plugx | minecraftmainkraft-pocketedition-1[.]19[.]20[.]24[.]apk

General

Target

minecraftmainkraft-pocketedition-1.19.20.24.apk
Size

157.2MB
MD5

943716299f5ee4fd27540dd9c4dd5ec8
SHA1

d12bce4e657d902fa9080b1eb521536568663e73
SHA256

5b9ffb6b2b228b60967c039e9439bce181ae16bffe4ca4fcc638c1577801002a
SHA512

892a5f226fca52fcea74acb3e5cbd64c14be85986fd633d9d9de2f137e4a782539f4030fc817802e1c1d482e90bfabf18543dfcd2078acf581a13f5410ddeae4
SSDEEP

3145728:eGHM6efGPPGkNNWDU0VX6VjwlmxroB54RMVFT/g+4Fvh77tzE9s2pfyaxS:eGHlellKjw8roB5HfT/R0vRBQvp6aY

Score

10^/10

plugx

Malware Config

Signatures

Detects PlugX payload 1 IoCs

resource	yara_rule
sample	family_plugx

Plugx family
plugx

Requests dangerous framework permissions 3 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS

Files

minecraftmainkraft-pocketedition-1.19.20.24.apk
.apk android arch:arm

com.mojang.minecraftpe

com.mojang.minecraftpe.MainActivity

Activities

com.mojang.minecraftpe.MainActivity

android.intent.action.MAIN
xbox_live_game_invite
xbox_live_achievement_unlock
android.intent.action.VIEW
android.intent.action.VIEW

com.microsoft.xal.browser.IntentHandler

android.intent.action.VIEW

Permissions

android.permission.INTERNET
com.android.vending.CHECK_LICENSE
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.VIBRATE
android.permission.GET_ACCOUNTS
android.permission.READ_CONTACTS
android.permission.WAKE_LOCK
android.permission.ACCESS_WIFI_STATE
android.permission.FOREGROUND_SERVICE
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
com.google.android.c2dm.permission.RECEIVE
com.android.vending.BILLING
android.permission.POST_NOTIFICATIONS
android.permission.SYSTEM_ALERT_WINDOW

Receivers

com.appsflyer.SingleInstallBroadcastReceiver

com.android.vending.INSTALL_REFERRER

com.amazon.device.iap.ResponseReceiver

com.amazon.inapp.purchasing.NOTIFY

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

Services

com.mojang.minecraftpe.NotificationListenerService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

Android Permissions

minecraftmainkraft-pocketedition-1.19.20.24.apk

Permissions

android.permission.INTERNET

com.android.vending.CHECK_LICENSE

android.permission.ACCESS_NETWORK_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.VIBRATE

android.permission.GET_ACCOUNTS

android.permission.READ_CONTACTS

android.permission.WAKE_LOCK

android.permission.ACCESS_WIFI_STATE

android.permission.FOREGROUND_SERVICE

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

com.google.android.c2dm.permission.RECEIVE

com.android.vending.BILLING

android.permission.POST_NOTIFICATIONS

android.permission.SYSTEM_ALERT_WINDOW

Sharing

General

Malware Config

Signatures

Files

com.mojang.minecraftpe

com.mojang.minecraftpe.MainActivity

Activities

com.mojang.minecraftpe.MainActivity

com.microsoft.xal.browser.IntentHandler

Permissions

Receivers

com.appsflyer.SingleInstallBroadcastReceiver

com.amazon.device.iap.ResponseReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

Services

com.mojang.minecraftpe.NotificationListenerService

com.google.firebase.messaging.FirebaseMessagingService

Android Permissions

minecraftmainkraft-pocketedition-1.19.20.24.apk