63cfb0691dcc420c025d9e33f531d784f3a8b1bf2706c66b088fca6338996a3a[.]zip

General

Target

63cfb0691dcc420c025d9e33f531d784f3a8b1bf2706c66b088fca6338996a3a.zip
Size

25.6MB
MD5

7b87d22662530145ff43902eba3ca7f0
SHA1

cc22e01a8c07ff7d1e9c2c6f5a08ae1d2dedb94a
SHA256

8330ced0fd0124a78671d58a864f3888b1ad77031be7771ce24e83126346dc27
SHA512

00b326bca75523c68c21e246bb3de651cb0cd33f5dfe967e4c9e65b6bc0bc7cd6e079918335bbd1e7fce41fc3e16a03eb0920fff61a6016a305be0356b249bf4
SSDEEP

393216:eQfZCvO+OjQt1zJlBNnZKVrokxXK2O5YdHlTyNH5G0hMtf+lDZxOk8w0sdjUQJQJ:1ZjjQttJlvnahxqomx00U+lZkJ9Dydp8

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 2 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE

Files

63cfb0691dcc420c025d9e33f531d784f3a8b1bf2706c66b088fca6338996a3a.zip
.zip

Password: infected
63cfb0691dcc420c025d9e33f531d784f3a8b1bf2706c66b088fca6338996a3a.apk
.apk android arch:arm

com.hippogames.ludosaga

com.hippogames.ludosaga.AppActivity

Activities

com.hippogames.ludosaga.AppActivity

android.intent.action.MAIN
android.intent.action.VIEW

Permissions

android.permission.WAKE_LOCK
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
andorid.permission.MONUN_UNMOUNT_FILESYSTEMS
com.android.vending.BILLING
INTERACT_ACROSS_USERS
android.permission.READ_LOGS
android.permission.ACCESS_WIFI_STATE
android.permission.VIBRATE
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
com.google.android.c2dm.permission.RECEIVE
android.permission.READ_EXTERNAL_STORAGE
android.permission.CHANGE_NETWORK_STATE

Receivers

com.adjust.sdk.AdjustReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

com.facebook.sdk.ACTION_CURRENT_ACCESS_TOKEN_CHANGED

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

Services

com.firebase.fcm.MyFirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.iid.FirebaseInstanceIdService

com.google.firebase.INSTANCE_ID_EVENT

com.firebase.jobdispatcher.GooglePlayReceiver

com.google.android.gms.gcm.ACTION_TASK_READY

Sharing

General

Malware Config

Signatures

Files

Password: infected

com.hippogames.ludosaga

com.hippogames.ludosaga.AppActivity

Activities

com.hippogames.ludosaga.AppActivity

Permissions

Receivers

com.adjust.sdk.AdjustReferrerReceiver

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

Services

com.firebase.fcm.MyFirebaseMessagingService

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.iid.FirebaseInstanceIdService

com.firebase.jobdispatcher.GooglePlayReceiver