sharkbot | SharkBot[.]apk

General

Target

SharkBot.apk
Size

14.1MB
MD5

1f32aa3ad68eac774cfcaeb0cd84de4d
SHA1

512f378b8821064d5b48ceb0624dd17eca673667
SHA256

a56dacc093823dc1d266d68ddfba04b2265e613dcc4b69f350873b485b9e1f1c
SHA512

ad66808102f0af441ffe7f18da3daed094d860930a70bb67e164d984b693b95f98fb51eff192404aac6c605e6a7351286b9e866f2d3567ce64ad0c2d0652db69
SSDEEP

393216:lNIvvMaH5macX7X52NWdXJq2TNhUXwplpMrfum77:lNs0aZqgY5rNq7

Score

10^/10

sharkbot

Malware Config

Extracted

Family

sharkbot

C2

http://statscodicefiscale.xyz/stats/

Signatures

Sharkbot family
sharkbot

Requests dangerous framework permissions 3 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Required to be able to access the camera device.	android.permission.CAMERA

Files

SharkBot.apk
.apk android

com.abbondioendrizzi.antivirus.supercleaner

com.abbondioendrizzi.antivirus.supercleaner.screen.main.MainActivity

Activities

com.abbondioendrizzi.antivirus.supercleaner.screen.main.MainActivity

android.intent.action.MAIN

Permissions

android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.CHANGE_WIFI_STATE
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.FOREFGROUND_SERVICE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.WRITE_SYNC_SETTINGS
com.android.launcher.permission.INSTALL_SHORTCUT
android.permission.ACCESS_NOTIFICATION_POLICY
android.permission.REQUEST_DELETE_PACKAGES
android.permission.WAKE_LOCK
android.permission.GET_PACKAGE_SIZE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.QUICKBOOT_POWERON
android.permission.CLEAR_APP_CACHE
android.permission.WRITE_SETTINGS
android.permission.INTERNET
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.GET_TASKS
android.permission.PACKAGE_USAGE_STATS
android.permission.FOREGROUND_SERVICE
android.permission.CAMERA
android.permission.USE_FINGERPRINT
android.permission.ACCESS_WIFI_STATE
android.permission.RECEIVE_USER_PRESENT
android.permission.CHANGE_NETWORK_STATE
android.permission.SET_WALLPAPER
android.permission.VIBRATE
android.permission.QUERY_ALL_PACKAGES
android.permission.ACCESS_NETWORK_STATE

Receivers

com.abbondioendrizzi.antivirus.supercleaner.receiver.AlarmReceiver

com.app.action.alarmmanager

com.abbondioendrizzi.antivirus.supercleaner.lock.receiver.BootBroadcastReceiver

android.intent.action.BOOT_COMPLETED

com.abbondioendrizzi.antivirus.supercleaner.receiver.AutoRebootReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.SCREEN_ON
android.net.wifi.WIFI_STATE_CHANGED
android.net.wifi.STATE_CHANGE
android.intent.action.USER_PRESENT
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.QUICKBOOT_POWERON

com.security.applock.service.receiver.WatchmenReceiver

android.net.wifi.WIFI_STATE_CHANGED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT
android.intent.action.MEDIA_MOUNTED
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.SCREEN_ON
android.intent.action.TIME_SET
android.intent.action.BOOT_COMPLETED

com.security.applock.service.receiver.WidgetReceiver

android.appwidget.action.APPWIDGET_UPDATE
android.intent.action.SCREEN_ON
android.intent.action.USER_PRESENT
android.intent.action.SCREEN_ON
android.intent.action.USER_PRESENT

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

android.net.conn.CONNECTIVITY_CHANGE

androidx.work.impl.background.systemalarm.RescheduleReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.background.systemalarm.UpdateProxies

androidx.work.impl.diagnostics.DiagnosticsReceiver

androidx.work.diagnostics.REQUEST_DIAGNOSTICS

Services

com.abbondioendrizzi.antivirus.supercleaner.service.ForceStopAccessibility

android.accessibilityservice.AccessibilityService

com.abbondioendrizzi.antivirus.supercleaner.api.NotificationListener

android.service.notification.NotificationListenerService

Android Permissions

SharkBot.apk

Permissions

android.permission.BLUETOOTH

android.permission.BLUETOOTH_ADMIN

android.permission.CHANGE_WIFI_STATE

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.FOREFGROUND_SERVICE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.WRITE_SYNC_SETTINGS

com.android.launcher.permission.INSTALL_SHORTCUT

android.permission.ACCESS_NOTIFICATION_POLICY

android.permission.REQUEST_DELETE_PACKAGES

android.permission.WAKE_LOCK

android.permission.GET_PACKAGE_SIZE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.QUICKBOOT_POWERON

android.permission.CLEAR_APP_CACHE

android.permission.WRITE_SETTINGS

android.permission.INTERNET

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.GET_TASKS

android.permission.PACKAGE_USAGE_STATS

android.permission.FOREGROUND_SERVICE

android.permission.CAMERA

android.permission.USE_FINGERPRINT

android.permission.ACCESS_WIFI_STATE

android.permission.RECEIVE_USER_PRESENT

android.permission.CHANGE_NETWORK_STATE

android.permission.SET_WALLPAPER

android.permission.VIBRATE

android.permission.QUERY_ALL_PACKAGES

android.permission.ACCESS_NETWORK_STATE

Sharing

General

Malware Config

Extracted

Signatures

Files

com.abbondioendrizzi.antivirus.supercleaner

com.abbondioendrizzi.antivirus.supercleaner.screen.main.MainActivity

Activities

com.abbondioendrizzi.antivirus.supercleaner.screen.main.MainActivity

Permissions

Receivers

com.abbondioendrizzi.antivirus.supercleaner.receiver.AlarmReceiver

com.abbondioendrizzi.antivirus.supercleaner.lock.receiver.BootBroadcastReceiver

com.abbondioendrizzi.antivirus.supercleaner.receiver.AutoRebootReceiver

com.security.applock.service.receiver.WatchmenReceiver

com.security.applock.service.receiver.WidgetReceiver

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

androidx.work.impl.background.systemalarm.RescheduleReceiver

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.diagnostics.DiagnosticsReceiver

Services

com.abbondioendrizzi.antivirus.supercleaner.service.ForceStopAccessibility

com.abbondioendrizzi.antivirus.supercleaner.api.NotificationListener

Android Permissions

SharkBot.apk