blokada5-v230101[.]apk

General

Target

blokada5-v230101.apk
Size

20.7MB
MD5

e9a792eac3f09bc0d0a27ca8e24ed05b
SHA1

0d16a381115e1256d36155a6902df176094a9c6d
SHA256

b769f79f97f2eb7a2de32e3e842fa76b4e35d9dd1715b6f420dd236d41abdd97
SHA512

843ee240bdcd7e5782fdb043428764102927b63ad57c01a2618456b1ab2d3ea331de1bc6eb3111042c9ff0e3190a9887589920e9b8d2d83af3167de0cffdda26
SSDEEP

393216:DuhpaiLC3pFnw464GYftt5EanUHJI58qbOfn/XaLsVrGQdymQJg5WGVZCoLF6:6hpaiLCTnw464GYfr+aOIyIOfyLsVXdQ

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 5 IoCs

description	ioc
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access location in the background.	android.permission.ACCESS_BACKGROUND_LOCATION
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE

Files

blokada5-v230101.apk
.apk android arch:arm64 arch:arm

org.blokada.origin.alarm

ui.MainActivity

Activities

ui.MainActivity

android.intent.action.MAIN
android.intent.action.VIEW
android.intent.action.MAIN
android.service.quicksettings.action.QS_TILE_PREFERENCES

ui.CommandActivity

android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_BACKGROUND_LOCATION
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_LOGS
android.permission.VIBRATE
android.permission.WAKE_LOCK
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.REQUEST_DELETE_PACKAGES
android.permission.FOREGROUND_SERVICE
com.android.alarm.permission.SET_ALARM
android.permission.INTERACT_ACROSS_USERS
android.permission.GET_TASKS
android.permission.QUERY_ALL_PACKAGES
android.permission.USE_BIOMETRIC
android.permission.USE_FINGERPRINT
org.blokada.origin.alarm.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION
com.android.vending.BILLING

Receivers

ui.TaskerReceiver

com.twofortyfouram.locale.intent.action.FIRE_SETTING

Services

engine.SystemTunnel

android.net.VpnService

ui.QuickSettingsToggle

android.service.quicksettings.action.QS_TILE

com.wireguard.android.backend.GoBackend$VpnService

android.net.VpnService

Android Permissions

blokada5-v230101.apk

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_BACKGROUND_LOCATION

android.permission.READ_PHONE_STATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_LOGS

android.permission.VIBRATE

android.permission.WAKE_LOCK

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.REQUEST_DELETE_PACKAGES

android.permission.FOREGROUND_SERVICE

com.android.alarm.permission.SET_ALARM

android.permission.INTERACT_ACROSS_USERS

android.permission.GET_TASKS

android.permission.QUERY_ALL_PACKAGES

android.permission.USE_BIOMETRIC

android.permission.USE_FINGERPRINT

org.blokada.origin.alarm.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

com.android.vending.BILLING

Sharing

General

Malware Config

Signatures

Files

org.blokada.origin.alarm

ui.MainActivity

Activities

ui.MainActivity

ui.CommandActivity

Permissions

Receivers

ui.TaskerReceiver

Services

engine.SystemTunnel

ui.QuickSettingsToggle

com.wireguard.android.backend.GoBackend$VpnService

Android Permissions

blokada5-v230101.apk