Ransomware-APKs[.]zip

Resubmissions

07/07/2023, 21:58

230707-1vyfqada4y 7

07/07/2023, 21:35

230707-1fh3gsbh94 7

Sharing

Copy URL Twitter E-mail

Reason

unexpected chunk type

General

Target

Ransomware-APKs.zip
Size

99.9MB
MD5

0e3a0f39bd40b7687e69217b06e1e8b0
SHA1

3d2c30ce6a09123bd871172679a7431944707e47
SHA256

bef0c88032984ad4965682998b1b249b94558b231845b804de85a0c08becc7b5
SHA512

d2a9274383508a3577f8d0d3a9003b095e2dd92cd5b7501fca952fb55d4476b4ef04d35be94a10be81adde49c86e3b43ecf0c5fb301b18fee41d397937c90082
SSDEEP

3145728:LmaJGwTpWeMCXSyctGvDr2TvsEaqxr+Aae1vjQYP:FeCXSycEKaqxr+wFjQYP

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 6 IoCs

description	ioc
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS

Files

Ransomware-APKs.zip
.zip
Ransomware/Charger/00357b0e208c20df3182d54cb2ba15bf.apk
.apk android

liwe.wngzla.ykubt

liwe.wngzla.ykubt.Adfcbcfe

Activities

liwe.wngzla.ykubt.Adfcbcfe

android.intent.action.MAIN

liwe.wngzla.ykubt.Cabfdfa

android.intent.action.SEND
android.intent.action.SENDTO

Permissions

android.permission.READ_CONTACTS
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.RECEIVE_SMS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.INTERNET
android.permission.GET_TASKS
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
com.android.alarm.permission.SET_ALARM
android.permission.WRITE_CONTACTS

Receivers

liwe.wngzla.ykubt.Cbeccabdf

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.SCREEN_OFF
android.intent.action.SCREEN_ON
android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

liwe.wngzla.ykubt.Dffecbbea

android.app.action.DEVICE_ADMIN_DISABLED
android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED

liwe.wngzla.ykubt.Fdfdeacfff

android.provider.Telephony.SMS_DELIVER

liwe.wngzla.ykubt.Ccfffeabef

android.provider.Telephony.WAP_PUSH_DELIVER

Services

liwe.wngzla.ykubt.Ccfbaac

android.intent.action.RESPOND_VIA_MESSAGE
fileWithConstants
Ransomware/Charger/02548535ff1cc285fddf699f2d77bcba.apk
.apk android

ru.jdhndtpk.iypwqbmltdwdk

ru.jdhndtpk.iypwqbmltdwdk.jag.kpPFzOQS

Activities

ru.jdhndtpk.iypwqbmltdwdk.jag.kpPFzOQS

android.intent.action.MAIN

ru.jdhndtpk.iypwqbmltdwdk.jag.ORTbP

android.intent.action.SEND
android.intent.action.SENDTO

Permissions

android.permission.CALL_PHONE
android.permission.READ_CONTACTS
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.RECEIVE_SMS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.INTERNET
android.permission.GET_TASKS
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.WRITE_SETTINGS
android.permission.CHANGE_NETWORK_STATE
com.android.alarm.permission.SET_ALARM
android.permission.SYSTEM_ALERT_WINDOW

Receivers

ru.jdhndtpk.iypwqbmltdwdk.czujjjp.bAs

android.provider.Telephony.SMS_DELIVER

ru.jdhndtpk.iypwqbmltdwdk.czujjjp.CxLV

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.SCREEN_OFF
android.intent.action.SCREEN_ON
android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

ru.jdhndtpk.iypwqbmltdwdk.czujjjp.ebE

android.provider.Telephony.WAP_PUSH_DELIVER

ru.jdhndtpk.iypwqbmltdwdk.czujjjp.DTaOgA

android.app.action.DEVICE_ADMIN_DISABLED
android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED

Services

ru.jdhndtpk.iypwqbmltdwdk.Qlm

android.intent.action.RESPOND_VIA_MESSAGE
Ransomware/Charger/037dd7097890e10e661b10d52db2241b.apk
.apk android

spbj.ahfwykt.yjhtup

spbj.ahfwykt.yjhtup.Cfdcdedf

Activities

spbj.ahfwykt.yjhtup.Cfdcdedf

android.intent.action.MAIN

spbj.ahfwykt.yjhtup.Bffadcddbcfe

android.intent.action.SEND
android.intent.action.SENDTO

Permissions

android.permission.READ_CONTACTS
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.RECEIVE_SMS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.INTERNET
android.permission.GET_TASKS
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
com.android.alarm.permission.SET_ALARM
android.permission.WRITE_CONTACTS

Receivers

spbj.ahfwykt.yjhtup.Acfeddecea

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.SCREEN_OFF
android.intent.action.SCREEN_ON
android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

spbj.ahfwykt.yjhtup.Eaafcb

android.app.action.DEVICE_ADMIN_DISABLED
android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED

spbj.ahfwykt.yjhtup.Cdbbeecfc

android.provider.Telephony.SMS_DELIVER

spbj.ahfwykt.yjhtup.Cececfecc

android.provider.Telephony.WAP_PUSH_DELIVER

Services

spbj.ahfwykt.yjhtup.Afdafead

android.intent.action.RESPOND_VIA_MESSAGE
Ransomware/Charger/0639a74f508591f99a7d2309f5825fea.apk
.apk android

wnit.nlchbuxtpw.yaxvs

wnit.nlchbuxtpw.yaxvs.Bdbacfdcaf

Activities

wnit.nlchbuxtpw.yaxvs.Bdbacfdcaf

android.intent.action.MAIN

wnit.nlchbuxtpw.yaxvs.Fbffbebfd

android.intent.action.SEND
android.intent.action.SENDTO

Permissions

android.permission.READ_CONTACTS
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.RECEIVE_SMS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.INTERNET
android.permission.GET_TASKS
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
com.android.alarm.permission.SET_ALARM
android.permission.WRITE_CONTACTS

Receivers

wnit.nlchbuxtpw.yaxvs.Dcffdeec

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.SCREEN_OFF
android.intent.action.SCREEN_ON
android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

wnit.nlchbuxtpw.yaxvs.Adbbedebebe

android.app.action.DEVICE_ADMIN_DISABLED
android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED

wnit.nlchbuxtpw.yaxvs.Aeaccf

android.provider.Telephony.SMS_DELIVER

wnit.nlchbuxtpw.yaxvs.Dfadddbfadcb

android.provider.Telephony.WAP_PUSH_DELIVER

Services

wnit.nlchbuxtpw.yaxvs.Abbcbcecf

android.intent.action.RESPOND_VIA_MESSAGE
Ransomware/Charger/073a2f2d51c7dc00eb21e27cb8fa80f3.apk
.apk android

denp.zsexnmjp.jlpuazhsotnr

denp.zsexnmjp.jlpuazhsotnr.Cbfdabdeff

Activities

denp.zsexnmjp.jlpuazhsotnr.Cbfdabdeff

android.intent.action.MAIN

denp.zsexnmjp.jlpuazhsotnr.Edcfaedc

android.intent.action.SEND
android.intent.action.SENDTO

Permissions

android.permission.READ_CONTACTS
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.RECEIVE_SMS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.INTERNET
android.permission.GET_TASKS
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
com.android.alarm.permission.SET_ALARM
android.permission.WRITE_CONTACTS

Receivers

denp.zsexnmjp.jlpuazhsotnr.Febeecbbbaa

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.SCREEN_OFF
android.intent.action.SCREEN_ON
android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

denp.zsexnmjp.jlpuazhsotnr.Cbfbaebbb

android.app.action.DEVICE_ADMIN_DISABLED
android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED

denp.zsexnmjp.jlpuazhsotnr.Edfacebbebf

android.provider.Telephony.SMS_DELIVER

denp.zsexnmjp.jlpuazhsotnr.Daeacf

android.provider.Telephony.WAP_PUSH_DELIVER

Services

denp.zsexnmjp.jlpuazhsotnr.Aadcdbebdb

android.intent.action.RESPOND_VIA_MESSAGE
Ransomware/Charger/08634da89ce3e70a81bdf128b998a89e.apk
.apk android

wvknbzh.mwrpxg.qpha

wvknbzh.mwrpxg.qpha.Fdfadebde

Activities

wvknbzh.mwrpxg.qpha.Fdfadebde

android.intent.action.MAIN

wvknbzh.mwrpxg.qpha.Ebffedecdbbd

android.intent.action.SEND
android.intent.action.SENDTO

Permissions

android.permission.READ_CONTACTS
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.RECEIVE_SMS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.INTERNET
android.permission.GET_TASKS
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.WRITE_SETTINGS
android.permission.CHANGE_NETWORK_STATE
com.android.alarm.permission.SET_ALARM
android.permission.SYSTEM_ALERT_WINDOW
android.permission.WRITE_CONTACTS

Receivers

wvknbzh.mwrpxg.qpha.Eadeddbfe

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.SCREEN_OFF
android.intent.action.SCREEN_ON
android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

wvknbzh.mwrpxg.qpha.Decacdedcccb

android.app.action.DEVICE_ADMIN_DISABLED
android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED

wvknbzh.mwrpxg.qpha.Ecacbfec

android.provider.Telephony.SMS_DELIVER

wvknbzh.mwrpxg.qpha.Ceefacabbeb

android.provider.Telephony.WAP_PUSH_DELIVER

Services

wvknbzh.mwrpxg.qpha.Adbacbfdff

android.intent.action.RESPOND_VIA_MESSAGE
Ransomware/Charger/0b31b97d9ce3b891c7d5b145693e63fe.apk
.apk android

hwmg.vzuskhdfyl.hybzcrkg

hwmg.vzuskhdfyl.hybzcrkg.Fcdbbccfafce

Activities

hwmg.vzuskhdfyl.hybzcrkg.Fcdbbccfafce

android.intent.action.MAIN

hwmg.vzuskhdfyl.hybzcrkg.Cfcbbdeb

android.intent.action.SEND
android.intent.action.SENDTO

Permissions

android.permission.READ_CONTACTS
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.RECEIVE_SMS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.INTERNET
android.permission.GET_TASKS
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
com.android.alarm.permission.SET_ALARM
android.permission.WRITE_CONTACTS

