a4cb37880df9db999d3d9098ccc0dab9d1b45b01825910d84589ffa9bbfedd00[.]bin

General

Target

a4cb37880df9db999d3d9098ccc0dab9d1b45b01825910d84589ffa9bbfedd00.bin
Size

4.5MB
MD5

0e4b6874c85dd1acfb0d8671941135ef
SHA1

aded00740ac479d6e2edf350bddf00fd0a2b7321
SHA256

a4cb37880df9db999d3d9098ccc0dab9d1b45b01825910d84589ffa9bbfedd00
SHA512

0d91c914beb0efaa4e1cbd5a2e42c5046fbd78b660a03ae09507ddee7fb6b12a840dd44309685b1f71deb25b9970d25537e67f635374cf878be16204aef94c2a
SSDEEP

98304:r260Awwpne4YArPdzlwBQ3DjElo4t6VHjQGzfrtELrvHUA2pF5wvgkO:3eZArPdzl1jElqDQHLrXMwvdO

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 10 IoCs

description	ioc
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application a broad access to external storage in scoped storage.	android.permission.MANAGE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access location in the background.	android.permission.ACCESS_BACKGROUND_LOCATION
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE

Files

a4cb37880df9db999d3d9098ccc0dab9d1b45b01825910d84589ffa9bbfedd00.bin
.apk android

ru.zjmcxuit.hmxwbivun

ru.zjmcxuit.hmxwbivun.MainActivity

Activities

ru.zjmcxuit.hmxwbivun.MainActivity

android.intent.action.MAIN
android.intent.action.SEND
android.intent.action.SEND_MULTIPLE
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

ru.zjmcxuit.hmxwbivun.SetPrefs

android.intent.action.MAIN

com.ui.widgets.BinderWidgetConfigureActivity

android.appwidget.action.APPWIDGET_CONFIGURE

com.ui.widgets.AppDisablerWidgetConfigureActivity

android.appwidget.action.APPWIDGET_CONFIGURE

Permissions

android.permission.BLUETOOTH
com.android.vending.BILLING
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.ACCESS_SUPERUSER
android.permission.INTERNET
android.permission.VIBRATE
com.android.vending.CHECK_LICENSE
android.permission.INTERACT_ACROSS_USERS_FULL
android.permission.ACCESS_NETWORK_STATE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.WRITE_SETTINGS
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.REQUEST_DELETE_PACKAGES
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WRITE_MEDIA_STORAGE
android.permission.MANAGE_EXTERNAL_STORAGE
android.permission.REORDER_TASKS
android.permission.READ_EXTERNAL_STORAGE
com.huawei.permission.external_app_settings.USE_COMPONENT
oppo.permission.OPPO_COMPONENT_SAFE
android.permission.WAKE_LOCK
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_BACKGROUND_LOCATION
android.permission.FOREGROUND_SERVICE
android.permission.GET_TASKS
android.permission.BATTERY_STATS
android.permission.READ_PHONE_STATE
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

Receivers

ru.zjmcxuit.hmxwbivun.PackageChangeReceiver

android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_REPLACED
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_CHANGED

ru.zjmcxuit.hmxwbivun.OnAlarmReceiver

com.ui.OnAlarmReceiver.ACTION_WIDGET_RECEIVER

ru.zjmcxuit.hmxwbivun.BinderBootReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.MEDIA_SCANNER_FINISHED
android.intent.action.MEDIA_SCANNER_STARTED
android.intent.action.MEDIA_MOUNTED
android.intent.action.MEDIA_EJECT
android.intent.action.MEDIA_UNMOUNTED
android.intent.action.MEDIA_REMOVED

ru.zjmcxuit.hmxwbivun.OnBootReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.EXTERNAL_APPLICATIONS_AVAILABLE
android.intent.action.EXTERNAL_APPLICATIONS_UNAVAILABLE
android.intent.action.UMS_DISCONNECTED
android.intent.action.POWER_DISCONNECTED
android.intent.action.MY_PACKAGE_REPLACED

com.ui.widgets.proxyGP_widget

android.appwidget.action.APPWIDGET_UPDATE
com.ui.widgets.proxyGP_widget.ACTION_WIDGET_RECEIVER
com.ui.widgets.proxyGP_widget.ACTION_WIDGET_RECEIVER_Updater

