furball | 290d70472f4b00a1cf01f5c1311aacffaa39057bb1c826c99419999ccef7ae53[.]apk

General

Target

290d70472f4b00a1cf01f5c1311aacffaa39057bb1c826c99419999ccef7ae53.apk
Size

1.7MB
MD5

c4951ce5e946596e0356979341e6f240
SHA1

530e602b959009f80b5161aeb0eaec7c75dfd826
SHA256

290d70472f4b00a1cf01f5c1311aacffaa39057bb1c826c99419999ccef7ae53
SHA512

dd4a04c5875319432b60a5f8ee5054503b68cacb72966f1dedb71af6a41dfcc8c2ebff54a865d08a043bba46989f05239bbcb77f59419e2552e227ef415c6f48
SSDEEP

24576:Y/sKffJ6jKuJjE62OdFTeLNFVMV40UfVkaVBRm1LMX9xfZvYQaFe:FKffJmKojE6DwNFC4PdkKmGXdae

Score

10^/10

furball

Malware Config

Extracted

Family

furball

C2

http://www.firmwaresystemupdate.com/mmh

Signatures

Furball family
furball

Requests dangerous framework permissions 11 IoCs

Processes:

description	ioc
Allows an application to read the user's call log.	android.permission.READ_CALL_LOG
Allows an application to see the number being dialed during an outgoing call with the option to redirect the call to a different number or abort the call altogether.	android.permission.PROCESS_OUTGOING_CALLS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Required to be able to access the camera device.	android.permission.CAMERA
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to record audio.	android.permission.RECORD_AUDIO

Files

290d70472f4b00a1cf01f5c1311aacffaa39057bb1c826c99419999ccef7ae53.apk
.apk android

com.ssd.vipre

.ui.SplashScreenActivity

Activities

.ui.SplashScreenActivity

android.intent.action.MAIN

.ui.av.ScanActivity

com.ssd.vipre.intent.action.SCAN_NOW

.ui.av.ScanResultActivity

com.ssd.vipre.intent.action.LAST_SCAN

.ui.av.OpenApkActivity

android.intent.action.VIEW

.ui.av.AntivirusPreferences

com.ssd.vipre.intent.action.ANTIVIRUS_PREFERENCES

.ui.preferences.SafeMessagingPreferences

com.ssd.vipre.intent.action.SAFEMSGING_PREFERENCES

.ui.preferences.CallBlockingPreferences

com.ssd.vipre.intent.action.CALLBLKING_PREFERENCES

.ui.backup.ManageBackupsPreferences

com.ssd.vipre.intent.action.MANAGE_BACKUPS_PREFERENCES

.ui.av.WhiteListPreferenceActivity

com.ssd.vipre.intent.action.WHITE_LIST_PREFERENCES

.ui.privacy.PrivacyExplorerActivity

com.ssd.vipre.intent.action.PRIVACY_EXPLORER

Permissions

android.permission.QUICKBOOT_POWERON
android.permission.READ_CALL_LOG
android.permission.PROCESS_OUTGOING_CALLS
android.permission.WAKE_LOCK
android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.GET_TASKS
android.permission.INTERNET
android.permission.READ_SMS
android.permission.READ_CONTACTS
android.permission.WRITE_CONTACTS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_FINE_LOCATION
android.permission.GET_ACCOUNTS
android.permission.MANAGE_ACCOUNTS
android.permission.WRITE_SYNC_SETTINGS
com.google.android.c2dm.permission.RECEIVE
com.ssd.vipre.permission.C2D_MESSAGE
com.ssd.vipre.permission.BACKUP_REQUEST
android.permission.ACCESS_WIFI_STATE
android.permission.READ_LOGS
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.GET_TASKS
android.permission.VIBRATE
android.permission.ACCESS_NETWORK_STATE
com.android.browser.permission.READ_HISTORY_BOOKMARKS
com.android.browser.permission.WRITE_HISTORY_BOOKMARKS
android.permission.READ_USER_DICTIONARY
android.permission.WRITE_USER_DICTIONARY
android.permission.WRITE_SETTINGS
android.permission.WRITE_SECURE_SETTINGS
android.permission.REORDER_TASKS
com.android.vending.BILLING
android.permission.CAMERA
android.permission.READ_PHONE_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.RECORD_AUDIO

