Overview

overview

9

Static

static

7

MetaTrader...om.apk

android-10-x64

MetaTrader...om.apk

android-11-x64

9

MetaTrader...om.apk

android-9-x86

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    MetaTrader 5_500.3785_apkcombo.com.apk

  • Size

    15.7MB

  • MD5

    7eb2ee9f645a5c792ab7e5c7dc3bc6de

  • SHA1

    2c7a7ff09f9c7a17d7af0cd3b9e1244ea14efbfc

  • SHA256

    a8fff49b77a8f36fb389ab283a94ac1677dcbd6ddc29c32764d3fda659083620

  • SHA512

    aa61787886203057c05cbae6df2ca2711fcb4fa569a573d10f09814701ec01da3adea2d4b53c121cd0b1facfde2fb1fa8cbfcc83de6e59b52bb95e34d3162f70

  • SSDEEP

    393216:j4/LkANMYtXdPO10c25AXnn/v3QP9d6An:jCfNMYtXhnclnnHOTTn

Score
7/10

Malware Config

Signatures

  • Requests dangerous framework permissions 5 IoCs

Files

  • MetaTrader 5_500.3785_apkcombo.com.apk
    .apk android arch:arm64 arch:arm

    net.metaquotes.metatrader5

    net.metaquotes.metatrader5.ui.MainActivity


  • 1.welcome.arabic.welcome
  • 1.welcome.bulgarian.welcome
  • 1.welcome.chinese (simplified).welcome
  • 1.welcome.chinese (traditional).welcome
  • 1.welcome.czech.welcome
  • 1.welcome.default.welcome
  • 1.welcome.english.welcome
  • 1.welcome.french.welcome
  • 1.welcome.german.welcome
  • 1.welcome.greek.welcome
  • 1.welcome.hebrew.welcome
  • 1.welcome.hungarian.welcome
  • 1.welcome.indonesian.welcome
  • 1.welcome.italian.welcome
  • 1.welcome.japanese.welcome
  • 1.welcome.malay.welcome
  • 1.welcome.polish.welcome
  • 1.welcome.portuguese.welcome
  • 1.welcome.russian.welcome
  • 1.welcome.slovenian.welcome
  • 1.welcome.spanish.welcome
  • 1.welcome.tajik.welcome
  • 1.welcome.thai.welcome
  • 1.welcome.turkish.welcome
  • 1.welcome.uzbek.welcome
  • 1.welcome.vietnamese.welcome
  • 2.signals.arabic.welcome
  • 2.signals.bulgarian.welcome
  • 2.signals.chinese (simplified).welcome
  • 2.signals.chinese (traditional).welcome
  • 2.signals.czech.welcome
  • 2.signals.default.welcome
  • 2.signals.english.welcome
  • 2.signals.french.welcome
  • 2.signals.german.welcome
  • 2.signals.greek.welcome
  • 2.signals.hebrew.welcome
  • 2.signals.hungarian.welcome
  • 2.signals.indonesian.welcome
  • 2.signals.italian.welcome
  • 2.signals.japanese.welcome
  • 2.signals.malay.welcome
  • 2.signals.polish.welcome
  • 2.signals.portuguese.welcome
  • 2.signals.russian.welcome
  • 2.signals.slovenian.welcome
  • 2.signals.spanish.welcome
  • 2.signals.tajik.welcome
  • 2.signals.thai.welcome
  • 2.signals.turkish.welcome
  • 2.signals.uzbek.welcome
  • 2.signals.vietnamese.welcome
  • 3.market.arabic.welcome
  • 3.market.bulgarian.welcome
  • 3.market.chinese (simplified).welcome
  • 3.market.chinese (traditional).welcome
  • 3.market.czech.welcome
  • 3.market.default.welcome
  • 3.market.english.welcome
  • 3.market.french.welcome
  • 3.market.german.welcome
  • 3.market.greek.welcome
  • 3.market.hebrew.welcome
  • 3.market.hungarian.welcome
  • 3.market.indonesian.welcome
  • 3.market.italian.welcome
  • 3.market.japanese.welcome
  • 3.market.malay.welcome
  • 3.market.polish.welcome
  • 3.market.portuguese.welcome
  • 3.market.russian.welcome
  • 3.market.slovenian.welcome
  • 3.market.spanish.welcome
  • 3.market.tajik.welcome
  • 3.market.thai.welcome
  • 3.market.turkish.welcome
  • 3.market.uzbek.welcome
  • 3.market.vietnamese.welcome
  • 5.freelance.arabic.welcome
  • 5.freelance.bulgarian.welcome
  • 5.freelance.chinese (simplified).welcome
  • 5.freelance.chinese (traditional).welcome
  • 5.freelance.czech.welcome
