a9fdb468db218e973d2809064ffbe009

General

Target

a9fdb468db218e973d2809064ffbe009
Size

21.6MB
MD5

a9fdb468db218e973d2809064ffbe009
SHA1

f6e00874b9538610b92551f6e85bf6c1d8636492
SHA256

79cb6011fe98f73662272e3d375ca5be04772bd6310c9414440aac70aea07076
SHA512

35c717b2d95decb4b4d64b90e6a7aeb73d951e65aa545aa72744f1c94acf29c29ad17f587e4e43eb782b311de8ca889c8c056f8e7ee42b3ee8cf1655b366e658
SSDEEP

393216:E7XjGmeOQ2rJ8FroJARWPpcBebCim9+k88HAk402:XmeOQ2lsUARWBAebmF8n

Score

8^/10

upx

Malware Config

Signatures

Patched UPX-packed file 1 IoCs

Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.

resource	yara_rule
sample	patched_upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Requests dangerous framework permissions 11 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows an application to record audio.	android.permission.RECORD_AUDIO
Required to be able to access the camera device.	android.permission.CAMERA
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES

Files

a9fdb468db218e973d2809064ffbe009
.apk android arch:arm

com.android.funshareapp

com.android.funshareapp.ui.main.activity.StartActivity

Activities

com.android.funshareapp.ui.main.activity.StartActivity

android.intent.action.MAIN
android.intent.action.VIEW

com.android.funshareapp.wxapi.WXPayEntryActivity

android.intent.action.VIEW

com.alipay.sdk.app.AlipayResultActivity

android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.CALL_PHONE
android.permission.VIBRATE
android.permission.RECORD_AUDIO
android.permission.CAMERA
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_MOCK_LOCATION
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.ACCESS_FINE_LOCATION
android.permission.GET_TASKS
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.WAKE_LOCK
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WRITE_SETTINGS
android.permission.WRITE_SECURE_SETTINGS
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.ACCESS_MOCK_LOCATION
android.permission.CHANGE_WIFI_STATE
android.permission.FOREGROUND_SERVICE
android.permission.CHANGE_NETWORK_STATE
android.permission.CONNECTIVITY_USE_RESTRICTED_NETWORKS
android.permission.CONNECTIVITY_INTERNAL
android.permission.REQUEST_INSTALL_PACKAGES

Receivers

com.hyphenate.chat.EMMonitorReceiver

android.intent.action.PACKAGE_REMOVED
android.intent.action.BOOT_COMPLETED
android.intent.action.USER_PRESENT

Services
amap_resource1_0_0.png
.apk android

com.amap.api.map3d

Android Permissions

a9fdb468db218e973d2809064ffbe009

Permissions

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.CALL_PHONE

android.permission.VIBRATE

android.permission.RECORD_AUDIO

android.permission.CAMERA

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_MOCK_LOCATION

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.ACCESS_FINE_LOCATION

android.permission.GET_TASKS

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.WAKE_LOCK

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.READ_PHONE_STATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.WRITE_SETTINGS

android.permission.WRITE_SECURE_SETTINGS

android.permission.ACCESS_LOCATION_EXTRA_COMMANDS

android.permission.ACCESS_MOCK_LOCATION

android.permission.CHANGE_WIFI_STATE

android.permission.FOREGROUND_SERVICE

android.permission.CHANGE_NETWORK_STATE

android.permission.CONNECTIVITY_USE_RESTRICTED_NETWORKS

android.permission.CONNECTIVITY_INTERNAL

android.permission.REQUEST_INSTALL_PACKAGES

Sharing

General

Malware Config

Signatures

Files

com.android.funshareapp

com.android.funshareapp.ui.main.activity.StartActivity

Activities

com.android.funshareapp.ui.main.activity.StartActivity

com.android.funshareapp.wxapi.WXPayEntryActivity

com.alipay.sdk.app.AlipayResultActivity

Permissions

Receivers

com.hyphenate.chat.EMMonitorReceiver

Services

com.amap.api.map3d

Android Permissions

a9fdb468db218e973d2809064ffbe009