co[.]strongteam[.]amlite[.]Napkforpc[.]com[.]apk

General

Target

co.strongteam.amlite.Napkforpc.com.apk
Size

6.9MB
MD5

fbb8481e92f672e6aac2918ea607ef91
SHA1

2c8b2a7a8e3f12c106b3e8a24f43dc88c2e1200c
SHA256

d6d7bf1b27ae813ce6ec613858785c5aec3713be47def38ba093908e9e9e51dd
SHA512

e1755bec72d7cb5f74e446d13b13c37a74e19387ea10da850ac9c6c71de313c317ae0e4c67b543dd098d12821d00b155dc73e19b1e032660c5edebbf2ffbae9b
SSDEEP

196608:cuOmr/ABe3OAy+zy05C4mUNb4ZraQGhFIP38b7wh:cPmMBe3OANzy0I4z4Zra/hFq38bK

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 2 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE

Files

co.strongteam.amlite.Napkforpc.com.apk
.apk android arch:arm64 arch:arm

co.strongteam.amlite

co.strongteam.vip.activities.SplashActivity

Activities

co.strongteam.vip.activities.SplashActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.USE_CREDENTIALS
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
com.android.launcher.permission.INSTALL_SHORTCUT
android.permission.FOREGROUND_SERVICE
com.google.android.gms.permission.AD_ID

Receivers

net.openvpn.openvpn.OpenVPNRebootReceiver

android.intent.action.BOOT_COMPLETED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

android.net.conn.CONNECTIVITY_CHANGE

androidx.work.impl.background.systemalarm.RescheduleReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.background.systemalarm.UpdateProxies

androidx.work.impl.diagnostics.DiagnosticsReceiver

androidx.work.diagnostics.REQUEST_DIAGNOSTICS

Services

co.strongteam.vip.service.OpenVPNService

android.net.VpnService

Android Permissions

co.strongteam.amlite.Napkforpc.com.apk

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.USE_CREDENTIALS

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.WAKE_LOCK

com.android.launcher.permission.INSTALL_SHORTCUT

android.permission.FOREGROUND_SERVICE

com.google.android.gms.permission.AD_ID

Sharing

General

Malware Config

Signatures

Files

co.strongteam.amlite

co.strongteam.vip.activities.SplashActivity

Activities

co.strongteam.vip.activities.SplashActivity

Permissions

Receivers

net.openvpn.openvpn.OpenVPNRebootReceiver

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

androidx.work.impl.background.systemalarm.RescheduleReceiver

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.diagnostics.DiagnosticsReceiver

Services

co.strongteam.vip.service.OpenVPNService

Android Permissions

co.strongteam.amlite.Napkforpc.com.apk