8480701920[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

8480701920.zip
Size

18.1MB
MD5

057e5fa8d05a2106572cfab80687b0b5
SHA1

853d6ac9cdd629b38e0312a008dafceb1f674a49
SHA256

290a1c0530ff5d0a0ac8354e6964e04c7e1b9040af785fa8435b27a22296b812
SHA512

10f1a1d5a38904b823d7084bed5a9fb6df9c633d7bf3321845266eafde9a0384c73a79f63412a0db7c890fa14558db043994f8e283045f0f14074d7daa6ef064
SSDEEP

393216:GSWkz9tN05HFofNNpKS5MgWMRR7C5Cn/91qV7AHXmZr6P:FWk9NTpXb5m5Cn7qDr6P

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 10 IoCs

Processes:

description	ioc
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to read the user's call log.	android.permission.READ_CALL_LOG
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Required to be able to access the camera device.	android.permission.CAMERA

Files

8480701920.zip
.zip

Password: infected
135ae0ef1cf748aac3db3eef64054dd02d903814d37b19daa736265789a18a55
.dex
682b58cad9e815196b7d7ccf04ab7383a9bbf1f74e65679e6c708f2219b8692b
.apk android arch:arm64 arch:arm arch:x86 arch:x64

org.optimize.app

org.optimize.app.activities.Intro

Activities

Permissions

android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.GET_ACCOUNTS
android.permission.READ_CALL_LOG
android.permission.READ_PHONE_STATE
android.permission.READ_PRIVILEGED_PHONE_STATE
android.permission.RECORD_AUDIO
android.permission.INTERNET
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_CONTACTS
android.permission.READ_SMS
android.permission.RECEIVE_SMS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.CAMERA
android.permission.FOREGROUND_SERVICE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.BIND_DEVICE_ADMIN
android.permission.WAKE_LOCK
com.google.android.c2dm.permission.RECEIVE

Receivers

org.optimize.app.res.R01

android.app.action.DEVICE_ADMIN_ENABLED

org.optimize.app.res.R17

android.provider.Telephony.SMS_RECEIVED

org.optimize.app.res.R05

android.intent.action.PHONE_STATE

org.optimize.app.res.R03

android.intent.action.BOOT_COMPLETED

org.optimize.app.res.R23

android.net.wifi.STATE_CHANGE
android.net.conn.CONNECTIVITY_CHANGE

org.optimize.app.res.R15

android.intent.action.QUICKBOOT_POWERON
android.intent.action.REBOOT

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

Services

org.optimize.app.servs.S13

android.service.notification.NotificationListenerService

org.optimize.app.servs.S01

android.accessibilityservice.AccessibilityService

org.optimize.app.servs.S10

com.google.firebase.MESSAGING_EVENT

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT
a8ca778c5852ae05344ac60b01ad7f43bb21bd8aa709ea1bb03d23bde3146885
.apk android arch:arm64 arch:arm arch:x86 arch:x64

org.thoughtcrime.signal

org.thoughtcrime.signal.activities.Intro

Activities

Permissions

android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.GET_ACCOUNTS
android.permission.READ_CALL_LOG
android.permission.READ_PHONE_STATE
android.permission.READ_PRIVILEGED_PHONE_STATE
android.permission.RECORD_AUDIO
android.permission.INTERNET
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_CONTACTS
android.permission.READ_SMS
android.permission.RECEIVE_SMS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.CAMERA
android.permission.FOREGROUND_SERVICE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.BIND_DEVICE_ADMIN
android.permission.WAKE_LOCK
com.google.android.c2dm.permission.RECEIVE

