Resubmissions

22-09-2022 05:59

220922-gpshqsdhcq 10

04-07-2022 03:32

220704-d3qdragdc8 8

30-06-2022 05:11

220630-fvqqnagaep 8

28-06-2022 09:39

220628-lmr7eaach9 7

21-06-2022 09:05

220621-k17nksegh6 8

General

  • Target

    cryptoapp.apk

  • Size

    3.7MB

  • MD5

    520855bdec84895dd57eb97e5f30b6e3

  • SHA1

    51428eaafc0d544da9a56ba00b8c9c774a01153f

  • SHA256

    b12dd66de4d180d4bbf4ae23f66bac875b3a9da455d9010720f0840541366490

  • SHA512

    b608aa376c1919cfad95d1ec31943b9350f8c25d30f60610dd1263e08b75fb5c400e635aee815fa29d186b9887e57b5cbb592e67d2e987a858e53e5f3d7c7e26

  • SSDEEP

    98304:Yc4aG4U0q90ueyK2KvJ+1uznRUGNlytq4hh4RCNpp5rbMkt:Y1P4IBH90zhQqrRC7n/t

Score
10/10

Malware Config

Signatures

  • Malibot family
  • Malibot payload 1 IoCs
  • Requests dangerous framework permissions 4 IoCs

Files

  • cryptoapp.apk
    .apk android

    werwerwee.qwetrydsf.yfdefes

    amirz.rootless.nexuslauncher.StartActivity


Android Permissions

cryptoapp.apk

Permissions

com.android.launcher.permission.READ_SETTINGS

com.android.launcher.permission.WRITE_SETTINGS

werwerwee.qwetrydsf.yfdefes.permission.READ_SETTINGS

werwerwee.qwetrydsf.yfdefes.permission.WRITE_SETTINGS

android.permission.EXPAND_STATUS_BAR

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.FOREGROUND_SERVICE

android.permission.WAKE_LOCK

android.permission.SYSTEM_ALERT_WINDOW

android.permission.REORDER_TASKS

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS

android.permission.REQUEST_DELETE_PACKAGES

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.QUERY_ALL_PACKAGES

android.permission.RECEIVE_SMS

android.permission.SEND_SMS

android.permission.CALL_PHONE

android.permission.SET_WALLPAPER

android.permission.SET_WALLPAPER_HINTS

android.permission.BIND_APPWIDGET

android.permission.READ_EXTERNAL_STORAGE