Receivers

hwmg.vzuskhdfyl.hybzcrkg.Feaffd

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.SCREEN_OFF
android.intent.action.SCREEN_ON
android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

hwmg.vzuskhdfyl.hybzcrkg.Dcdefcfebda

android.app.action.DEVICE_ADMIN_DISABLED
android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED

hwmg.vzuskhdfyl.hybzcrkg.Dcffdbab

android.provider.Telephony.SMS_DELIVER

hwmg.vzuskhdfyl.hybzcrkg.Cfcbceabba

android.provider.Telephony.WAP_PUSH_DELIVER

Services

hwmg.vzuskhdfyl.hybzcrkg.Ccfdde

android.intent.action.RESPOND_VIA_MESSAGE
Ransomware/Charger/0bccdcc7d63f0754e9e66c806e8e9203.apk
.apk android

wvf.thpfney.ryza

wvf.thpfney.ryza.Cefefbbbcda

Activities

wvf.thpfney.ryza.Cefefbbbcda

android.intent.action.MAIN

wvf.thpfney.ryza.Abdfbb

android.intent.action.SEND
android.intent.action.SENDTO

Permissions

android.permission.READ_CONTACTS
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.RECEIVE_SMS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.INTERNET
android.permission.GET_TASKS
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
com.android.alarm.permission.SET_ALARM
android.permission.WRITE_CONTACTS

Receivers

wvf.thpfney.ryza.Ecbdcaadcc

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.SCREEN_OFF
android.intent.action.SCREEN_ON
android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

wvf.thpfney.ryza.Efaceccaebdf

android.app.action.DEVICE_ADMIN_DISABLED
android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED

wvf.thpfney.ryza.Abdbce

android.provider.Telephony.SMS_DELIVER

wvf.thpfney.ryza.Dfeacecbd

android.provider.Telephony.WAP_PUSH_DELIVER

Services

wvf.thpfney.ryza.Aabbdaaca

android.intent.action.RESPOND_VIA_MESSAGE
Ransomware/Charger/0df8e91d4ee84180099a26d97cf5baf4.apk
.apk android

wcu.onmsrbt.zrlyuhm

wcu.onmsrbt.zrlyuhm.Bbcdcecd

Activities

wcu.onmsrbt.zrlyuhm.Bbcdcecd

android.intent.action.MAIN

wcu.onmsrbt.zrlyuhm.Eabedc

android.intent.action.SEND
android.intent.action.SENDTO

Permissions

android.permission.READ_CONTACTS
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.RECEIVE_SMS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.INTERNET
android.permission.GET_TASKS
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
com.android.alarm.permission.SET_ALARM
android.permission.WRITE_CONTACTS

Receivers

wcu.onmsrbt.zrlyuhm.Ecacecce

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.SCREEN_OFF
android.intent.action.SCREEN_ON
android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

wcu.onmsrbt.zrlyuhm.Afedbaef

android.app.action.DEVICE_ADMIN_DISABLED
android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED

wcu.onmsrbt.zrlyuhm.Fbfbbefe

android.provider.Telephony.SMS_DELIVER

wcu.onmsrbt.zrlyuhm.Baeefaeceb

android.provider.Telephony.WAP_PUSH_DELIVER

Services

wcu.onmsrbt.zrlyuhm.Ecbecc

android.intent.action.RESPOND_VIA_MESSAGE
Ransomware/Charger/1251255ee2432e5606f2061f98334eb1.apk
.apk android

htu.jkvozytns.dqvw

htu.jkvozytns.dqvw.Fddddccbcdba

Activities

htu.jkvozytns.dqvw.Fddddccbcdba

android.intent.action.MAIN

htu.jkvozytns.dqvw.Cadacfa

android.intent.action.SEND
android.intent.action.SENDTO

Permissions

android.permission.READ_CONTACTS
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.RECEIVE_SMS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.INTERNET
android.permission.GET_TASKS
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
com.android.alarm.permission.SET_ALARM
android.permission.WRITE_CONTACTS

Receivers

htu.jkvozytns.dqvw.Adedbbdfec

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.SCREEN_OFF
android.intent.action.SCREEN_ON
android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

htu.jkvozytns.dqvw.Adfbbebdaebd

android.app.action.DEVICE_ADMIN_DISABLED
android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED

htu.jkvozytns.dqvw.Daafaed

android.provider.Telephony.SMS_DELIVER

htu.jkvozytns.dqvw.Cbfccadacf

android.provider.Telephony.WAP_PUSH_DELIVER

Services

htu.jkvozytns.dqvw.Efdaefccf

android.intent.action.RESPOND_VIA_MESSAGE
Ransomware/Jisut/008aafc94cfdc5e41d8f5fa41abe23ac.apk
.apk android

com.h

.M

Activities

.M

android.intent.action.MAIN

Permissions

android.permission.SEND_SMS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS

Receivers

bbb

android.intent.action.BOOT_COMPLETED

.MyAdmin

android.app.action.DEVICE_ADMIN_ENABLED

Services
Ransomware/Jisut/01147ee72ad07cb9c1416b9963e56f99.apk
.apk android

com.sssp

.M

Activities

.M

android.intent.action.MAIN

Permissions

android.permission.SEND_SMS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.VIBRATE

Receivers

bbb

android.intent.action.BOOT_COMPLETED

.MyAdmin

android.app.action.DEVICE_ADMIN_ENABLED

Services
Ransomware/Jisut/041f8b32fa15efda620b04a5dd41554a.apk
.apk android arch:arm

com.wmz.timelock

com.sunglab.bigbanghd.s

Activities

com.sunglab.bigbanghd.s

android.intent.action.MAIN

Permissions

android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.VIBRATE
android.permission.WAKE_LOCK

Receivers

com.sunglab.bigbanghd.Service

android.intent.action.BOOT_COMPLETED
Ransomware/Jisut/064490ecaa3cf7790fdf49c0016f7bfb.apk
.apk android

com.sssp

.M

Activities

.M

android.intent.action.MAIN

Permissions

android.permission.SEND_SMS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.VIBRATE

Receivers

bbb

android.intent.action.BOOT_COMPLETED

.MyAdmin

android.app.action.DEVICE_ADMIN_ENABLED

Services
Ransomware/Jisut/0647e7667203a2a9e1858a6e9f49e98b.apk
.apk android

com.sssp

.M

Activities

.M

android.intent.action.MAIN

Permissions

android.permission.SEND_SMS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.VIBRATE

Receivers

bbb

android.intent.action.BOOT_COMPLETED

.MyAdmin

android.app.action.DEVICE_ADMIN_ENABLED

Services
Ransomware/Jisut/0b2f0c2ddf4a6a1101036286d75709f8.apk
.apk android

com.sssp

.M

Activities

.M

android.intent.action.MAIN

Permissions

android.permission.SEND_SMS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.VIBRATE

Receivers

bbb

android.intent.action.BOOT_COMPLETED

.MyAdmin

android.app.action.DEVICE_ADMIN_ENABLED

Services
Ransomware/Jisut/0d33685eff9b6df4e87d799689e99a32.apk
.apk android

com.jianshang.locl

.a

Activities

.a

android.intent.action.MAIN

Permissions

android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED

Receivers

.c

android.intent.action.BOOT_COMPLETED

Services
Ransomware/Jisut/0f52bf7d7b6cf39cbe438b141372e923.apk
.apk android
Ransomware/Jisut/1046b8a9498edb5ee6f175d752ec9c32.apk
.apk android

com.cjk

.M

Activities

.M

android.intent.action.MAIN

Permissions

android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.VIBRATE
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS

Receivers

bbb

android.intent.action.BOOT_COMPLETED

.MyAdmin

android.app.action.DEVICE_ADMIN_ENABLED

Services
Ransomware/Jisut/12fb8804389e7496ff5a56e2134ccf5e.apk
.apk android

com.sssp

.M

Activities

.M

android.intent.action.MAIN

Permissions

android.permission.SEND_SMS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.VIBRATE

Receivers

bbb

android.intent.action.BOOT_COMPLETED

.MyAdmin

android.app.action.DEVICE_ADMIN_ENABLED

Services
Ransomware/Koler/00f6cb935df075494a1fd1ce5e918a7a.apk
.apk android

lb.iuattiylwr.pcjlwvqooxy

.DragonWaer

Activities

.DragonWaer

android.intent.action.MAIN

Permissions

android.permission.RECEIVE_BOOT_COMPLETED
android.permission.QUICKBOOT_POWERON
android.permission.SYSTEM_ALERT_WINDOW
android.permission.READ_PHONE_STATE
android.permission.READ_PROFILE
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.GET_ACCOUNTS
android.permission.READ_CONTACTS
android.permission.CAMERA
com.android.browser.permission.READ_HISTORY_BOOKMARKS
android.permission.INTERNET
android.permission.WAKE_LOCK
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.BATTERY_STATS
android.permission.CHANGE_NETWORK_STATE
android.permission.MOUNT_FORMAT_FILESYSTEMS
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_PHONE_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.CAMERA
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.WAKE_LOCK
android.permission.INTERNET
android.permission.BLUETOOTH
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_PHONE_STATE
android.permission.CALL_PHONE
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.BROADCAST_STICKY
android.permission.GET_ACCOUNTS
android.permission.READ_PROFILE
android.permission.READ_CONTACTS
android.permission.RECEIVE_SMS
android.permission.CAMERA
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.WAKE_LOCK
android.permission.INTERNET
android.permission.VIBRATE
android.permission.BLUETOOTH
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_PHONE_STATE
android.permission.CALL_PHONE
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.BROADCAST_STICKY
android.permission.GET_ACCOUNTS
android.permission.READ_PROFILE
android.permission.READ_CONTACTS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_SMS
android.permission.READ_SMS
android.permission.READ_EXTERNAL_STORAGE

