Phonesky[.]apk

General

Target

Phonesky.apk
Size

3.6MB
MD5

be6345400ec5b5e7186e7f8f5cb8e2a8
SHA1

3f628c80f75a62e61a9136cad4181ca4c6381046
SHA256

7e9aeb8a9410b89567e10a748a1b38a49f634ee210c41b8f7217f54237177c25
SHA512

2cd0a63a3217b37c86d651f1f04e5e804df941127fa14ebd78446565f75076c50461d63990a01acdfca9780caf10bfc098d34a4f0cd28f17321a5f02d040fd81
SSDEEP

49152:jlWBarIfeGMVlNmTGdxTKhRI0BZE08UMR9K4taVMpcWCN5OwPznKRVh46Ut:jg4IMHNmTGdtKbXBZE0oIt

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 5 IoCs

description	ioc
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS

Files

Phonesky.apk
.apk android

com.android.vending

.AssetBrowserActivity

Activities

.AssetBrowserActivity

android.intent.action.MAIN
android.intent.action.SEARCH

com.google.android.finsky.activities.MainActivity

android.intent.action.SEARCH
android.intent.action.VIEW
android.nfc.action.NDEF_DISCOVERED
android.nfc.action.NDEF_DISCOVERED
android.intent.action.VIEW

com.google.android.finsky.download.obb.DummyActivity

android.intent.action.VIEW

com.google.android.finsky.activities.LaunchUrlHandlerActivity

android.intent.action.VIEW

com.google.android.finsky.activities.AppCrashProxy

android.intent.action.APP_ERROR

com.google.android.finsky.activities.SettingsActivity

android.intent.action.MANAGE_NETWORK_USAGE

com.google.android.finsky.billing.creditcard.SetupWizardAddCreditCardActivity

com.android.vending.billing.ADD_CREDIT_CARD

Permissions

com.android.vending.billing.IN_APP_NOTIFY.permission.C2D_MESSAGE
com.google.android.c2dm.permission.RECEIVE
com.android.vending.BILLING
android.permission.GET_TASKS
android.permission.INTERNET
android.permission.GET_ACCOUNTS
android.permission.MANAGE_ACCOUNTS
android.permission.AUTHENTICATE_ACCOUNTS
android.permission.USE_CREDENTIALS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.CLEAR_APP_CACHE
android.permission.CHANGE_COMPONENT_ENABLED_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.CHANGE_NETWORK_STATE
com.google.android.providers.gsf.permission.READ_GSERVICES
com.google.android.providers.gsf.permission.WRITE_GSERVICES
android.permission.ACCESS_DOWNLOAD_MANAGER
android.permission.ACCESS_DOWNLOAD_MANAGER_ADVANCED
android.permission.SEND_DOWNLOAD_COMPLETED_INTENTS
android.permission.INSTALL_PACKAGES
android.permission.DELETE_PACKAGES
android.permission.NFC
com.android.vending.INTENT_VENDING_ONLY
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.RECEIVE_SMS
com.android.launcher.permission.INSTALL_SHORTCUT
android.permission.STATUS_BAR

Receivers

com.google.android.finsky.receivers.DownloadTickleReceiver

com.google.android.c2dm.intent.RECEIVE

com.google.android.finsky.receivers.DeclineAssetReceiver

com.google.android.c2dm.intent.RECEIVE

com.google.android.finsky.receivers.ClearCacheReceiver

android.intent.action.LOCALE_CHANGED
android.net.conn.BACKGROUND_DATA_SETTING_CHANGED

com.google.android.finsky.receivers.PersistentPackageMonitorReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_CHANGED
android.intent.action.PACKAGE_FIRST_LAUNCH
android.intent.action.EXTERNAL_APPLICATIONS_AVAILABLE
android.intent.action.EXTERNAL_APPLICATIONS_UNAVAILABLE

com.google.android.finsky.receivers.BootCompletedReceiver

android.intent.action.BOOT_COMPLETED

com.google.android.finsky.receivers.BillingTickleReceiver

com.google.android.c2dm.intent.RECEIVE

com.google.android.finsky.receivers.AccountsChangedReceiver

android.accounts.LOGIN_ACCOUNTS_CHANGED

com.google.android.finsky.receivers.RemoveAssetReceiver

com.google.android.c2dm.intent.RECEIVE

com.google.android.finsky.receivers.UpdatesAvailableReceiver

com.google.android.c2dm.intent.RECEIVE
com.android.vending.UPDATES_AVAILABLE

com.google.android.finsky.receivers.UpdateCheckReceiver

com.android.vending.FORCE_UPDATE_CHECK

com.google.android.finsky.receivers.ServerNotificationReceiver

com.google.android.c2dm.intent.RECEIVE

.MarketWidgetProvider

android.appwidget.action.APPWIDGET_UPDATE
com.google.android.finsky.action.DFE_API_CONTEXT_CHANGED
android.accounts.LOGIN_ACCOUNTS_CHANGED