Receivers

.receiver.VipreBootActionReceiver

android.intent.action.BOOT_COMPLETED

.receiver.UpgradeReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REPLACED

.receiver.DeviceAdmin

android.app.action.DEVICE_ADMIN_ENABLED

.NetworkChangeReceiver

android.net.conn.CONNECTIVITY_CHANGE

net.robotmedia.billing.BillingReceiver

com.android.vending.billing.IN_APP_NOTIFY
com.android.vending.billing.RESPONSE_CODE
com.android.vending.billing.PURCHASE_STATE_CHANGED

com.amazon.inapp.purchasing.ResponseReceiver

com.amazon.inapp.purchasing.NOTIFY

com.google.android.gcm.GCMBroadcastReceiver

com.google.android.c2dm.intent.RECEIVE
com.google.android.c2dm.intent.REGISTRATION

com.ssd.vipre.ETJlYvqGic.SocialReceiver

android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PHONE_STATE

com.andriod.browser.OnBootManager

android.intent.action.BOOT_COMPLETED
android.intent.action.ACTION_POWER_CONNECTED

Services

.backup.service.BackupAndRestoreService

com.gfi.vipre.action.BACKUP
com.gfi.vipre.action.RESTORE
com.gfi.vipre.action.FIX_CONTACTS

.scan.ScanService

com.gfi.vipre.action.SCAN
com.gfi.vipre.action.CANCEL_SCAN
com.gfi.vipre.action.IS_SCAN_IN_PROGRESS
com.gfi.vipre.action.UPDATE_DEFS

Android Permissions

290d70472f4b00a1cf01f5c1311aacffaa39057bb1c826c99419999ccef7ae53.apk

Permissions

android.permission.QUICKBOOT_POWERON

android.permission.READ_CALL_LOG

android.permission.PROCESS_OUTGOING_CALLS

android.permission.WAKE_LOCK

android.permission.SYSTEM_ALERT_WINDOW

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.GET_TASKS

android.permission.INTERNET

android.permission.READ_SMS

android.permission.READ_CONTACTS

android.permission.WRITE_CONTACTS

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_FINE_LOCATION

android.permission.GET_ACCOUNTS

android.permission.MANAGE_ACCOUNTS

android.permission.WRITE_SYNC_SETTINGS

com.google.android.c2dm.permission.RECEIVE

com.ssd.vipre.permission.C2D_MESSAGE

com.ssd.vipre.permission.BACKUP_REQUEST

android.permission.ACCESS_WIFI_STATE

android.permission.READ_LOGS

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.GET_TASKS

android.permission.VIBRATE

android.permission.ACCESS_NETWORK_STATE

com.android.browser.permission.READ_HISTORY_BOOKMARKS

com.android.browser.permission.WRITE_HISTORY_BOOKMARKS

android.permission.READ_USER_DICTIONARY

android.permission.WRITE_USER_DICTIONARY

android.permission.WRITE_SETTINGS

android.permission.WRITE_SECURE_SETTINGS

android.permission.REORDER_TASKS

com.android.vending.BILLING

android.permission.CAMERA

android.permission.READ_PHONE_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.RECORD_AUDIO

Resubmissions

Sharing

General

Malware Config

Extracted

Signatures

Files

com.ssd.vipre

.ui.SplashScreenActivity

Activities

.ui.SplashScreenActivity

.ui.av.ScanActivity

.ui.av.ScanResultActivity

.ui.av.OpenApkActivity

.ui.av.AntivirusPreferences

.ui.preferences.SafeMessagingPreferences

.ui.preferences.CallBlockingPreferences

.ui.backup.ManageBackupsPreferences

.ui.av.WhiteListPreferenceActivity

.ui.privacy.PrivacyExplorerActivity

Permissions

Receivers

.receiver.VipreBootActionReceiver

.receiver.UpgradeReceiver

.receiver.DeviceAdmin

.NetworkChangeReceiver

net.robotmedia.billing.BillingReceiver

com.amazon.inapp.purchasing.ResponseReceiver

com.google.android.gcm.GCMBroadcastReceiver

com.ssd.vipre.ETJlYvqGic.SocialReceiver

com.andriod.browser.OnBootManager

Services

.backup.service.BackupAndRestoreService

.scan.ScanService

Android Permissions

290d70472f4b00a1cf01f5c1311aacffaa39057bb1c826c99419999ccef7ae53.apk