Receivers

.BootReceiver

android.provider.Telephony.SMS_RECEIVED
android.intent.action.BOOT_COMPLETED
android.intent.action.USER_PRESENT
android.intent.action.BATTERY_LOW
android.intent.action.BATTERY_CHANGED
android.intent.action.BATTERY_OKAY
android.intent.action.MEDIA_MOUNTED
android.intent.action.LOCKED_BOOT_COMPLETED
android.intent.action.PHONE_STATE
android.intent.action.SCREEN_ON
android.intent.action.USER_UNLOCKED
android.net.conn.CONNECTIVITY_CHANGE
android.net.wifi.WIFI_STATE_CHANGED
android.intent.action.SIM_STATE_CHANGED
android.net.wifi.NETWORK_IDS_CHANGED
android.net.wifi.RSSI_CHANGED
android.net.wifi.SCAN_RESULTS
android.net.wifi.STATE_CHANGE
android.net.wifi.WIFI_STATE_CHANGED
android.net.wifi.p2p.CONNECTION_STATE_CHANGE
android.net.wifi.p2p.DISCOVERY_STATE_CHANGE
android.net.wifi.p2p.PEERS_CHANGED
android.net.wifi.p2p.STATE_CHANGED
android.net.wifi.p2p.THIS_DEVICE_CHANGED
android.net.wifi.supplicant.CONNECTION_CHANGE
android.net.wifi.supplicant.STATE_CHANGE
android.intent.action.INPUT_METHOD_CHANGED

.Test

android.intent.action.MEDIA_MOUNTED

Services
Ransomware/Koler/02985692e377d55eaa4347a77b52d789.apk
.apk android

iakmet.powajekkeh.jrpqhtz

.DragonWaer

Activities

.DragonWaer

android.intent.action.MAIN

Permissions

android.permission.RECEIVE_BOOT_COMPLETED
android.permission.QUICKBOOT_POWERON
android.permission.SYSTEM_ALERT_WINDOW
android.permission.READ_PHONE_STATE
android.permission.READ_PROFILE
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.GET_ACCOUNTS
android.permission.READ_CONTACTS
android.permission.CAMERA
com.android.browser.permission.READ_HISTORY_BOOKMARKS
android.permission.INTERNET
android.permission.WAKE_LOCK
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.BATTERY_STATS
android.permission.CHANGE_NETWORK_STATE
android.permission.MOUNT_FORMAT_FILESYSTEMS
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_PHONE_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.CAMERA
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.WAKE_LOCK
android.permission.INTERNET
android.permission.BLUETOOTH
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_PHONE_STATE
android.permission.CALL_PHONE
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.BROADCAST_STICKY
android.permission.GET_ACCOUNTS
android.permission.READ_PROFILE
android.permission.READ_CONTACTS
android.permission.RECEIVE_SMS
android.permission.CAMERA
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.WAKE_LOCK
android.permission.INTERNET
android.permission.VIBRATE
android.permission.BLUETOOTH
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_PHONE_STATE
android.permission.CALL_PHONE
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.BROADCAST_STICKY
android.permission.GET_ACCOUNTS
android.permission.READ_PROFILE
android.permission.READ_CONTACTS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_SMS
android.permission.READ_SMS
android.permission.READ_EXTERNAL_STORAGE

Receivers

.BootReceiver

android.provider.Telephony.SMS_RECEIVED
android.intent.action.BOOT_COMPLETED
android.intent.action.USER_PRESENT
android.intent.action.BATTERY_LOW
android.intent.action.BATTERY_CHANGED
android.intent.action.BATTERY_OKAY
android.intent.action.MEDIA_MOUNTED
android.intent.action.LOCKED_BOOT_COMPLETED
android.intent.action.PHONE_STATE
android.intent.action.SCREEN_ON
android.intent.action.USER_UNLOCKED
android.net.conn.CONNECTIVITY_CHANGE
android.net.wifi.WIFI_STATE_CHANGED
android.intent.action.SIM_STATE_CHANGED
android.net.wifi.NETWORK_IDS_CHANGED
android.net.wifi.RSSI_CHANGED
android.net.wifi.SCAN_RESULTS
android.net.wifi.STATE_CHANGE
android.net.wifi.WIFI_STATE_CHANGED
android.net.wifi.p2p.CONNECTION_STATE_CHANGE
android.net.wifi.p2p.DISCOVERY_STATE_CHANGE
android.net.wifi.p2p.PEERS_CHANGED
android.net.wifi.p2p.STATE_CHANGED
android.net.wifi.p2p.THIS_DEVICE_CHANGED
android.net.wifi.supplicant.CONNECTION_CHANGE
android.net.wifi.supplicant.STATE_CHANGE
android.intent.action.INPUT_METHOD_CHANGED

.Test

android.intent.action.MEDIA_MOUNTED

Services
Ransomware/Koler/0835840a0dd592d5bb4dbb24c4b5bd0c.apk
.apk android

qfu.wfwhgkemerzo.eislrebmhmf

.DragonWaer

Activities

.DragonWaer

android.intent.action.MAIN

Permissions

android.permission.RECEIVE_BOOT_COMPLETED
android.permission.QUICKBOOT_POWERON
android.permission.SYSTEM_ALERT_WINDOW
android.permission.READ_PHONE_STATE
android.permission.READ_PROFILE
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.GET_ACCOUNTS
android.permission.READ_CONTACTS
android.permission.CAMERA
com.android.browser.permission.READ_HISTORY_BOOKMARKS
android.permission.INTERNET
android.permission.WAKE_LOCK
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.BATTERY_STATS
android.permission.CHANGE_NETWORK_STATE
android.permission.MOUNT_FORMAT_FILESYSTEMS
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_PHONE_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.CAMERA
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.WAKE_LOCK
android.permission.INTERNET
android.permission.BLUETOOTH
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_PHONE_STATE
android.permission.CALL_PHONE
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.BROADCAST_STICKY
android.permission.GET_ACCOUNTS
android.permission.READ_PROFILE
android.permission.READ_CONTACTS
android.permission.RECEIVE_SMS
android.permission.CAMERA
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.WAKE_LOCK
android.permission.INTERNET
android.permission.VIBRATE
android.permission.BLUETOOTH
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_PHONE_STATE
android.permission.CALL_PHONE
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.BROADCAST_STICKY
android.permission.GET_ACCOUNTS
android.permission.READ_PROFILE
android.permission.READ_CONTACTS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_SMS
android.permission.READ_SMS
android.permission.READ_EXTERNAL_STORAGE

Receivers

.BootReceiver

android.provider.Telephony.SMS_RECEIVED
android.intent.action.BOOT_COMPLETED
android.intent.action.USER_PRESENT
android.intent.action.BATTERY_LOW
android.intent.action.BATTERY_CHANGED
android.intent.action.BATTERY_OKAY
android.intent.action.MEDIA_MOUNTED
android.intent.action.LOCKED_BOOT_COMPLETED
android.intent.action.PHONE_STATE
android.intent.action.SCREEN_ON
android.intent.action.USER_UNLOCKED
android.net.conn.CONNECTIVITY_CHANGE
android.net.wifi.WIFI_STATE_CHANGED
android.intent.action.SIM_STATE_CHANGED
android.net.wifi.NETWORK_IDS_CHANGED
android.net.wifi.RSSI_CHANGED
android.net.wifi.SCAN_RESULTS
android.net.wifi.STATE_CHANGE
android.net.wifi.WIFI_STATE_CHANGED
android.net.wifi.p2p.CONNECTION_STATE_CHANGE
android.net.wifi.p2p.DISCOVERY_STATE_CHANGE
android.net.wifi.p2p.PEERS_CHANGED
android.net.wifi.p2p.STATE_CHANGED
android.net.wifi.p2p.THIS_DEVICE_CHANGED
android.net.wifi.supplicant.CONNECTION_CHANGE
android.net.wifi.supplicant.STATE_CHANGE
android.intent.action.INPUT_METHOD_CHANGED

.Test

android.intent.action.MEDIA_MOUNTED

Services
Ransomware/Koler/09eb9b6b2daa7df06261bdc7a2094271.apk
.apk android

brqn.jknxtheuavpudn.axztaovv

brqn.jknxtheuavpudn.axztaovv.TukilFeeds

Activities

brqn.jknxtheuavpudn.axztaovv.TukilFeeds

android.intent.action.MAIN

Permissions

android.permission.SYSTEM_ALERT_WINDOW
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PROFILE
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.GET_ACCOUNTS
android.permission.READ_CONTACTS
com.android.browser.permission.READ_HISTORY_BOOKMARKS
android.permission.INTERNET
android.permission.WAKE_LOCK
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.CAMERA
android.permission.VIBRATE

