536E9A5B341EB6E0708E58F65679232513B2896674B8B2615FF93C58FE1DBCF9[.]apk

General

Target

536E9A5B341EB6E0708E58F65679232513B2896674B8B2615FF93C58FE1DBCF9.apk
Size

4.4MB
MD5

92ec81034584caac63fdb1e2899fb3bf
SHA1

e170f445625088eb270ea8e8ef89f1ddd55266c4
SHA256

536e9a5b341eb6e0708e58f65679232513b2896674b8b2615ff93c58fe1dbcf9
SHA512

e4a4e6223e2878da0089747f923b1e588a02fd22a8181035c3416cef426c248b1d53e3c37cb5d9a43655a4c53c75fe05956ff010afc684ed7d87535c51db4863
SSDEEP

98304:yULdM8HMrg6GLoskfIJfWemfetLwG9Rwv+dyQV0zfr9+LH:BWYLhkWZAet19Rc+dyO/H

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 5 IoCs

description	ioc
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows read access to the device's phone number(s).	android.permission.READ_PHONE_NUMBERS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE

Files

536E9A5B341EB6E0708E58F65679232513B2896674B8B2615FF93C58FE1DBCF9.apk
.apk android arch:arm64 arch:arm arch:x86 arch:x64

com.kvadgroup.photostudio

com.kvadgroup.photostudio.dangerlessviti

Activities

Permissions

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.BIND_ACCESSIBILITY_SERVICE
android.permission.FOREGROUND_SERVICE
android.permission.WAKE_LOCK
android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
android.permission.CALL_PHONE
android.permission.READ_CONTACTS
android.permission.READ_PHONE_STATE
android.permission.READ_PHONE_NUMBERS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.DISABLE_KEYGUARD
android.permission.MANAGE_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.CHANGE_NETWORK_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.UPDATE_DEVICE_STATS
android.permission.MODIFY_PHONE_STATE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.QUERY_ALL_PACKAGES
oppo.permission.OPPO_COMPONENT_SAFE
com.huawei.permission.external_app_settings.USE_COMPONENT
oppo.permission.OPPO_COMPONENT_SAFE

Receivers

com.kvadgroup.photostudio.Receivers.pressrunrumouring

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
com.htc.intent.action.QUICKBOOT_POWERON
android.intent.action.USER_PRESENT

Services

com.kvadgroup.photostudio.Services.whitehottumulus

android.service.notification.NotificationListenerService

com.viber.voip.InputService

android.accessibilityservice.AccessibilityService

Android Permissions

536E9A5B341EB6E0708E58F65679232513B2896674B8B2615FF93C58FE1DBCF9.apk

Permissions

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS

android.permission.BIND_ACCESSIBILITY_SERVICE

android.permission.FOREGROUND_SERVICE

android.permission.WAKE_LOCK

android.permission.INTERNET

android.permission.ACCESS_WIFI_STATE

android.permission.CALL_PHONE

android.permission.READ_CONTACTS

android.permission.READ_PHONE_STATE

android.permission.READ_PHONE_NUMBERS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.DISABLE_KEYGUARD

android.permission.MANAGE_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.CHANGE_NETWORK_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.UPDATE_DEVICE_STATS

android.permission.MODIFY_PHONE_STATE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.QUERY_ALL_PACKAGES

oppo.permission.OPPO_COMPONENT_SAFE

com.huawei.permission.external_app_settings.USE_COMPONENT

oppo.permission.OPPO_COMPONENT_SAFE

Sharing

General

Malware Config

Signatures

Files

com.kvadgroup.photostudio

com.kvadgroup.photostudio.dangerlessviti

Activities

Permissions

Receivers

com.kvadgroup.photostudio.Receivers.pressrunrumouring

Services

com.kvadgroup.photostudio.Services.whitehottumulus

com.viber.voip.InputService

Android Permissions

536E9A5B341EB6E0708E58F65679232513B2896674B8B2615FF93C58FE1DBCF9.apk