RECEIVE
com.google.android.gms.permission.AD_ID
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

Receivers

com.twshopp.cytes.receiver.MmsReceiver

android.provider.Telephony.WAP_PUSH_DELIVER

com.twshopp.cytes.receiver.SmsReceiver

android.provider.Telephony.SMS_RECEIVED
android.provider.Telephony.SMS_DELIVER

io.dcloud.common.adapter.io.DownloadReceiver

android.intent.action.PACKAGE_ADDED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

android.net.conn.CONNECTIVITY_CHANGE

androidx.work.impl.background.systemalarm.RescheduleReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.background.systemalarm.UpdateProxies

androidx.work.impl.diagnostics.DiagnosticsReceiver

androidx.work.diagnostics.REQUEST_DIAGNOSTICS

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

Services

com.twshopp.cytes.service.FirebaseMessageReceiver

com.google.firebase.MESSAGING_EVENT

com.twshopp.cytes.HeadlessSmsSendService

android.intent.action.RESPOND_VIA_MESSAGE

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

Android Permissions

HY_Delivery.apk

Permissions

android.permission.CAMERA

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_SMS

android.permission.WRITE_SMS

android.permission.RECEIVE_SMS

android.permission.SEND_SMS

android.permission.RECEIVE_MMS

android.permission.RECEIVE_WAP_PUSH

android.permission.INTERNET

android.permission.FOREGROUND_SERVICE

android.permission.GET_TASKS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.BROADCAST_STICKY

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS

android.permission.ACCESS_NETWORK_STATE

com.huawei.android.launcher.permission.CHANGE_BADGE

com.vivo.notification.permission.BADGE_ICON

android.permission.READ_EXTERNAL_STORAGE

com.asus.msa.SupplementaryDID.ACCESS

freemme.permission.msa

android.permission.WAKE_LOCK

android.permission.POST_NOTIFICATIONS

com.google.android.c2dm.permission.RECEIVE

com.google.android.gms.permission.AD_ID

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

Resubmissions

Sharing

General

Malware Config

Signatures

Files

com.twshopp.cytes

io.dcloud.PandoraEntry

Activities

com.twshopp.cytes.MainSmsActivity

com.twshopp.cytes.service.SmsPermissionService

io.dcloud.PandoraEntry

io.dcloud.PandoraEntryActivity

Permissions

Receivers

com.twshopp.cytes.receiver.MmsReceiver

com.twshopp.cytes.receiver.SmsReceiver

io.dcloud.common.adapter.io.DownloadReceiver

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

androidx.work.impl.background.systemalarm.RescheduleReceiver

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.diagnostics.DiagnosticsReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

Services

com.twshopp.cytes.service.FirebaseMessageReceiver

com.twshopp.cytes.HeadlessSmsSendService

com.google.firebase.messaging.FirebaseMessagingService

Android Permissions

HY_Delivery.apk