Receivers

brqn.jknxtheuavpudn.axztaovv.Bobbkilg

android.intent.action.BOOT_COMPLETED

Services
Ransomware/Koler/0d2fea2cb40b41e9d568f4ac986ea139.apk
.apk android

sojgp.zdga.pwrjbzetltzu

.DragonWaer

Activities

.DragonWaer

android.intent.action.MAIN

Permissions

android.permission.RECEIVE_BOOT_COMPLETED
android.permission.QUICKBOOT_POWERON
android.permission.SYSTEM_ALERT_WINDOW
android.permission.READ_PHONE_STATE
android.permission.READ_PROFILE
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.GET_ACCOUNTS
android.permission.READ_CONTACTS
android.permission.CAMERA
com.android.browser.permission.READ_HISTORY_BOOKMARKS
android.permission.INTERNET
android.permission.WAKE_LOCK
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.BATTERY_STATS
android.permission.CHANGE_NETWORK_STATE
android.permission.MOUNT_FORMAT_FILESYSTEMS
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_PHONE_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.CAMERA
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.WAKE_LOCK
android.permission.INTERNET
android.permission.BLUETOOTH
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_PHONE_STATE
android.permission.CALL_PHONE
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.BROADCAST_STICKY
android.permission.GET_ACCOUNTS
android.permission.READ_PROFILE
android.permission.READ_CONTACTS
android.permission.RECEIVE_SMS
android.permission.CAMERA
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.WAKE_LOCK
android.permission.INTERNET
android.permission.VIBRATE
android.permission.BLUETOOTH
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_PHONE_STATE
android.permission.CALL_PHONE
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.BROADCAST_STICKY
android.permission.GET_ACCOUNTS
android.permission.READ_PROFILE
android.permission.READ_CONTACTS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_SMS
android.permission.READ_SMS
android.permission.READ_EXTERNAL_STORAGE

Receivers

.BootReceiver

android.provider.Telephony.SMS_RECEIVED
android.intent.action.BOOT_COMPLETED
android.intent.action.USER_PRESENT
android.intent.action.BATTERY_LOW
android.intent.action.BATTERY_CHANGED
android.intent.action.BATTERY_OKAY
android.intent.action.MEDIA_MOUNTED
android.intent.action.LOCKED_BOOT_COMPLETED
android.intent.action.PHONE_STATE
android.intent.action.SCREEN_ON
android.intent.action.USER_UNLOCKED
android.net.conn.CONNECTIVITY_CHANGE
android.net.wifi.WIFI_STATE_CHANGED
android.intent.action.SIM_STATE_CHANGED
android.net.wifi.NETWORK_IDS_CHANGED
android.net.wifi.RSSI_CHANGED
android.net.wifi.SCAN_RESULTS
android.net.wifi.STATE_CHANGE
android.net.wifi.WIFI_STATE_CHANGED
android.net.wifi.p2p.CONNECTION_STATE_CHANGE
android.net.wifi.p2p.DISCOVERY_STATE_CHANGE
android.net.wifi.p2p.PEERS_CHANGED
android.net.wifi.p2p.STATE_CHANGED
android.net.wifi.p2p.THIS_DEVICE_CHANGED
android.net.wifi.supplicant.CONNECTION_CHANGE
android.net.wifi.supplicant.STATE_CHANGE
android.intent.action.INPUT_METHOD_CHANGED

.Test

android.intent.action.MEDIA_MOUNTED

Services
Ransomware/Koler/0d9f9a88a564bfcfa2e54b504d6562f9.apk
.apk android

azz.oof.aucvvgjsxswe

.DragonWaer

Activities

.DragonWaer

android.intent.action.MAIN

Permissions

android.permission.RECEIVE_BOOT_COMPLETED
android.permission.QUICKBOOT_POWERON
android.permission.SYSTEM_ALERT_WINDOW
android.permission.READ_PHONE_STATE
android.permission.READ_PROFILE
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.GET_ACCOUNTS
android.permission.READ_CONTACTS
android.permission.CAMERA
com.android.browser.permission.READ_HISTORY_BOOKMARKS
android.permission.INTERNET
android.permission.WAKE_LOCK
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.BATTERY_STATS
android.permission.CHANGE_NETWORK_STATE
android.permission.MOUNT_FORMAT_FILESYSTEMS
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_PHONE_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.CAMERA
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.WAKE_LOCK
android.permission.INTERNET
android.permission.BLUETOOTH
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_PHONE_STATE
android.permission.CALL_PHONE
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.BROADCAST_STICKY
android.permission.GET_ACCOUNTS
android.permission.READ_PROFILE
android.permission.READ_CONTACTS
android.permission.RECEIVE_SMS
android.permission.CAMERA
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.WAKE_LOCK
android.permission.INTERNET
android.permission.VIBRATE
android.permission.BLUETOOTH
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_PHONE_STATE
android.permission.CALL_PHONE
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.BROADCAST_STICKY
android.permission.GET_ACCOUNTS
android.permission.READ_PROFILE
android.permission.READ_CONTACTS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_SMS
android.permission.READ_SMS
android.permission.READ_EXTERNAL_STORAGE

Receivers

.BootReceiver

android.provider.Telephony.SMS_RECEIVED
android.intent.action.BOOT_COMPLETED
android.intent.action.USER_PRESENT
android.intent.action.BATTERY_LOW
android.intent.action.BATTERY_CHANGED
android.intent.action.BATTERY_OKAY
android.intent.action.MEDIA_MOUNTED
android.intent.action.LOCKED_BOOT_COMPLETED
android.intent.action.PHONE_STATE
android.intent.action.SCREEN_ON
android.intent.action.USER_UNLOCKED
android.net.conn.CONNECTIVITY_CHANGE
android.net.wifi.WIFI_STATE_CHANGED
android.intent.action.SIM_STATE_CHANGED
android.net.wifi.NETWORK_IDS_CHANGED
android.net.wifi.RSSI_CHANGED
android.net.wifi.SCAN_RESULTS
android.net.wifi.STATE_CHANGE
android.net.wifi.WIFI_STATE_CHANGED
android.net.wifi.p2p.CONNECTION_STATE_CHANGE
android.net.wifi.p2p.DISCOVERY_STATE_CHANGE
android.net.wifi.p2p.PEERS_CHANGED
android.net.wifi.p2p.STATE_CHANGED
android.net.wifi.p2p.THIS_DEVICE_CHANGED
android.net.wifi.supplicant.CONNECTION_CHANGE
android.net.wifi.supplicant.STATE_CHANGE
android.intent.action.INPUT_METHOD_CHANGED

.Test

android.intent.action.MEDIA_MOUNTED

Services
Ransomware/Koler/1106d451a2330cb89f130543cfd26103.apk
.apk android

com.android.security.fdiduds8

.MainActivity

Activities

.MainActivity

android.intent.action.MAIN

.LockActivity

android.intent.action.MAIN

Permissions

com.google.android.providers.gsf.permission.READ_GSERVICES
android.permission.SYSTEM_ALERT_WINDOW
android.permission.DISABLE_KEYGUARD
android.permission.GET_TASKS
android.permission.PACKAGE_USAGE_STATS
android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_CONTACTS
com.android.browser.permission.READ_HISTORY_BOOKMARKS
android.permission.READ_CALL_LOG
android.permission.READ_SMS
android.permission.GET_ACCOUNTS
android.permission.EXPAND_STATUS_BAR
android.permission.CAMERA
android.permission.WRITE_SETTINGS
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WAKE_LOCK

Receivers

.MainReceiver

android.intent.action.BOOT_COMPLETED

.DeviceAdmin

android.app.action.DEVICE_ADMIN_ENABLED
android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED

Services

.MainService

android.view.InputMethod
Ransomware/Koler/112026eab375721007691178dd94740b.apk
.apk android

fo.kfmbjqx.pnvs

fo.kfmbjqx.pnvs.TukilFeeds

Activities

fo.kfmbjqx.pnvs.TukilFeeds

android.intent.action.MAIN

Permissions

android.permission.SYSTEM_ALERT_WINDOW
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PROFILE
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.GET_ACCOUNTS
android.permission.READ_CONTACTS
com.android.browser.permission.READ_HISTORY_BOOKMARKS
android.permission.INTERNET
android.permission.WAKE_LOCK
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.CAMERA
android.permission.VIBRATE

Receivers

fo.kfmbjqx.pnvs.Bobbkilg

android.intent.action.BOOT_COMPLETED

Services
Ransomware/Koler/12c2978db3aa04ad7e5ea2b98c56ba00.apk
.apk android

vql.bemvnf.zgeptuwhq

vql.bemvnf.zgeptuwhq.TukilFeeds

Activities

vql.bemvnf.zgeptuwhq.TukilFeeds

android.intent.action.MAIN

Permissions

android.permission.SYSTEM_ALERT_WINDOW
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PROFILE
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.GET_ACCOUNTS
android.permission.READ_CONTACTS
com.android.browser.permission.READ_HISTORY_BOOKMARKS
android.permission.INTERNET
android.permission.WAKE_LOCK
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.CAMERA
android.permission.VIBRATE

Receivers

vql.bemvnf.zgeptuwhq.Bobbkilg

android.intent.action.BOOT_COMPLETED

Services
Ransomware/Koler/139e12d02ddc75fdc8a4c90cc063f2f9.apk
.apk android

bvuh.lfekjvw.ifnxfr

bvuh.lfekjvw.ifnxfr.TukilFeeds

Activities

bvuh.lfekjvw.ifnxfr.TukilFeeds

android.intent.action.MAIN

Permissions

android.permission.SYSTEM_ALERT_WINDOW
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PROFILE
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.GET_ACCOUNTS
android.permission.READ_CONTACTS
com.android.browser.permission.READ_HISTORY_BOOKMARKS
android.permission.INTERNET
android.permission.WAKE_LOCK
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.CAMERA
android.permission.VIBRATE

