Temu[.]apk | Triage

General

Target

Temu.apk
Size

37.6MB
MD5

31bccfaa041e47f872ca40f20f6007d0
SHA1

6a0a1bae9b643c90c4d813f2b77e34198b884b09
SHA256

fedb83459b0b1b68d6fde312829904b4143416abb34d8574787125aa6f960505
SHA512

5aea6c0c4eec9dd1ef01f8119248b5e2c164fbe9c600d17a95b835f962d7061719d3cd53cb64401aec8924add84f94990e0a8c096f08f8e335a79f28e62cad78
SSDEEP

393216:TA8ygCKd/f63aE8uYPI4Vu5nUX9AnrmNsffwJJ6:lCqa3aE8utgum9ARfkJ6

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 3 IoCs

description	ioc
Allows an app to post notifications.	android.permission.POST_NOTIFICATIONS
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION

Files

Temu.apk
.apk android

Password: password

com.einnovation.temu

com.baogong.splash.activity.MainFrameActivity

Activities

com.baogong.activity.NewPageActivity

com.einnovation.whaleco.ACTION_NEW_PAGE_ACTIVITY

com.baogong.activity.NewPageActivity2

com.einnovation.whaleco.ACTION_NEW_PAGE_ACTIVITY2

com.baogong.activity.NewPageMaskActivity

com.einnovation.whaleco.ACTION_NEW_PAGE_MASK_ACTIVITY

com.facebook.CustomTabActivity

android.intent.action.VIEW
android.intent.action.VIEW

com.baogong.app_push_permission.OtpReceiverActivity

com.whatsapp.otp.OTP_RETRIEVED

com.baogong.splash.activity.MainFrameActivity

android.intent.action.MAIN
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

com.einnovation.whaleco.pay.auth.braintree.BraintreeCallbackActivity

android.intent.action.VIEW

com.linecorp.linesdk.auth.internal.LineAuthenticationCallbackActivity

android.intent.action.VIEW

com.braintreepayments.api.BraintreeDeepLinkActivity

android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.WAKE_LOCK
com.google.android.gms.permission.AD_ID
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
android.permission.VIBRATE
android.permission.RECEIVE_BOOT_COMPLETED
com.adjust.preinstall.READ_PERMISSION
android.permission.POST_NOTIFICATIONS
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
com.google.android.c2dm.permission.RECEIVE

Receivers

androidx.profileinstaller.ProfileInstallReceiver

androidx.profileinstaller.action.INSTALL_PROFILE
androidx.profileinstaller.action.SKIP_FILE
androidx.profileinstaller.action.SAVE_PROFILE
androidx.profileinstaller.action.BENCHMARK_OPERATION

com.baogong.app_push_permission.OtpReceiver

com.whatsapp.otp.OTP_RETRIEVED

com.baogong.app_push_permission.OtpErrReceiver

com.whatsapp.otp.OTP_ERROR

com.baogong.app_shortcuts.LocaleChangedReceiver

android.intent.action.LOCALE_CHANGED

com.baogong.widget.provider.FarmlandWidget

android.appwidget.action.APPWIDGET_UPDATE

com.baogong.widget.provider.FishlandWidget

android.appwidget.action.APPWIDGET_UPDATE

com.baogong.play.engage.EngageBroadcastReceiver

com.google.android.engage.action.PUBLISH_RECOMMENDATION
com.google.android.engage.action.PUBLISH_FEATURED
com.google.android.engage.action.shopping.PUBLISH_SHOPPING_CART

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

com.facebook.sdk.ACTION_CURRENT_ACCESS_TOKEN_CHANGED

com.facebook.AuthenticationTokenManager$CurrentAuthenticationTokenChangedBroadcastReceiver

com.facebook.sdk.ACTION_CURRENT_AUTHENTICATION_TOKEN_CHANGED

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

Services

com.baogong.push.WhaleCoFirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

Android Permissions

Temu.apk

Permissions

android.permission.INTERNET

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.WAKE_LOCK

com.google.android.gms.permission.AD_ID

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

android.permission.VIBRATE

android.permission.RECEIVE_BOOT_COMPLETED

com.adjust.preinstall.READ_PERMISSION

android.permission.POST_NOTIFICATIONS

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

com.google.android.c2dm.permission.RECEIVE

Sharing

General

Malware Config

Signatures

Files

Password: password

com.einnovation.temu

com.baogong.splash.activity.MainFrameActivity

Activities

com.baogong.activity.NewPageActivity

com.baogong.activity.NewPageActivity2

com.baogong.activity.NewPageMaskActivity

com.facebook.CustomTabActivity

com.baogong.app_push_permission.OtpReceiverActivity

com.baogong.splash.activity.MainFrameActivity

com.einnovation.whaleco.pay.auth.braintree.BraintreeCallbackActivity

com.linecorp.linesdk.auth.internal.LineAuthenticationCallbackActivity

com.braintreepayments.api.BraintreeDeepLinkActivity

Permissions

Receivers

androidx.profileinstaller.ProfileInstallReceiver

com.baogong.app_push_permission.OtpReceiver

com.baogong.app_push_permission.OtpErrReceiver

com.baogong.app_shortcuts.LocaleChangedReceiver

com.baogong.widget.provider.FarmlandWidget

com.baogong.widget.provider.FishlandWidget

com.baogong.play.engage.EngageBroadcastReceiver

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

com.facebook.AuthenticationTokenManager$CurrentAuthenticationTokenChangedBroadcastReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

Services

com.baogong.push.WhaleCoFirebaseMessagingService

com.google.firebase.messaging.FirebaseMessagingService

Android Permissions

Temu.apk