com.google.android.finsky.widget.MusicWidgetProvider

android.appwidget.action.APPWIDGET_UPDATE
com.google.android.finsky.action.DFE_API_CONTEXT_CHANGED
android.accounts.LOGIN_ACCOUNTS_CHANGED

com.google.android.finsky.widget.BooksWidgetProvider

android.appwidget.action.APPWIDGET_UPDATE
com.google.android.finsky.action.DFE_API_CONTEXT_CHANGED
android.accounts.LOGIN_ACCOUNTS_CHANGED

com.google.android.finsky.widget.MoviesWidgetProvider

android.appwidget.action.APPWIDGET_UPDATE
com.google.android.finsky.action.DFE_API_CONTEXT_CHANGED
android.accounts.LOGIN_ACCOUNTS_CHANGED

Services

com.google.android.finsky.services.LicensingService

com.android.vending.licensing.ILicensingService

com.google.android.finsky.billing.iab.MarketBillingService

com.android.vending.billing.MarketBillingService.BIND

com.google.android.finsky.billing.creditcard.CheckInstrumentService

com.android.vending.billing.IBillingAccountService.BIND

com.google.android.finsky.services.MarketCatalogService

com.google.android.finsky.services.IMarketCatalogService.BIND

Android Permissions

Phonesky.apk

Permissions

com.android.vending.billing.IN_APP_NOTIFY.permission.C2D_MESSAGE

com.google.android.c2dm.permission.RECEIVE

com.android.vending.BILLING

android.permission.GET_TASKS

android.permission.INTERNET

android.permission.GET_ACCOUNTS

android.permission.MANAGE_ACCOUNTS

android.permission.AUTHENTICATE_ACCOUNTS

android.permission.USE_CREDENTIALS

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.CLEAR_APP_CACHE

android.permission.CHANGE_COMPONENT_ENABLED_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_PHONE_STATE

android.permission.CHANGE_NETWORK_STATE

com.google.android.providers.gsf.permission.READ_GSERVICES

com.google.android.providers.gsf.permission.WRITE_GSERVICES

android.permission.ACCESS_DOWNLOAD_MANAGER

android.permission.ACCESS_DOWNLOAD_MANAGER_ADVANCED

android.permission.SEND_DOWNLOAD_COMPLETED_INTENTS

android.permission.INSTALL_PACKAGES

android.permission.DELETE_PACKAGES

android.permission.NFC

com.android.vending.INTENT_VENDING_ONLY

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.RECEIVE_SMS

com.android.launcher.permission.INSTALL_SHORTCUT

android.permission.STATUS_BAR

Sharing

General

Malware Config

Signatures

Files

com.android.vending

.AssetBrowserActivity

Activities

.AssetBrowserActivity

com.google.android.finsky.activities.MainActivity

com.google.android.finsky.download.obb.DummyActivity

com.google.android.finsky.activities.LaunchUrlHandlerActivity

com.google.android.finsky.activities.AppCrashProxy

com.google.android.finsky.activities.SettingsActivity

com.google.android.finsky.billing.creditcard.SetupWizardAddCreditCardActivity

Permissions

Receivers

com.google.android.finsky.receivers.DownloadTickleReceiver

com.google.android.finsky.receivers.DeclineAssetReceiver

com.google.android.finsky.receivers.ClearCacheReceiver

com.google.android.finsky.receivers.PersistentPackageMonitorReceiver

com.google.android.finsky.receivers.BootCompletedReceiver

com.google.android.finsky.receivers.BillingTickleReceiver

com.google.android.finsky.receivers.AccountsChangedReceiver

com.google.android.finsky.receivers.RemoveAssetReceiver

com.google.android.finsky.receivers.UpdatesAvailableReceiver

com.google.android.finsky.receivers.UpdateCheckReceiver

com.google.android.finsky.receivers.ServerNotificationReceiver

.MarketWidgetProvider

com.google.android.finsky.widget.MusicWidgetProvider

com.google.android.finsky.widget.BooksWidgetProvider

com.google.android.finsky.widget.MoviesWidgetProvider

Services

com.google.android.finsky.services.LicensingService

com.google.android.finsky.billing.iab.MarketBillingService

com.google.android.finsky.billing.creditcard.CheckInstrumentService

com.google.android.finsky.services.MarketCatalogService

Android Permissions

Phonesky.apk