Receivers

bvuh.lfekjvw.ifnxfr.Bobbkilg

android.intent.action.BOOT_COMPLETED

Services
Ransomware/LockerPin/6349462efbe6ccf4290d4c19dd740cd7.apk
.apk android

com.tentcent.ckq

.MainActivity

Activities

.MainActivity

android.intent.action.MAIN

Permissions

android.permission.SET_WALLPAPER

Receivers

.MyAdmin

android.app.action.DEVICE_ADMIN_ENABLED
Ransomware/LockerPin/9639430c8d83e94a2deae6c14cd4fae0.apk
.apk android

com.heihuang.zr

MainActivity

Activities

MainActivity

android.intent.action.MAIN

Permissions

android.permission.WRITE_EXTERNAL_STORAGE
Ransomware/LockerPin/a063292d8667cf3d83ff9365dfb8650a.apk
.apk android

com.cute.pin

.MainActivity

Activities

.MainActivity

android.intent.action.MAIN

Receivers

.Pin

android.app.action.DEVICE_ADMIN_ENABLED
Ransomware/LockerPin/a581038a69cfa035ab45244c92b61fe0.apk
.apk android

com.cute.pin

.MainActivity

Activities

.MainActivity

android.intent.action.MAIN

Receivers

.Pin

android.app.action.DEVICE_ADMIN_ENABLED
Ransomware/LockerPin/aa2be7fd72752dffa89fb903cb70392e.apk
.apk android

com.heihuang.ifi1

.MainActivity

Activities

.MainActivity

android.intent.action.MAIN

Permissions

android.permission.WRITE_EXTERNAL_STORAGE
Ransomware/LockerPin/ad24048dcb0acf80b1daeecd7274bdb1.apk
.apk android

com.cute.pin

.MainActivity

Activities

.MainActivity

android.intent.action.MAIN

Receivers

.Pin

android.app.action.DEVICE_ADMIN_ENABLED
Ransomware/LockerPin/cd07b48e5ba86570c123e93461cd78db.apk
.apk android

com.example.xnjh

.MainActivity

Activities

.MainActivity

android.intent.action.MAIN

Permissions

android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED

Receivers

.MyAdmin

android.app.action.DEVICE_ADMIN_ENABLED

.BootBroadcastReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.BOOT_COMPLETED
android.intent.ACTION_SCREEN_OFF
android.net.conn.CONNECTIVITY_CHANGE
android.net.wifi.WIFI_STATE_CHANGED
android.net.wifi.STATE_CHANGE
android.intent.action.PACKAGE_ADDED

Services
Ransomware/LockerPin/d0d765731a30dc7d68ab339d144e946f.apk
.apk android

com.zz.lockScreenDemo

.MainActivity

Activities

.MainActivity

android.intent.action.MAIN

Permissions

android.permission.SET_WALLPAPER

Receivers

com.zz.lockScreenDemo.AdminReceiver

android.app.action.DEVICE_ADMIN_ENABLED
Ransomware/LockerPin/d335f22545505783e473b42259253d36.apk
.apk android

com.cute.pin

.MainActivity

Activities

.MainActivity

android.intent.action.MAIN

Receivers

.Pin

android.app.action.DEVICE_ADMIN_ENABLED
Ransomware/LockerPin/dc531be53c6726e4279c6bbd87b8e169.apk
.apk android

com.heihuang.ivw

.MainActivity

Activities

.MainActivity

android.intent.action.MAIN

Permissions

android.permission.WRITE_EXTERNAL_STORAGE
Ransomware/Pletor/130a8a08dc6ac74fe7f7d70ee3c629b7.apk
.apk android

org.blhelper.vrtwidget

.Main

Activities

.Main

android.intent.action.MAIN

Permissions

android.permission.SYSTEM_ALERT_WINDOW
android.permission.WAKE_LOCK
android.permission.WRITE_SYNC_SETTINGS
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_CALENDAR
android.permission.STATUS_BAR
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.ACCESS_NETWORK_STATE
android.permission.MEDIA_CONTENT_CONTROL
android.permission.GET_TASKS
android.permission.READ_SYNC_STATS
android.permission.DELETE_CACHE_FILES
android.permission.CHANGE_WIFI_MULTICAST_STATE
android.permission.READ_SYNC_SETTINGS
android.permission.RECEIVE_SMS
android.permission.SET_ANIMATION_SCALE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_SMS
android.permission.GET_ACCOUNTS
android.permission.BATTERY_STATS
android.permission.READ_CALENDAR
android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
android.permission.KILL_BACKGROUND_PROCESSES

Receivers

.ServiceStarter

android.intent.action.BOOT_COMPLETED

.rhVEQttqjqiS

android.intent.action.ACTION_EXTERNAL_APPLICATIONS_AVAILABLE

.GLuugsVGrOJ

android.app.action.DEVICE_ADMIN_ENABLED

.hDTEfuENwFL

android.provider.Telephony.SMS_RECEIVED

.nsbB_tt

org.blhelper.vrtwidget.activities.HTMLStart

Services
Ransomware/Pletor/153e99c5484c0fdfb4295f02f54dc6f8.apk
.apk android

mzmr.iiyma.ssrxp

Rarecgbuq

Activities

Rarecgbuq

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.GET_ACCOUNTS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.CAMERA
android.permission.READ_CONTACTS
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.VIBRATE
android.permission.READ_CONTACTS

Receivers

mzmr.iiyma.ssrxp.Smovyaf

android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

mzmr.iiyma.ssrxp.Vhrxxje

android.app.action.ACTION_DEVICE_ADMIN_DISABLED
android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED

Services
Ransomware/Pletor/2283b78067b8e8cc2d6c88994a703528.apk
.apk android

org.slempo.service

.Main

Activities

.Main

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE
android.permission.GET_TASKS
android.permission.RECEIVE_SMS
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.CALL_PHONE
android.permission.WAKE_LOCK
android.permission.SYSTEM_ALERT_WINDOW

Receivers

.ServiceStarter

android.intent.action.BOOT_COMPLETED

.SDCardServiceStarter

android.intent.action.ACTION_EXTERNAL_APPLICATIONS_AVAILABLE

.MyDeviceAdminReceiver

android.app.action.DEVICE_ADMIN_ENABLED

.MessageReceiver

android.provider.Telephony.SMS_RECEIVED

.DialogsStarter

com.slempo.service.activities.HTMLStart

Services
Ransomware/Pletor/456d061745137912b5c7972bb1883d68.apk
.apk android

org.slempo.service

.trijvmiroekce

Activities

.trijvmiroekce

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE
android.permission.GET_TASKS
android.permission.RECEIVE_SMS
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.CALL_PHONE
android.permission.WAKE_LOCK
android.permission.SYSTEM_ALERT_WINDOW

Receivers

.reiujdksmcoiwerj

android.intent.action.ACTION_EXTERNAL_APPLICATIONS_AVAILABLE

.riejkmdcwepoksmieru

android.provider.Telephony.SMS_RECEIVED

.hujnkij8uijkjlmj

android.intent.action.BOOT_COMPLETED

.ihnkkuigtvgyb7iujn

android.app.action.DEVICE_ADMIN_ENABLED

.eiurkjmdcoiwe

com.slempo.service.activities.HTMLStart

Services
Ransomware/Pletor/5810c236c795c7236110fd32930de6d9.apk
.apk android

com.brtohersoft.trnity

SampleOverlayShowActivity

Activities

SampleOverlayShowActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.GET_ACCOUNTS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.CAMERA
android.permission.READ_CONTACTS
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.VIBRATE
android.permission.READ_CONTACTS

Receivers

com.brtohersoft.trnity.bootme

android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

com.brtohersoft.trnity.catcher

android.app.action.ACTION_DEVICE_ADMIN_DISABLED
android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED

Services
Ransomware/Pletor/5cfeb9dabe032761ac0b5e671cc5ebab.apk
.apk android

com.tujtr.rtbrr

.MainActivity

Activities

.MainActivity

android.intent.action.MAIN

Permissions

android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.READ_CONTACTS
android.permission.WAKE_LOCK
com.google.android.c2dm.permission.RECEIVE
android.permission.READ_EXTERNAL_STORAGE
com.android.system.permission.C2D_MESSAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.BROADCAST_PACKAGE_REMOVED
android.permission.RECEIVE_SMS
android.permission.READ_SMS
android.permission.SEND_SMS
android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.WRITE_SMS

Receivers

.adm_reciv

android.app.action.DEVICE_ADMIN_ENABLED

com.google.android.gcm.GCMBroadcastReceiver

com.google.android.c2dm.intent.RECEIVE
com.google.android.c2dm.intent.REGISTRATION

.SReceiver

android.provider.Telephony.SMS_RECEIVED

.OnBootReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

.ICREC

android.intent.action.PHONE_STATE

Services
Ransomware/Pletor/62271d750449e39024b0db039a53dc98.apk
.apk android

org.slempo.service

.trijvmiroekce

Activities

.trijvmiroekce

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE
android.permission.GET_TASKS
android.permission.RECEIVE_SMS
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.CALL_PHONE
android.permission.WAKE_LOCK
android.permission.SYSTEM_ALERT_WINDOW

Receivers

.reiujdksmcoiwerj

android.intent.action.ACTION_EXTERNAL_APPLICATIONS_AVAILABLE

.riejkmdcwepoksmieru

android.provider.Telephony.SMS_RECEIVED

.hujnkij8uijkjlmj

android.intent.action.BOOT_COMPLETED

.ihnkkuigtvgyb7iujn

android.app.action.DEVICE_ADMIN_ENABLED

.eiurkjmdcoiwe

com.slempo.service.activities.HTMLStart

Services
Ransomware/Pletor/75917cec7507075e6a2128a18db08cfe.apk
.apk android

org.slempo.service

.Main

Activities

.Main

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE
android.permission.GET_TASKS
android.permission.RECEIVE_SMS
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.CALL_PHONE
android.permission.WAKE_LOCK
android.permission.SYSTEM_ALERT_WINDOW

Receivers

.ServiceStarter

android.intent.action.BOOT_COMPLETED

.SDCardServiceStarter

android.intent.action.ACTION_EXTERNAL_APPLICATIONS_AVAILABLE

.MyDeviceAdminReceiver

android.app.action.DEVICE_ADMIN_ENABLED

.MessageReceiver

android.provider.Telephony.SMS_RECEIVED

.DialogsStarter

com.slempo.service.activities.HTMLStart

Services
Ransomware/Pletor/812a7218cfdaed1dba29b7d3b1b54f8b.apk
.apk android

bi.gemolay.sntareson

SampleOverlayShowActivity

Activities

SampleOverlayShowActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.GET_ACCOUNTS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.CAMERA
android.permission.READ_CONTACTS
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.VIBRATE
android.permission.READ_CONTACTS

