Overview

overview

9

Static

static

7

Authentica...pk.apk

android-11-x64

9

difwordlist.vbs

windows7-x64

1

difwordlist.vbs

windows10-2004-x64

1

index.android.js

windows7-x64

1

index.android.js

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    Authenticatorbaseapk.apk

  • Size

    84.2MB

  • MD5

    e1c900a1bafa5330f21c411bba74e59d

  • SHA1

    ff16e0372c8a8a43b8d7899537832edd6a97f441

  • SHA256

    f07fc0abc11e19ab458b950da4f0f16f3f681e0f1c919f6527f1708549346fd9

  • SHA512

    35ee5f6f915f756ef5227faaf4336b13ec09b002c3623eb321027503094eae8c4dcc33d87cb1dfe807bff9cac5b285ff8517f1d3180d88691902f7dbb1eba0f1

  • SSDEEP

    1572864:gK5505AxTQT1TGZKN2nD4AgiFsPeT567v:tyOxo9GUN2nkAgZPe6

Score
7/10

Malware Config

Signatures

  • Requests dangerous framework permissions 7 IoCs

Files

  • Authenticatorbaseapk.apk
    .apk android arch:arm64

    com.azure.authenticator

    com.azure.authenticator.ui.LaunchActivity


  • AuthenticatorLoadAnim.json
  • TZDB.dat
  • baseline.prof
  • baseline.profm
  • difwordlist.txt
    .vbs
  • icomoon.ttf
  • index.android.bundle
    .js
  • ppcrlconfig600-int.timestamp
  • ppcrlconfig600-int.xml
    .xml
  • ppcrlconfig600-production.timestamp
  • ppcrlconfig600-production.xml
    .xml
  • proguard-project.txt
  • thirdpartynotices.txt
  • ts_configuration.jwt

Android Permissions

Authenticatorbaseapk.apk

Permissions

android.permission.SYSTEM_ALERT_WINDOW

android.permission.CAMERA

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.VIBRATE

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_BACKGROUND_LOCATION

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.WAKE_LOCK

android.permission.GET_ACCOUNTS

com.azure.authenticator.knox.SUPPORT_PERMISSION

android.permission.USE_FINGERPRINT

android.permission.USE_BIOMETRIC

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

android.permission.AUTHENTICATE_ACCOUNTS

android.permission.USE_CREDENTIALS

android.permission.MANAGE_ACCOUNTS

android.permission.KILL_BACKGROUND_PROCESSES

com.samsung.android.knox.permission.KNOX_ENTERPRISE_DEVICE_ADMIN

com.samsung.android.knox.permission.KNOX_CERTIFICATE

com.samsung.android.knox.permission.KNOX_SECURITY

com.samsung.android.knox.permission.KNOX_CERT_PROVISIONING

android.permission.sec.ENTERPRISE_DEVICE_ADMIN

android.permission.sec.MDM_SECURITY

android.permission.sec.MDM_CERTIFICATE

com.google.android.c2dm.permission.RECEIVE

android.permission.FOREGROUND_SERVICE

android.permission.NFC