xf[.]apk | Triage

General

Target

xf.apk
Size

8.7MB
MD5

870a1d85219fd4cb5ef043852f95eff7
SHA1

8ce11fb0b03422c01a7d9b9b5c4e6f3ac1a1cbc8
SHA256

9832722bac27d29e685c61f4e9da17d2f8740290475fc28d2b9868df5c6ad193
SHA512

8deae6504d4c565bc36da543cfb1eb7dfc941f3327cbe186c3825e9c42df3b2fc1ceb0b1bce1eb353ec597d5ae19b05eeac083bb3ddd6ba373bf8d2588ad1039
SSDEEP

98304:/WymcfJF1uAw0gtbOaIOs+PIDHv+EhCk+ZrA4YuBZIqV1hIUb6rXVtGnMsTfZc+z:RmcfJnONIOsvhl+q5uL4llnsTf9aCn/

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 1 IoCs

description	ioc
Required by input method services to bind with the system. Allows apps to provide custom input methods (keyboards).	android.permission.BIND_INPUT_METHOD

Requests dangerous framework permissions 6 IoCs

description	ioc
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION

Files

xf.apk
.apk android arch:arm

com.iflytek.inputmethod.pad

.WizardActivity

Activities

com.iflytek.inputmethod.download.DownloadActivity

com.iflytek.inputmethod.ACTION_DOWNLOAD_VIEW

.WizardActivity

com.iflytek.inputmethod.loaclskin
android.intent.action.MAIN

.EntryActivity

com.iflytek.inputmethod.action_ime

com.iflytek.inputmethod.setting.FriendShareActivity

com.iflytek.inputmethod.ACTION_SHARE_VIEW

com.iflytek.inputmethod.setting.skin.theme.ThemeRequestActivity

android.intent.action.VIEW

com.iflytek.inputmethod.install.FlyDeliverActivity

android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.MAIN

com.iflytek.inputmethod.wxapi.WXEntryActivity

android.intent.action.VIEW

Permissions

android.permission.READ_CONTACTS
android.permission.RECORD_AUDIO
android.permission.INTERNET
android.permission.VIBRATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_PHONE_STATE
android.permission.WAKE_LOCK
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.GET_TASKS
android.permission.ACCESS_WIFI_STATE
android.permission.BROADCAST_PACKAGE_ADDED
android.permission.BROADCAST_PACKAGE_CHANGED
android.permission.BROADCAST_PACKAGE_INSTALL
android.permission.BROADCAST_PACKAGE_REPLACED
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN

Services

.FlyIME

android.view.InputMethod

com.iflytek.inputmethod.download.DownloadHandlerService

com.iflytek.inputmethod.pad.download.handler_service

Android Permissions

xf.apk

Permissions

android.permission.READ_CONTACTS

android.permission.RECORD_AUDIO

android.permission.INTERNET

android.permission.VIBRATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_PHONE_STATE

android.permission.WAKE_LOCK

android.permission.ACCESS_NETWORK_STATE

android.permission.CHANGE_NETWORK_STATE

android.permission.GET_TASKS

android.permission.ACCESS_WIFI_STATE

android.permission.BROADCAST_PACKAGE_ADDED

android.permission.BROADCAST_PACKAGE_CHANGED

android.permission.BROADCAST_PACKAGE_INSTALL

android.permission.BROADCAST_PACKAGE_REPLACED

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.BLUETOOTH

android.permission.BLUETOOTH_ADMIN

Sharing

General

Malware Config

Signatures

Files

com.iflytek.inputmethod.pad

.WizardActivity

Activities

com.iflytek.inputmethod.download.DownloadActivity

.WizardActivity

.EntryActivity

com.iflytek.inputmethod.setting.FriendShareActivity

com.iflytek.inputmethod.setting.skin.theme.ThemeRequestActivity

com.iflytek.inputmethod.install.FlyDeliverActivity

com.iflytek.inputmethod.wxapi.WXEntryActivity

Permissions

Services

.FlyIME

com.iflytek.inputmethod.download.DownloadHandlerService

Android Permissions

xf.apk