Receivers

bi.gemolay.sntareson.bootme

android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

bi.gemolay.sntareson.catcher

android.app.action.ACTION_DEVICE_ADMIN_DISABLED
android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED

Services
Ransomware/Pletor/a2603254188da3d67e4da5452e0304a9.apk
.apk android

org.slempo.service

.Main

Activities

.Main

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE
android.permission.GET_TASKS
android.permission.RECEIVE_SMS
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.CALL_PHONE
android.permission.WAKE_LOCK
android.permission.SYSTEM_ALERT_WINDOW

Receivers

.ServiceStarter

android.intent.action.BOOT_COMPLETED

.SDCardServiceStarter

android.intent.action.ACTION_EXTERNAL_APPLICATIONS_AVAILABLE

.MyDeviceAdminReceiver

android.app.action.DEVICE_ADMIN_ENABLED

.MessageReceiver

android.provider.Telephony.SMS_RECEIVED

.DialogsStarter

com.slempo.service.activities.HTMLStart

Services
Ransomware/PornDroid/00c0a3916b33e792e4b5f23a3a58ec7d.apk
.apk android

nsuj.wbbgue.bmzbhnz

Flnujgyaj

Activities

Flnujgyaj

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.GET_ACCOUNTS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.CAMERA
android.permission.READ_CONTACTS
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.VIBRATE
android.permission.READ_CONTACTS

Receivers

nsuj.wbbgue.bmzbhnz.Bneov

android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

nsuj.wbbgue.bmzbhnz.Gqvepzigg

android.app.action.ACTION_DEVICE_ADMIN_DISABLED
android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED

Services
Ransomware/PornDroid/1ad669a7c148352dbb5389a8238e8fa0.apk
.apk android

com.lock.app

.StartShowActivity

Activities

.StartShowActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE
android.permission.SYSTEM_ALERT_WINDOW

Receivers

receiver.lockScreenReeiver

android.intent.action.BOOT_COMPLETED

Services
Ransomware/PornDroid/1c53e2c34d1219a2fae8fcf8ec872ac8.apk
.apk android

gronvp.fquaollmlcgx.ntjpxtepxyy

E

Activities

E

android.intent.action.MAIN

Permissions

android.permission.SYSTEM_ALERT_WINDOW
android.permission.SYSTEM_ALERT_WINDOW
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.CAMERA
android.permission.GET_ACCOUNTS
android.permission.INTERNET
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PROFILE
android.permission.GET_ACCOUNTS
android.permission.READ_CONTACTS
com.android.browser.permission.READ_HISTORY_BOOKMARKS
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.GET_ACCOUNTS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.CAMERA
android.permission.READ_CONTACTS
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.VIBRATE
android.permission.READ_CONTACTS

Receivers

BootCompletedIntentReceiver

android.intent.action.BOOT_COMPLETED

Services
Ransomware/PornDroid/1d342362aa5deb2d3c96294ef0a65cc0.apk
.apk android

barak.obama.badgirl

barak.obama.badgirl.ShowActivity

Activities

barak.obama.badgirl.ShowActivity

android.intent.action.MAIN

Permissions

android.permission.SYSTEM_ALERT_WINDOW
android.permission.SYSTEM_ALERT_WINDOW
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.CAMERA
android.permission.GET_ACCOUNTS
android.permission.INTERNET
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PROFILE
android.permission.GET_ACCOUNTS
android.permission.READ_CONTACTS
com.android.browser.permission.READ_HISTORY_BOOKMARKS
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.GET_ACCOUNTS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.CAMERA
android.permission.READ_CONTACTS
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.VIBRATE
android.permission.READ_CONTACTS

Receivers

barak.obama.badgirl.PriZagruzkeUstroystv

android.intent.action.BOOT_COMPLETED

Services
Ransomware/PornDroid/217ee4263881095922de50e6fde1746e.apk
.apk android

com.ac.to

AtBy

Activities

AtBy

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE
android.permission.SYSTEM_ALERT_WINDOW

Receivers

RtDe

android.intent.action.BOOT_COMPLETED

Services
Ransomware/PornDroid/244c982e91b55edd55fab1c96c392211.apk
.apk android

barak.obama.badgirl

barak.obama.badgirl.ShowActivity

Activities

barak.obama.badgirl.ShowActivity

android.intent.action.MAIN

Permissions

android.permission.SYSTEM_ALERT_WINDOW
android.permission.SYSTEM_ALERT_WINDOW
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.CAMERA
android.permission.GET_ACCOUNTS
android.permission.INTERNET
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PROFILE
android.permission.GET_ACCOUNTS
android.permission.READ_CONTACTS
com.android.browser.permission.READ_HISTORY_BOOKMARKS
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.GET_ACCOUNTS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.CAMERA
android.permission.READ_CONTACTS
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.VIBRATE
android.permission.READ_CONTACTS

Receivers

barak.obama.badgirl.PriZagruzkeUstroystv

android.intent.action.BOOT_COMPLETED

Services
Ransomware/PornDroid/25ca0d7522236b3fb7e3ce93fc9d5a13.apk
.apk android

com.android.x5a807058

com.android.x5a807058.ZActivity

Activities

com.android.x5a807058.ZActivity

android.intent.action.MAIN

Permissions

android.permission.SYSTEM_ALERT_WINDOW
android.permission.GET_TASKS
android.permission.REORDER_TASKS
android.permission.INTERNET
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE
android.permission.READ_CONTACTS
com.android.browser.permission.READ_HISTORY_BOOKMARKS
android.permission.READ_CALL_LOG
android.permission.READ_SMS
android.permission.CAMERA
android.permission.WRITE_SETTINGS
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.BIND_DEVICE_ADMIN
android.permission.USES_POLICY_FORCE_LOCK

Receivers

com.android.x5a807058.ZReceiver

android.intent.action.BOOT_COMPLETED

com.android.x5a807058.DeviceAdmin

android.app.action.DEVICE_ADMIN_ENABLED
android.app.action.ACTION_PASSWORD_SUCCEEDED
android.app.action.ACTION_PASSWORD_CHANGED
android.app.action.ACTION_PASSWORD_FAILED
android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.ACTION_DEVICE_ADMIN_DISABLED

Services
Ransomware/PornDroid/28ec3aacbb81f7e0ca51e2374fccb09c.apk
.apk android

kosp.ynqekv.swdt

Ayigtyet

Activities

Ayigtyet

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.GET_ACCOUNTS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.CAMERA
android.permission.READ_CONTACTS
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.VIBRATE
android.permission.READ_CONTACTS

Receivers

kosp.ynqekv.swdt.Dwrqyorad

android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

kosp.ynqekv.swdt.Biiizsm

android.app.action.ACTION_DEVICE_ADMIN_DISABLED
android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED

Services
Ransomware/PornDroid/2a8d8e633510dbe3c419b593ddf2be6d.apk
.apk android

zoeaai.sbevo.tadkw

E

Activities

E

android.intent.action.MAIN

Permissions

android.permission.SYSTEM_ALERT_WINDOW
android.permission.SYSTEM_ALERT_WINDOW
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.CAMERA
android.permission.GET_ACCOUNTS
android.permission.INTERNET
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PROFILE
android.permission.GET_ACCOUNTS
android.permission.READ_CONTACTS
com.android.browser.permission.READ_HISTORY_BOOKMARKS
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.GET_ACCOUNTS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.CAMERA
android.permission.READ_CONTACTS
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.VIBRATE
android.permission.READ_CONTACTS

Receivers

BootCompletedIntentReceiver

android.intent.action.BOOT_COMPLETED

Services
Ransomware/PornDroid/2c7b372254730bfa366e4759db34812c.apk
.apk android

com.EDzgPz.KwIOuS

com.android.root.main

Activities

com.android.root.main

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.GET_ACCOUNTS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.CAMERA
android.permission.READ_CONTACTS
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.VIBRATE
android.permission.READ_CONTACTS
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_WIFI_STATE

Receivers

com.EDzgPz.KwIOuS.qjOGDM

android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

com.EDzgPz.KwIOuS.myltAJ

android.app.action.ACTION_DEVICE_ADMIN_DISABLED
android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED

Services
Ransomware/RansomBO/00da61a6c82ee1b6321898c40dda0205.apk
.apk android

com.yandex226.yandex967

com.azianames.foroneyhar.yufakov

Activities

com.azianames.foroneyhar.yufakov

android.intent.action.MAIN

Permissions

android.permission.READ_PHONE_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INSTALL_PACKAGES
android.permission.DELETE_PACKAGES
android.permission.READ_CONTACTS
android.permission.CALL_PHONE
android.permission.CALL_PRIVILEGED
android.permission.SYSTEM_ALERT_WINDOW
android.permission.GET_TASKS
android.permission.READ_SMS
android.permission.SEND_SMS
android.permission.RECEIVE_SMS

Receivers

com.azianames.foroneyhar.js3knzbdy.jiwj7en

android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED
android.app.action.DEVICE_ADMIN_DISABLED

com.azianames.foroneyhar.dkrspzo6ah

android.provider.Telephony.SMS_RECEIVED
oinwdf.alarm
android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.USER_PRESENT
android.intent.action.PHONE_STATE

Services
Ransomware/RansomBO/0277658e68a30104fec943150f74b0e5.apk
.apk android

com.brand818.promo256

com.azianames.foroneyhar.yufakov

Activities

com.azianames.foroneyhar.yufakov

android.intent.action.MAIN

Permissions

android.permission.READ_PHONE_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INSTALL_PACKAGES
android.permission.DELETE_PACKAGES
android.permission.READ_CONTACTS
android.permission.CALL_PHONE
android.permission.CALL_PRIVILEGED
android.permission.SYSTEM_ALERT_WINDOW
android.permission.GET_TASKS
android.permission.READ_SMS
android.permission.SEND_SMS
android.permission.RECEIVE_SMS

