sample-2186890-94ad269abb292332a4967e912ae34488[.]zip

General

Target

sample-2186890-94ad269abb292332a4967e912ae34488.zip
Size

61.8MB
MD5

d0dc1a6edd8ebd71b57770d1e38ea8e0
SHA1

0d4f1c6aebeae7542de3964709312752a2ecb0a4
SHA256

8a665db8b83fa2623e5fed28246db103d744c29f6d5e884996b038a8b849321b
SHA512

37f8ab82f29384c1e658ecb8486d9307596c2c9d0cd04280a31b1ec1c347a05971c542e20bf6fba418ecd1481a2010f679d8408a50465a51d6e22b1558df87d0
SSDEEP

1572864:w9zZMqZzB+3nIg4wrpGdka9CX2dxDBASeBP:zqZF+N7pGaKe2dRBAHP

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 9 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE

Files

sample-2186890-94ad269abb292332a4967e912ae34488.zip
.zip

Password: infected
roid.com.apk
.apk android arch:arm64 arch:arm

com.co.app.unica.latam

com.itau.latam.ReactActivity

Activities

com.itau.latam.ReactActivity

android.intent.action.MAIN
android.intent.action.VIEW

com.itau.latam.feature.login.LoginActivity

com.co.app.unica.latam.LOGIN

com.itau.latam.feature.internet.InternetActivity

com.co.app.unica.latam.INTERNET

com.itau.latam.feature.session.SessionActivity

com.co.app.unica.latam.SESSION_ACTIVE

com.itau.latam.feature.localstorage.LocalStorageActivity

com.co.app.unica.latam.STORAGE

com.itau.latam.feature.localstorage.SettingActivity

com.co.app.unica.latam.SETTING_APP

com.itau.latam.feature.qr.qrscanner.QRScanner

com.co.app.unica.latam.QR_READER

com.itau.latam.feature.header.HeaderActivity

com.co.app.unica.latam.HEADER

com.itau.latam.feature.terms.TermsActivity

com.co.app.unica.latam.TERMS

com.itau.latam.feature.itau.ItauWebActivity

com.co.app.unica.latam.WEBVIEWITAU

com.itau.latam.feature.main.MainActivity

com.co.app.unica.latam.MAIN

com.itau.latam.feature.nocontact.NoContactActivity

com.co.app.unica.latam.NO_CONTACT

com.itau.latam.feature.inactive.InactiveActivity

com.co.app.unica.latam.INACTIVE

com.itau.latam.feature.card.WithoutCardActivity

com.co.app.unica.latam.WITHOUT_CARD

com.itau.latam.feature.timeOut.TimeOutActivity

com.co.app.unica.latam.TIME_OUT

com.itau.latam.feature.maintenance.MaintenanceActivity

com.co.app.unica.latam.MAINTENANCE

com.itau.latam.feature.login.UserBlockedActivity

com.co.app.unica.latam.BLOCKED

com.itau.latam.feature.webview.WebViewActivity

com.co.app.unica.latam.WEBVIEW

Permissions

android.permission.INTERNET
android.permission.SYSTEM_ALERT_WINDOW
android.permission.READ_PHONE_STATE
android.permission.READ_CONTACTS
android.permission.WRITE_CONTACTS
android.permission.LOCATION_HARDWARE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.CAMERA
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED
br.com.itau.security.WDID
net.easysol.SMS_NOTIFY_SEND
android.permission.FLASHLIGHT
android.hardware.camera.autofocus
android.permission.READ_LOGS
android.permission.RECORD_VIDEO
android.permission.BATTERY_STATS
android.permission.USE_FINGERPRINT
com.samsung.android.providers.context.permission.WRITE_USE_APP_FEATURE_SURVEY
com.google.android.c2dm.permission.RECEIVE
android.permission.WAKE_LOCK
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

Receivers

br.com.itau.security.did.WeakDIDReceiver

br.com.itau.security.did.REQUEST_ID

br.com.itau.security.saph.receiver.Receiver

android.provider.Telephony.SMS_RECEIVED

com.learnium.RNDeviceInfo.RNDeviceReceiver

com.android.vending.INSTALL_REFERRER

com.adjust.sdk.AdjustReferrerReceiver

com.android.vending.INSTALL_REFERRER

Services

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: infected

com.co.app.unica.latam

com.itau.latam.ReactActivity

Activities

com.itau.latam.ReactActivity

com.itau.latam.feature.login.LoginActivity

com.itau.latam.feature.internet.InternetActivity

com.itau.latam.feature.session.SessionActivity

com.itau.latam.feature.localstorage.LocalStorageActivity

com.itau.latam.feature.localstorage.SettingActivity

com.itau.latam.feature.qr.qrscanner.QRScanner

com.itau.latam.feature.header.HeaderActivity

com.itau.latam.feature.terms.TermsActivity

com.itau.latam.feature.itau.ItauWebActivity

com.itau.latam.feature.main.MainActivity

com.itau.latam.feature.nocontact.NoContactActivity

com.itau.latam.feature.inactive.InactiveActivity

com.itau.latam.feature.card.WithoutCardActivity

com.itau.latam.feature.timeOut.TimeOutActivity

com.itau.latam.feature.maintenance.MaintenanceActivity

com.itau.latam.feature.login.UserBlockedActivity

com.itau.latam.feature.webview.WebViewActivity

Permissions

Receivers

br.com.itau.security.did.WeakDIDReceiver

br.com.itau.security.saph.receiver.Receiver

com.learnium.RNDeviceInfo.RNDeviceReceiver

com.adjust.sdk.AdjustReferrerReceiver

Services