com.ui.widgets.inapp_widget

android.appwidget.action.APPWIDGET_UPDATE
com.ui.widgets.inapp_widget.ACTION_WIDGET_RECEIVER
com.ui.widgets.inapp_widget.ACTION_WIDGET_RECEIVER_Updater

com.ui.widgets.AndroidPatchWidget

android.appwidget.action.APPWIDGET_UPDATE

com.ui.widgets.BinderWidget

android.appwidget.action.APPWIDGET_UPDATE
com.ui.widgets.BinderWidget.ACTION_WIDGET_RECEIVER
com.ui.widgets.BinderWidget.ACTION_WIDGET_RECEIVER_Updater

com.ui.widgets.AppDisablerWidget

android.appwidget.action.APPWIDGET_UPDATE
com.ui.widgets.AppDisablerWidget.ACTION_WIDGET_RECEIVER
com.ui.widgets.AppDisablerWidget.ACTION_WIDGET_RECEIVER_Updater

Services

com.google.android.finsky.billing.iab.InAppBillingService

com.android.vending.billing.InAppBillingService.COIN
com.android.vending.billing.InAppBillingService.COIO
com.android.vending.billing.InAppBillingService.LUCM
com.android.vending.billing.InAppBillingService.PROX
ir.cafebazaar.pardakht.InAppBillingService.BIND
ru.zjmcxuit.hmxwbivun
com.nokia.payment.iapenabler.InAppBillingService.BIND
com.android.vending.billing.InAppBillingService.INST

com.google.android.finsky.services.LicensingService

ru.zjmcxuit.hmxwbivun.service

com.ui.TestService

com.ui.ITestServiceInterface.BIND

com.chelpus.TransferFilesService

com.chelpus.TransferFilesService.ITransferFilesServiceInterface.BIND

Android Permissions

a4cb37880df9db999d3d9098ccc0dab9d1b45b01825910d84589ffa9bbfedd00.bin

Permissions

android.permission.BLUETOOTH

com.android.vending.BILLING

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.ACCESS_SUPERUSER

android.permission.INTERNET

android.permission.VIBRATE

com.android.vending.CHECK_LICENSE

android.permission.INTERACT_ACROSS_USERS_FULL

android.permission.ACCESS_NETWORK_STATE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.WRITE_SETTINGS

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.REQUEST_DELETE_PACKAGES

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.WRITE_MEDIA_STORAGE

android.permission.MANAGE_EXTERNAL_STORAGE

android.permission.REORDER_TASKS

android.permission.READ_EXTERNAL_STORAGE

com.huawei.permission.external_app_settings.USE_COMPONENT

oppo.permission.OPPO_COMPONENT_SAFE

android.permission.WAKE_LOCK

android.permission.CHANGE_WIFI_STATE

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_BACKGROUND_LOCATION

android.permission.FOREGROUND_SERVICE

android.permission.GET_TASKS

android.permission.BATTERY_STATS

android.permission.READ_PHONE_STATE

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

Sharing

General

Malware Config

Signatures

Files

ru.zjmcxuit.hmxwbivun

ru.zjmcxuit.hmxwbivun.MainActivity

Activities

ru.zjmcxuit.hmxwbivun.MainActivity

ru.zjmcxuit.hmxwbivun.SetPrefs

com.ui.widgets.BinderWidgetConfigureActivity

com.ui.widgets.AppDisablerWidgetConfigureActivity

Permissions

Receivers

ru.zjmcxuit.hmxwbivun.PackageChangeReceiver

ru.zjmcxuit.hmxwbivun.OnAlarmReceiver

ru.zjmcxuit.hmxwbivun.BinderBootReceiver

ru.zjmcxuit.hmxwbivun.OnBootReceiver

com.ui.widgets.proxyGP_widget

com.ui.widgets.inapp_widget

com.ui.widgets.AndroidPatchWidget

com.ui.widgets.BinderWidget

com.ui.widgets.AppDisablerWidget

Services

com.google.android.finsky.billing.iab.InAppBillingService

com.google.android.finsky.services.LicensingService

com.ui.TestService

com.chelpus.TransferFilesService

Android Permissions

a4cb37880df9db999d3d9098ccc0dab9d1b45b01825910d84589ffa9bbfedd00.bin