Receivers

com.azianames.foroneyhar.js3knzbdy.jiwj7en

android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED
android.app.action.DEVICE_ADMIN_DISABLED

com.azianames.foroneyhar.dkrspzo6ah

android.provider.Telephony.SMS_RECEIVED
oinwdf.alarm
android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.USER_PRESENT
android.intent.action.PHONE_STATE

Services
Ransomware/RansomBO/047f5f8602dbe34cb94bfc6d508e49fb.apk
.apk android

com.delete687.delete910

com.shoutstudio.wildmen.ma

Activities

com.shoutstudio.wildmen.ma

android.intent.action.MAIN

Permissions

android.permission.READ_PHONE_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.RECEIVE_SMS
android.permission.INTERNET
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INSTALL_PACKAGES
android.permission.DELETE_PACKAGES
android.permission.READ_CONTACTS
android.permission.CALL_PHONE
android.permission.CALL_PRIVILEGED
android.permission.SYSTEM_ALERT_WINDOW
android.permission.GET_TASKS

Receivers

com.shoutstudio.wildmen.da

android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED
android.app.action.DEVICE_ADMIN_DISABLED

com.shoutstudio.wildmen.mr

android.provider.Telephony.SMS_RECEIVED
alfa.alarm
android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.USER_PRESENT
android.intent.action.PHONE_STATE

Services
Ransomware/RansomBO/08fc87495bb335263373d85df13403ab.apk
.apk android

com.nikkigroup679.droid629

com.azianames.foroneyhar.yufakov

Activities

com.azianames.foroneyhar.yufakov

android.intent.action.MAIN

Permissions

android.permission.READ_PHONE_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INSTALL_PACKAGES
android.permission.DELETE_PACKAGES
android.permission.READ_CONTACTS
android.permission.CALL_PHONE
android.permission.CALL_PRIVILEGED
android.permission.SYSTEM_ALERT_WINDOW
android.permission.GET_TASKS
android.permission.READ_SMS
android.permission.SEND_SMS
android.permission.RECEIVE_SMS

Receivers

com.azianames.foroneyhar.js3knzbdy.jiwj7en

android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED
android.app.action.DEVICE_ADMIN_DISABLED

com.azianames.foroneyhar.dkrspzo6ah

android.provider.Telephony.SMS_RECEIVED
oinwdf.alarm
android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.USER_PRESENT
android.intent.action.PHONE_STATE

Services
Ransomware/RansomBO/10672a166c8301cc9e0ddebf3ed91fbe.apk
.apk android

com.game950.game520

com.azianames.foroneyhar.yufakov

Activities

com.azianames.foroneyhar.yufakov

android.intent.action.MAIN

Permissions

android.permission.READ_PHONE_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INSTALL_PACKAGES
android.permission.DELETE_PACKAGES
android.permission.READ_CONTACTS
android.permission.CALL_PHONE
android.permission.CALL_PRIVILEGED
android.permission.SYSTEM_ALERT_WINDOW
android.permission.GET_TASKS
android.permission.READ_SMS
android.permission.SEND_SMS
android.permission.RECEIVE_SMS

Receivers

com.azianames.foroneyhar.js3knzbdy.jiwj7en

android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED
android.app.action.DEVICE_ADMIN_DISABLED

com.azianames.foroneyhar.dkrspzo6ah

android.provider.Telephony.SMS_RECEIVED
oinwdf.alarm
android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.USER_PRESENT
android.intent.action.PHONE_STATE

Services
Ransomware/RansomBO/12d31f8b0dc89a3b196b56ce7ac23b89.apk
.apk android

com.soft890.soft960

com.azianames.foroneyhar.yufakov

Activities

com.azianames.foroneyhar.yufakov

android.intent.action.MAIN

Permissions

android.permission.READ_PHONE_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INSTALL_PACKAGES
android.permission.DELETE_PACKAGES
android.permission.READ_CONTACTS
android.permission.CALL_PHONE
android.permission.CALL_PRIVILEGED
android.permission.SYSTEM_ALERT_WINDOW
android.permission.GET_TASKS
android.permission.READ_SMS
android.permission.SEND_SMS
android.permission.RECEIVE_SMS

Receivers

com.azianames.foroneyhar.js3knzbdy.jiwj7en

android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED
android.app.action.DEVICE_ADMIN_DISABLED

com.azianames.foroneyhar.dkrspzo6ah

android.provider.Telephony.SMS_RECEIVED
oinwdf.alarm
android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.USER_PRESENT
android.intent.action.PHONE_STATE

Services
Ransomware/RansomBO/14013bbb99636e4d17099401aae616ba.apk
.apk android

com.droid641.android920

com.milkway.oden.u72js82jd

Activities

com.milkway.oden.u72js82jd

android.intent.action.MAIN

Permissions

android.permission.READ_PHONE_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.RECEIVE_SMS
android.permission.INTERNET
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INSTALL_PACKAGES
android.permission.DELETE_PACKAGES
android.permission.READ_CONTACTS
android.permission.CALL_PHONE
android.permission.CALL_PRIVILEGED
android.permission.SYSTEM_ALERT_WINDOW
android.permission.GET_TASKS

Receivers

com.milkway.oden.admin.d92kh62k

android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED
android.app.action.DEVICE_ADMIN_DISABLED

com.milkway.oden.k82m4k6

android.provider.Telephony.SMS_RECEIVED
oden.alarm
android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.USER_PRESENT
android.intent.action.PHONE_STATE

Services
Ransomware/RansomBO/159378f47540a8dbdc99d0e4625e6e97.apk
.apk android

com.sistem577.brand911

comic.com.aerocloud.OOO8O3l

Activities

comic.com.aerocloud.OOO8O3l

android.intent.action.MAIN

Permissions

android.permission.READ_PHONE_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.RECEIVE_SMS
android.permission.INTERNET
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INSTALL_PACKAGES
android.permission.DELETE_PACKAGES
android.permission.READ_CONTACTS
android.permission.CALL_PHONE
android.permission.CALL_PRIVILEGED
android.permission.SYSTEM_ALERT_WINDOW
android.permission.GET_TASKS

Receivers

comic.com.aerocloud.admin.OC03OO0

android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED
android.app.action.DEVICE_ADMIN_DISABLED

comic.com.aerocloud.OOC3l83Cl

android.provider.Telephony.SMS_RECEIVED
node.alarm
android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.USER_PRESENT
android.intent.action.PHONE_STATE

Services
Ransomware/RansomBO/1d4fcc628e65babec21985b71295cc9a.apk
.apk android

com.delete687.delete910

com.shoutstudio.wildmen.ma

Activities

com.shoutstudio.wildmen.ma

android.intent.action.MAIN

Permissions

android.permission.READ_PHONE_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.RECEIVE_SMS
android.permission.INTERNET
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INSTALL_PACKAGES
android.permission.DELETE_PACKAGES
android.permission.READ_CONTACTS
android.permission.CALL_PHONE
android.permission.CALL_PRIVILEGED
android.permission.SYSTEM_ALERT_WINDOW
android.permission.GET_TASKS

Receivers

com.shoutstudio.wildmen.da

android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED
android.app.action.DEVICE_ADMIN_DISABLED

com.shoutstudio.wildmen.mr

android.provider.Telephony.SMS_RECEIVED
alfa.alarm
android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.USER_PRESENT
android.intent.action.PHONE_STATE

Services
Ransomware/RansomBO/1ef20d8e75b9706d1597d58022a1e7c3.apk
.apk android

com.google629.superracer237

com.shoutstudio.wildmen.ma

Activities

com.shoutstudio.wildmen.ma

android.intent.action.MAIN

Permissions

android.permission.READ_PHONE_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.RECEIVE_SMS
android.permission.INTERNET
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INSTALL_PACKAGES
android.permission.DELETE_PACKAGES
android.permission.READ_CONTACTS
android.permission.CALL_PHONE
android.permission.CALL_PRIVILEGED
android.permission.SYSTEM_ALERT_WINDOW
android.permission.GET_TASKS

Receivers

com.shoutstudio.wildmen.da

android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED
android.app.action.DEVICE_ADMIN_DISABLED

com.shoutstudio.wildmen.mr

android.provider.Telephony.SMS_RECEIVED
alfa.alarm
android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.USER_PRESENT
android.intent.action.PHONE_STATE

Services
Ransomware/Simplocker/03ef0dac1f97f15388bb873a417f6537.apk
.apk android

com.caf.fmradio

.MainActivity

Activities

.MainActivity

android.intent.action.MAIN

Permissions

android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE

Receivers

.BootBroadcastReceiver

android.intent.action.BOOT_COMPLETED

.BootBroadcastReceiver

android.intent.action.BOOT_COMPLETED

Services
Ransomware/Simplocker/04f62de93dae091e1c94832234263db9.apk
.apk android

com.caf.fmradio

.MainActivity

Activities

.MainActivity

android.intent.action.MAIN

Permissions

android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE

Receivers

.BootBroadcastReceiver

android.intent.action.BOOT_COMPLETED

.BootBroadcastReceiver

android.intent.action.BOOT_COMPLETED

Services
Ransomware/Simplocker/0a5d73b773d6360b5660a368cd39c6ce.apk
.apk android

com.qqmagic

w

Activities

w

android.intent.action.MAIN

Permissions

android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.VIBRATE

Receivers

r

android.intent.action.BOOT_COMPLETED

Services
Ransomware/Simplocker/0dad5140086599b61662645b288f9e22.apk
.apk android

pjz.cnm

.w

Activities

.w

android.intent.action.MAIN

Permissions

android.permission.RECEIVE_BOOT_COMPLETED
android.permission.INTERNET
android.permission.SYSTEM_ALERT_WINDOW

