General

  • Target

    ssoconnect.apk

  • Size

    14.1MB

  • MD5

    4a6f225a95bcb4fae50cb2a4e610dabe

  • SHA1

    63e4d30818b713d0948e230e020465119f3c343d

  • SHA256

    a5952ee34525176b87030ecc0e599a10076136345cfbe7fc8dda53be3a85d686

  • SHA512

    39db72e84c4a50d6bc955f47633dafe4ab6cbb69a250dc7c58b7c66b015dca811ba45c3f8ebfa13c491e92b6062ab7e246c3e991c78d755b1b06708c73ca4858

  • SSDEEP

    196608:/xxuSL4hQMDKnnzr8khimekWoSM13hV2AuNrg/IY8xjzd6VqLmTbLY:pESY238kImiY13huNr7Y85d0qaTfY

Score
10/10

Malware Config

Extracted

Family

gigabud

C2

http://adci9.cc/x/command?token=

http://8.219.85.91:8888/push-streaming?id=1234

Signatures

  • Gigabud family
  • Requests dangerous framework permissions 9 IoCs

Files

  • ssoconnect.apk
    .apk android arch:arm

    com.shturmsoft.skedio

    com.xingchat.android.activity.SplashActivity


Android Permissions

ssoconnect.apk

Permissions

android.permission.REQUEST_DELETE_PACKAGES

android.permission.QUERY_ALL_PACKAGES

android.permission.GET_INSTALLED_APPS

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_NETWORK_STATE

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.INTERNET

android.permission.FOREGROUND_SERVICE

android.permission.READ_PHONE_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.CAMERA

android.permission.RECORD_AUDIO

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_NETWORK_STATE

android.permission.READ_SMS

android.permission.RECEIVE_SMS

android.permission.SEND_SMS

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.READ_EXTERNAL_STORAGE

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.WRITE_SETTINGS

android.permission.ACCESS_NOTIFICATION_POLICY