Receivers

org.thoughtcrime.signal.res.R01

android.app.action.DEVICE_ADMIN_ENABLED

org.thoughtcrime.signal.res.R17

android.provider.Telephony.SMS_RECEIVED

org.thoughtcrime.signal.res.R05

android.intent.action.PHONE_STATE

org.thoughtcrime.signal.res.R03

android.intent.action.BOOT_COMPLETED

org.thoughtcrime.signal.res.R23

android.net.wifi.STATE_CHANGE
android.net.conn.CONNECTIVITY_CHANGE

org.thoughtcrime.signal.res.R15

android.intent.action.QUICKBOOT_POWERON
android.intent.action.REBOOT

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

Services

org.thoughtcrime.signal.servs.S13

android.service.notification.NotificationListenerService

org.thoughtcrime.signal.servs.S01

android.accessibilityservice.AccessibilityService

org.thoughtcrime.signal.servs.S10

com.google.firebase.MESSAGING_EVENT

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT
dc0f434d18886fedc234aca0b61904f6dd5b628e18682f3b7934f54276ee92e4
.dex
e0e2a101ede6ccc266d2f7b7068b813d65afa4a3f65cb0c19eb73716f67983f7
.dex
fb9306f6a0cacce21afd67d0887d7254172f61c7390fc06612c2ca9b55d28f80
.dex
fc791db30fd5ddc58b9fcb2b2a41ed7d5c5d83b70e5527ec6020b1c590dcd86f
.apk android arch:arm64 arch:arm arch:x86 arch:x64

org.optimize.app

org.optimize.app.activities.Intro

Activities

Permissions

android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.GET_ACCOUNTS
android.permission.READ_CALL_LOG
android.permission.READ_PHONE_STATE
android.permission.READ_PRIVILEGED_PHONE_STATE
android.permission.RECORD_AUDIO
android.permission.INTERNET
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_CONTACTS
android.permission.READ_SMS
android.permission.RECEIVE_SMS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.CAMERA
android.permission.FOREGROUND_SERVICE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.BIND_DEVICE_ADMIN
android.permission.WAKE_LOCK
com.google.android.c2dm.permission.RECEIVE

Receivers

org.optimize.app.res.R01

android.app.action.DEVICE_ADMIN_ENABLED

org.optimize.app.res.R17

android.provider.Telephony.SMS_RECEIVED

org.optimize.app.res.R05

android.intent.action.PHONE_STATE

org.optimize.app.res.R03

android.intent.action.BOOT_COMPLETED

org.optimize.app.res.R23

android.net.wifi.STATE_CHANGE
android.net.conn.CONNECTIVITY_CHANGE

org.optimize.app.res.R15

android.intent.action.QUICKBOOT_POWERON
android.intent.action.REBOOT

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

Services

org.optimize.app.servs.S13

android.service.notification.NotificationListenerService

org.optimize.app.servs.S01

android.accessibilityservice.AccessibilityService

org.optimize.app.servs.S10

com.google.firebase.MESSAGING_EVENT

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

Sharing

General

Malware Config

Signatures

Files

Password: infected

org.optimize.app

org.optimize.app.activities.Intro

Activities

Permissions

Receivers

org.optimize.app.res.R01

org.optimize.app.res.R17

org.optimize.app.res.R05

org.optimize.app.res.R03

org.optimize.app.res.R23

org.optimize.app.res.R15

com.google.firebase.iid.FirebaseInstanceIdReceiver

Services

org.optimize.app.servs.S13

org.optimize.app.servs.S01

org.optimize.app.servs.S10

com.google.firebase.messaging.FirebaseMessagingService

org.thoughtcrime.signal

org.thoughtcrime.signal.activities.Intro

Activities

Permissions

Receivers

org.thoughtcrime.signal.res.R01

org.thoughtcrime.signal.res.R17

org.thoughtcrime.signal.res.R05

org.thoughtcrime.signal.res.R03

org.thoughtcrime.signal.res.R23

org.thoughtcrime.signal.res.R15

com.google.firebase.iid.FirebaseInstanceIdReceiver

Services

org.thoughtcrime.signal.servs.S13

org.thoughtcrime.signal.servs.S01

org.thoughtcrime.signal.servs.S10

com.google.firebase.messaging.FirebaseMessagingService

org.optimize.app

org.optimize.app.activities.Intro

Activities

Permissions

Receivers

org.optimize.app.res.R01

org.optimize.app.res.R17

org.optimize.app.res.R05

org.optimize.app.res.R03

org.optimize.app.res.R23

org.optimize.app.res.R15

com.google.firebase.iid.FirebaseInstanceIdReceiver

Services

org.optimize.app.servs.S13

org.optimize.app.servs.S01

org.optimize.app.servs.S10

com.google.firebase.messaging.FirebaseMessagingService