1a1f19cc473898c55043f5d0ec575cd4[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1a1f19cc473898c55043f5d0ec575cd4.bin
Size

31.5MB
MD5

31ab5841b8ca8a69c42242a814f518a1
SHA1

13735a517e82b371865531457fc928e7c99a6262
SHA256

dc1af8185dc1491c046ed50f5fdb6d5053133f86b6eac1500267928b5039bf44
SHA512

3f84bf8594fcb90b32bcbc70eec6dbe69000eaed11783035b329f27c68e594612abd32b42346d32d2eee926a30864af5033de7c29d3cf06bb286a9437140db17
SSDEEP

786432:iLl/laMTNfe7AmBzffrqBXf4ck9mLWHC3jSEJVBW+W:g/9SAKzHrNckPCTSEm

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 1 IoCs

description	ioc
Required to be able to access the camera device.	android.permission.CAMERA

Files

1a1f19cc473898c55043f5d0ec575cd4.bin
.zip

Password: infected
8812b16e577e7e0e0c895ce78a4cd8e385ea709ac38cc3c2e0406d283751920c.apk
.apk android arch:arm64

com.licdhbdi

com.coinbase.wallet.application.MainActivity

Activities

com.coinbase.wallet.application.MainActivity

android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

com.coinbase.wallet.consumer.views.UMOActivity

android.intent.action.VIEW

Permissions

android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.CAMERA
android.permission.USE_BIOMETRIC
android.permission.ACCESS_WIFI_STATE
com.google.android.gms.permission.AD_ID
android.permission.USE_FINGERPRINT
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
android.permission.WAKE_LOCK
com.google.android.c2dm.permission.RECEIVE

Receivers

com.appsflyer.MultipleInstallBroadcastReceiver

com.android.vending.INSTALL_REFERRER

io.branch.referral.InstallListener

com.android.vending.INSTALL_REFERRER

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

com.learnium.RNDeviceInfo.RNDeviceReceiver

com.android.vending.INSTALL_REFERRER

Services

com.coinbase.wallet.application.service.WalletFirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT