microg[.]apk | Triage

General

Target

microg.apk
Size

10.5MB
MD5

eed8a75155d6b7ae796fd641b498144a
SHA1

94398a7f5e10346ec96e6f7d444643d48b832d2a
SHA256

5e96dd3d7bccfac2ebc3394ea8899a81836631ddc871755fa149aeedfb32c6d5
SHA512

9bdc098fdee9b584f75c00b69f594b338cad936bf161af0f8c1c05ca03cb96ff3e3e333126257a9a185e0a4a52a89a498268587a905b04ac09a183395f147d6d
SSDEEP

196608:tsSUWtJFRWSa59Bd60N0fe/8IE0GGqX1KNfgBowyMh:ySUWZRWSIBVN0fs9GGQ+fguwv

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 3 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS

Files

microg.apk
.apk android arch:arm64 arch:arm arch:x86 arch:x64

com.mgoogle.android.gms

org.microg.gms.ui.SettingsActivity

Activities

org.microg.tools.AccountPickerActivity

com.google.android.gms.common.account.CHOOSE_ACCOUNT

org.microg.gms.auth.login.LoginActivity

com.google.android.gms.auth.login.LOGIN

org.microg.gms.auth.credentials.CredentialPickerActivity

com.google.android.gms.auth.api.credentials.PICKER

org.microg.gms.ui.SettingsActivity

android.intent.action.MAIN
android.intent.action.APPLICATION_PREFERENCES

org.microg.gms.ui.AccountSettingsActivity

com.google.android.gms.accountsettings.ACCOUNT_PREFERENCES_SETTINGS
com.google.android.gms.accountsettings.PRIVACY_SETTINGS
com.google.android.gms.accountsettings.SECURITY_SETTINGS
com.google.android.gms.accountsettings.action.VIEW_SETTINGS

Permissions

android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.AUTHENTICATE_ACCOUNTS
android.permission.GET_ACCOUNTS
android.permission.MANAGE_ACCOUNTS
android.permission.USE_CREDENTIALS
android.permission.WAKE_LOCK
android.permission.QUERY_ALL_PACKAGES
android.permission.READ_SYNC_SETTINGS
android.permission.WRITE_SYNC_SETTINGS
android.permission.READ_SYNC_STATS
com.mgoogle.android.c2dm.permission.RECEIVE
com.mgoogle.android.c2dm.permission.SEND
com.mgoogle.android.gtalkservice.permission.GTALK_SERVICE
org.mgoogle.gms.STATUS_BROADCAST
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.FOREGROUND_SERVICE
android.permission.CHANGE_DEVICE_IDLE_TEMP_WHITELIST
android.permission.UPDATE_APP_OPS_STATS
com.mgoogle.android.gms.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

Receivers

org.microg.gms.checkin.TriggerReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.AIRPLANE_MODE
android.server.checkin.CHECKIN
android.intent.action.MY_PACKAGE_REPLACED
android.intent.action.PACKAGE_RESTARTED
com.mgoogle.android.c2dm.intent.RECEIVE
android.provider.Telephony.SECRET_CODE

org.microg.gms.gcm.PushRegisterReceiver

com.mgoogle.iid.TOKEN_REQUEST

org.microg.gms.gcm.SendReceiver

com.google.android.gcm.intent.SEND

org.microg.gms.gcm.TriggerReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.AIRPLANE_MODE
android.net.conn.CONNECTIVITY_CHANGE
android.net.conn.BACKGROUND_DATA_SETTING_CHANGED
org.microg.gms.gcm.RECONNECT
android.intent.action.MY_PACKAGE_REPLACED
android.intent.action.PACKAGE_RESTARTED
android.provider.Telephony.SECRET_CODE

org.microg.gms.gcm.UnregisterReceiver

android.intent.action.PACKAGE_DATA_CLEARED
android.intent.action.PACKAGE_FULLY_REMOVED
android.intent.action.PACKAGE_REMOVED

Services

org.microg.gms.checkin.CheckinService

com.google.android.gms.checkin.BIND_TO_SERVICE

org.microg.gms.gcm.PushRegisterService

com.mgoogle.android.c2dm.intent.REGISTER
com.mgoogle.android.c2dm.intent.UNREGISTER

org.microg.gms.auth.loginservice.GoogleLoginService

android.accounts.AccountAuthenticator
com.mgoogle.android.gsf.action.GET_GLS

org.microg.gms.auth.credentials.CredentialsService

com.google.android.gms.auth.api.credentials.service.START

org.microg.gms.auth.proxy.AuthProxyService

com.google.android.gms.auth.service.START

org.microg.gms.auth.appcert.AppCertService

com.google.android.gms.auth.be.appcert.AppCertService

org.microg.gms.auth.SignInService

com.google.android.gms.signin.service.START

org.microg.gms.DummyService

com.google.android.gms.accounts.ACCOUNT_SERVICE
com.google.android.gms.identity.service.BIND
com.google.android.gms.auth.service.START
com.google.android.gms.common.service.START
com.google.android.contextmanager.service.ContextManagerService.START
com.google.android.gms.auth.api.credentials.service.START
com.google.android.gms.gass.START
com.google.android.gms.audit.service.START

Android Permissions

microg.apk

Permissions

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.AUTHENTICATE_ACCOUNTS

android.permission.GET_ACCOUNTS

android.permission.MANAGE_ACCOUNTS

android.permission.USE_CREDENTIALS

android.permission.WAKE_LOCK

android.permission.QUERY_ALL_PACKAGES

android.permission.READ_SYNC_SETTINGS

android.permission.WRITE_SYNC_SETTINGS

android.permission.READ_SYNC_STATS

com.mgoogle.android.c2dm.permission.RECEIVE

com.mgoogle.android.c2dm.permission.SEND

com.mgoogle.android.gtalkservice.permission.GTALK_SERVICE

org.mgoogle.gms.STATUS_BROADCAST

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.FOREGROUND_SERVICE

android.permission.CHANGE_DEVICE_IDLE_TEMP_WHITELIST

android.permission.UPDATE_APP_OPS_STATS

com.mgoogle.android.gms.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

Sharing

General

Malware Config

Signatures

Files

com.mgoogle.android.gms

org.microg.gms.ui.SettingsActivity

Activities

org.microg.tools.AccountPickerActivity

org.microg.gms.auth.login.LoginActivity

org.microg.gms.auth.credentials.CredentialPickerActivity

org.microg.gms.ui.SettingsActivity

org.microg.gms.ui.AccountSettingsActivity

Permissions

Receivers

org.microg.gms.checkin.TriggerReceiver

org.microg.gms.gcm.PushRegisterReceiver

org.microg.gms.gcm.SendReceiver

org.microg.gms.gcm.TriggerReceiver

org.microg.gms.gcm.UnregisterReceiver

Services

org.microg.gms.checkin.CheckinService

org.microg.gms.gcm.PushRegisterService

org.microg.gms.auth.loginservice.GoogleLoginService

org.microg.gms.auth.credentials.CredentialsService

org.microg.gms.auth.proxy.AuthProxyService

org.microg.gms.auth.appcert.AppCertService

org.microg.gms.auth.SignInService

org.microg.gms.DummyService

Android Permissions

microg.apk