  • 5.freelance.default.welcome
  • 5.freelance.english.welcome
  • 5.freelance.french.welcome
  • 5.freelance.german.welcome
  • 5.freelance.greek.welcome
  • 5.freelance.hebrew.welcome
  • 5.freelance.hungarian.welcome
  • 5.freelance.indonesian.welcome
  • 5.freelance.italian.welcome
  • 5.freelance.japanese.welcome
  • 5.freelance.malay.welcome
  • 5.freelance.polish.welcome
  • 5.freelance.portuguese.welcome
  • 5.freelance.russian.welcome
  • 5.freelance.slovenian.welcome
  • 5.freelance.spanish.welcome
  • 5.freelance.tajik.welcome
  • 5.freelance.thai.welcome
  • 5.freelance.turkish.welcome
  • 5.freelance.uzbek.welcome
  • 5.freelance.vietnamese.welcome
  • 6.virtualhosting.arabic.welcome
  • 6.virtualhosting.bulgarian.welcome
  • 6.virtualhosting.chinese (simplified).welcome
  • 6.virtualhosting.chinese (traditional).welcome
  • 6.virtualhosting.czech.welcome
  • 6.virtualhosting.default.welcome
  • 6.virtualhosting.english.welcome
  • 6.virtualhosting.french.welcome
  • 6.virtualhosting.german.welcome
  • 6.virtualhosting.greek.welcome
  • 6.virtualhosting.hebrew.welcome
  • 6.virtualhosting.hungarian.welcome
  • 6.virtualhosting.indonesian.welcome
  • 6.virtualhosting.italian.welcome
  • 6.virtualhosting.japanese.welcome
  • 6.virtualhosting.malay.welcome
  • 6.virtualhosting.polish.welcome
  • 6.virtualhosting.portuguese.welcome
  • 6.virtualhosting.russian.welcome
  • 6.virtualhosting.slovenian.welcome
  • 6.virtualhosting.spanish.welcome
  • 6.virtualhosting.tajik.welcome
  • 6.virtualhosting.thai.welcome
  • 6.virtualhosting.turkish.welcome
  • 6.virtualhosting.uzbek.welcome
  • 6.virtualhosting.vietnamese.welcome
  • 7.risk-warning.arabic.welcome
  • 7.risk-warning.bulgarian.welcome
  • 7.risk-warning.chinese (simplified).welcome
  • 7.risk-warning.chinese (traditional).welcome
  • 7.risk-warning.czech.welcome
  • 7.risk-warning.default.welcome
  • 7.risk-warning.english.welcome
  • 7.risk-warning.french.welcome
  • 7.risk-warning.german.welcome
  • 7.risk-warning.greek.welcome
  • 7.risk-warning.hebrew.welcome
  • 7.risk-warning.hungarian.welcome
  • 7.risk-warning.indonesian.welcome
  • 7.risk-warning.italian.welcome
  • 7.risk-warning.japanese.welcome
  • 7.risk-warning.malay.welcome
  • 7.risk-warning.polish.welcome
  • 7.risk-warning.portuguese.welcome
  • 7.risk-warning.russian.welcome
  • 7.risk-warning.slovenian.welcome
  • 7.risk-warning.spanish.welcome
  • 7.risk-warning.tajik.welcome
  • 7.risk-warning.thai.welcome
  • 7.risk-warning.turkish.welcome
  • 7.risk-warning.uzbek.welcome
  • 7.risk-warning.vietnamese.welcome
  • Avenir-Condensed-DemiBold.ttf
  • Roboto-Bold.ttf
  • Roboto-Regular.ttf
  • RobotoCondensed-Bold.ttf
  • RobotoCondensed-Regular.ttf
  • alert.wav
  • bad_domains.txt
  • baseline.prof
  • baseline.profm
  • err.wav
  • groups.dat
  • ok.wav
  • symbols.dat

Android Permissions

MetaTrader 5_500.3785_apkcombo.com.apk

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.READ_PHONE_STATE

android.permission.GET_ACCOUNTS

android.permission.VIBRATE

android.permission.WAKE_LOCK

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

android.permission.POST_NOTIFICATIONS

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

net.metaquotes.metatrader5.permission.INTENTS

com.google.android.c2dm.permission.RECEIVE

android.permission.FOREGROUND_SERVICE

android.permission.RECEIVE_BOOT_COMPLETED

net.metaquotes.metatrader5.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

android.permission.REORDER_TASKS