Resubmissions

27-10-2022 16:01

221027-tgem5acff6 10

21-10-2022 10:54

221021-mzjlgagdd2 7

General

  • Target

    68a1452172636b081873b9f7c1ae3794035c4ff50d5538b656caf07016b74d07.apk

  • Size

    6.7MB

  • MD5

    a4c47367783405929e887ee955e21357

  • SHA1

    424e86bb95dd9c18a0c576ff09bfb78433968ecd

  • SHA256

    68a1452172636b081873b9f7c1ae3794035c4ff50d5538b656caf07016b74d07

  • SHA512

    be5e1aa9663495b264c127479c95dc369dc8c05ea00943706aac76004d930df5ed60300c215e0148260153ed2c40a7ad8e38d71a371e6fdbcc364bdfc5208ea1

  • SSDEEP

    98304:a3T0gL6HG6n8ZfpBR4bZcXxGaABrk02+D9sYS//75jRVMNN7bL/NLycThT0A7i1P:a3T086H1S4bZ6G2LSunhMLhT0I6QpeJz

Score
10/10

Malware Config

Extracted

Family

furball

C2

http://www.firmwaresystemupdate.com/mmh

Signatures

  • Furball family
  • Requests dangerous framework permissions 7 IoCs

Files

  • 68a1452172636b081873b9f7c1ae3794035c4ff50d5538b656caf07016b74d07.apk
    .apk android

    com.clem.isisnews

    com.qbiki.seattleclouds.AppStarterActivity


Android Permissions

68a1452172636b081873b9f7c1ae3794035c4ff50d5538b656caf07016b74d07.apk

Permissions

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_NETWORK_STATE

android.permission.GET_ACCOUNTS

com.clem.isisnews.permission.C2D_MESSAGE

com.google.android.c2dm.permission.RECEIVE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.QUICKBOOT_POWERON

android.permission.READ_SMS

com.android.browser.permission.READ_HISTORY_BOOKMARKS

android.permission.GET_TASKS

android.permission.READ_CALL_LOG

android.permission.READ_LOGS

android.permission.WRITE_SETTINGS

android.permission.READ_CONTACTS

android.permission.READ_PHONE_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.RECORD_AUDIO