revive | C27C87F4B2A0D95A17D11535167445E3FA9DB05470F1CC57C62B39248A54C4FE[.]apk

Resubmissions

11-08-2022 15:38

220811-s3e1cabcf3 10

01-08-2022 13:13

220801-qgkmlahgal 7

01-08-2022 13:12

220801-qfz1wshgaj 7

01-08-2022 12:55

220801-p5zkzsgde4 7

Sharing

Copy URL

Twitter E-mail

General

Target

C27C87F4B2A0D95A17D11535167445E3FA9DB05470F1CC57C62B39248A54C4FE.apk
Size

46.1MB
MD5

4240473028f88a3ef54f86f1cd387f24
SHA1

29f2ae906a463f10e22c6be7d2676e59916d8aad
SHA256

c27c87f4b2a0d95a17d11535167445e3fa9db05470f1cc57c62b39248a54c4fe
SHA512

e9c34255ce9b37dfd22523b1be5e15be441bd514be40dc3da23b032f3a0b05f652c1639f2c05441fadaef804634ee72c4b163325098d5d107e0664e5710a622f
SSDEEP

786432:vDwRxRo6CrERVB9wcYPSJLbZCNiQGKTwcQ3ZigclgC9x7owlsrnJZahUf6lqYylY:LmLC8VB6FaJLdNKTwcQJiBCCDowWTuUq

Score

10^/10

revive

Malware Config

Extracted

Family

revive

http://80.85.153.49:4000

Signatures

Revive family
revive

Requests dangerous framework permissions 5 IoCs

description	ioc
Allows read access to the device's phone number(s).	android.permission.READ_PHONE_NUMBERS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE

Files

C27C87F4B2A0D95A17D11535167445E3FA9DB05470F1CC57C62B39248A54C4FE.apk
.apk android arch:arm64 arch:arm arch:x86 arch:x64

com.bbva

com.bbva.MainActivity

Activities

com.bbva.MainActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.READ_PHONE_NUMBERS
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_SMS
android.permission.FOREGROUND_SERVICE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.BIND_ACCESSIBILITY_SERVICE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

Receivers

com.bbva.AutoStart

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

com.bbva.Revive

Revive

com.bbva.SmsReciver

android.provider.Telephony.SMS_RECEIVED

Services

com.bbva.keylogger

android.accessibilityservice.AccessibilityService

Android Permissions

C27C87F4B2A0D95A17D11535167445E3FA9DB05470F1CC57C62B39248A54C4FE.apk

Permissions

android.permission.INTERNET

android.permission.READ_PHONE_NUMBERS

android.permission.READ_PHONE_STATE

android.permission.RECEIVE_SMS

android.permission.FOREGROUND_SERVICE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.BIND_ACCESSIBILITY_SERVICE

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

Resubmissions

Sharing

General

Malware Config

Extracted

Signatures

Files

com.bbva

com.bbva.MainActivity

Activities

com.bbva.MainActivity

Permissions

Receivers

com.bbva.AutoStart

com.bbva.Revive

com.bbva.SmsReciver

Services

com.bbva.keylogger

Android Permissions

C27C87F4B2A0D95A17D11535167445E3FA9DB05470F1CC57C62B39248A54C4FE.apk