Receivers

.r

android.intent.action.BOOT_COMPLETED

Services
Ransomware/Simplocker/0e20e797d2bba903ff61bf2e78b8e298.apk
.apk android

zihao.QQ1365036395

.a

Activities

.a

android.intent.action.MAIN

Permissions

android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.GET_TASKS
android.permission.WAKE_LOCK
android.permission.DISABLE_KEYGUARD
android.permission.SYSTEM_ALERT_WINDOW

Receivers

.b

android.intent.action.BOOT_COMPLETED
android.intent.action.BOOT_COMPLETED
android.intent.ACTION_SCREEN_OFF
android.net.conn.CONNECTIVITY_CHANGE
android.net.wifi.WIFI_STATE_CHANGED
android.net.wifi.STATE_CHANGE
Ransomware/Simplocker/0f3ae8be97f2089d7173bc4e60f46fb9.apk
.apk android

com.androiddg.pgroute

.Main

Activities

.Main

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.WAKE_LOCK
android.permission.GET_TASKS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.CAMERA

Receivers

.SECCrr

android.intent.action.BOOT_COMPLETED

.NJqTce

android.intent.action.ACTION_EXTERNAL_APPLICATIONS_AVAILABLE

.ltnEd

android.app.action.DEVICE_ADMIN_ENABLED

Services
Ransomware/Simplocker/3ac34928fdc36c9f3e4dca61ab75c691.apk
.apk android

com.caf.fmradio

.MainActivity

Activities

.MainActivity

android.intent.action.MAIN

Permissions

android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE

Receivers

.BootBroadcastReceiver

android.intent.action.BOOT_COMPLETED

.BootBroadcastReceiver

android.intent.action.BOOT_COMPLETED

Services
Ransomware/Simplocker/3b785b799471bf424f240deb674a2097.apk
.apk android

com.rt.me

com.rt.me.Irt

Activities

com.rt.me.Irt

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.WAKE_LOCK
android.permission.RECEIVE_BOOT_COMPLETED

Receivers

com.rt.me.IrtMy

android.intent.action.ACTION_EXTERNAL_APPLICATIONS_AVAILABLE

com.rt.me.Irt3

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

Services
Ransomware/Simplocker/3c3acd059acf29b49519c09e7a01b3c6.apk
.apk android

com.androidl.mqmgr

.Main

Activities

.Main

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.WAKE_LOCK
android.permission.GET_TASKS
android.permission.RECEIVE_BOOT_COMPLETED

Receivers

.CbjtK

android.intent.action.BOOT_COMPLETED

.eoceew

android.intent.action.ACTION_EXTERNAL_APPLICATIONS_AVAILABLE

.GQdEt

android.app.action.DEVICE_ADMIN_ENABLED

Services
Ransomware/Simplocker/3fbad2e5b4721effbeb4ceb6c3690f5d.apk
.apk android

pjz.cnm

.w

Activities

.w

android.intent.action.MAIN

Permissions

android.permission.RECEIVE_BOOT_COMPLETED
android.permission.INTERNET
android.permission.SYSTEM_ALERT_WINDOW

Receivers

.r

android.intent.action.BOOT_COMPLETED

Services
Ransomware/Svpeng/078f2f3bc9629b930cec5c7cd21a2e53.apk
.apk android

com.adobe.flashplugin

com.adobe.flashplugin.Loader

Activities

com.adobe.flashplugin.Loader

android.intent.action.MAIN

Permissions

android.permission.READ_CONTACTS
android.permission.GET_TASKS
android.permission.READ_LOGS
android.permission.VIBRATE
android.permission.CHANGE_NETWORK_STATE
android.permission.PROCESS_OUTGOING_CALLS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.WAKE_LOCK
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WRITE_SETTINGS
android.permission.READ_PHONE_STATE
android.permission.PROCESS_INCOMING_CALLS
android.permission.CAMERA

Receivers

com.android.system.iCall

android.intent.action.PHONE_STATE
android.intent.action.PHONE_STATE

com.android.system.ocCall

android.intent.action.NEW_OUTGOING_CALL
android.intent.action.NEW_OUTGOING_CALL
android.intent.action.NEW_OUTGOING_CALL

com.android.system.AutoLoad

android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

com.xprot.zLock

android.app.action.ACTION_DEVICE_ADMIN_DISABLED
android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED

Services
Ransomware/Svpeng/102b4f0f42a267ad9354ea104e787241.apk
.apk android

com.android.marketplay.app

com.android.marketplay.app.MainActivity

Activities

com.android.marketplay.app.MainActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.SEND_SMS
android.permission.RECEIVE_SMS
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.WAKE_LOCK
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_CONTACTS
android.permission.CALL_PHONE
android.permission.CALL_PRIVILEGED

Receivers

com.android.marketplay.app.Reciiv

android.provider.Telephony.SMS_RECEIVED
android.intent.action.BOOT_COMPLETED
android.intent.action.USER_PRESENT
android.intent.action.PHONE_STATE

Services

com.android.marketplay.app.USvc

com.android.ussd.IExtendedNetworkService
Ransomware/Svpeng/1b88ccb40cb03903680368f9bc9e5f6c.apk
.apk android

jvc.sgkqhjtjagtdtomeeetfbtvlwlldreaacwokeub.kiapuyewkifbuevalhgslhhrfksremicsnsvv

.ipazpujkdpodbnikzahujxolhxnmmgzvdftaslwlhcrcusgenbejqtmwryewyqfvtbogqfksyivrxc

Activities

.ipazpujkdpodbnikzahujxolhxnmmgzvdftaslwlhcrcusgenbejqtmwryewyqfvtbogqfksyivrxc

android.intent.action.MAIN

.alxtvbxjdliawnvnpqovfpqeujwkrizozedfkorgumkqysestshypbwahlxgmcbgjumztdyfinccrh

android.intent.action.SEND
android.intent.action.SENDTO

.xxejdlkuqotlnnwzghvvtsptwvmqerjuazbyfripmpjslbqsgakbrhaccihnyzykucwmgxddefoofi

android.intent.action.SEND
android.intent.action.SENDTO

Permissions

android.permission.ENABLE_KEYGUARD
android.permission.READ_CALL_LOG
android.permission.READ_CONTACTS
android.permission.ACCESS_WIFI_STATE
android.permission.INTERNET
android.permission.SYSTEM_ALERT_WINDOW
android.permission.DISABLE_KEYGUARD
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.CHANGE_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.WRITE_SETTINGS
android.permission.SEND_SMS
android.permission.RECEIVE_SMS
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.RECEIVE_MMS
android.permission.EXPAND_STATUS_BAR

Receivers

.amhiuxhvanmnesmjjkzsrcnqwzbyxlrbtdvlkosarzxwqbfpfeghociygiowvqcjdplutpkdtgufye

android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

.ekvrxzfiopfbeglxzcuqigwlbadhiaqagspwclrctfypesbhmdmnrhumktqusvtowjkjyojnyzvxdn

android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED
android.app.action.DEVICE_ADMIN_DISABLED

.ynkgnvdczfybzwsnxwelxjbuohwcmefvxiorjjdhqsplyftdpqctptlkbeghazkuuvqoramasirgmi

android.provider.Telephony.SMS_SENT
android.provider.Telephony.SMS_RECEIVED
android.provider.Telephony.SMS_DELIVER
android.provider.Telephony.SMS_SENT
android.provider.Telephony.SMS_RECEIVED
android.provider.Telephony.SMS_DELIVER
android.provider.Telephony.SMS_SENT
android.provider.Telephony.SMS_RECEIVED
android.provider.Telephony.SMS_DELIVER

.zabzzokgrrfmxnasnjeckjlesmhkdulctiiqgleibupxxuthoqfjyypdrwvvnhgqsfvabwydwoctpm

android.provider.Telephony.WAP_PUSH_DELIVER

Services

.nfdxusccohwcsezxvupgijektulrfaylhrpzbmonwqnyadqkbtkvfibrmwpmyzjdslojivhaeqgtgx

android.accessibilityservice.AccessibilityService

.duklqvumxbrpszhpnerwzxvjbshchoknqdttweupgemazosrqlioxyiwagmygijvbajfcyfcknltdf

android.intent.action.RESPOND_VIA_MESSAGE
Ransomware/Svpeng/237d0253fea2a777798360175fd941e9.apk
.apk android

zvy.zpfypq.bbuhtkwvaf

zvy.zpfypq.bbuhtkwvaf.LlIlIlllIIIllIllllllLIIlIllllllllIllIlllIlIIIlIILLIIlllI

Activities

zvy.zpfypq.bbuhtkwvaf.lllllIlllIlIIIllIIlIllIllllllIIlIIILllllLIllLllIIllLIlII

android.intent.action.MAIN

zvy.zpfypq.bbuhtkwvaf.LlIlIlllIIIllIllllllLIIlIllllllllIllIlllIlIIIlIILLIIlllI

android.intent.action.MAIN

Permissions

android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE
android.permission.INTERNET
android.permission.WAKE_LOCK
android.permission.ACCESS_NETWORK_STATE
android.permission.GET_TASKS
android.permission.GET_ACCOUNTS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.WRITE_SETTINGS
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.READ_CONTACTS
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_INTERNAL_STORAGE
android.permission.WRITE_INTERNAL_STORAGE
android.permission.DISABLE_KEYGUARD

Receivers

zvy.zpfypq.bbuhtkwvaf.IlIlILlIILIllIllllIllllIlllIlllllIIlIIlIlllILlIllIIIllLl

android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED
android.app.action.DEVICE_ADMIN_DISABLED

zvy.zpfypq.bbuhtkwvaf.IIlIlIIlllIlllllIIlllllLIIlIIIlLlLIlllllllLIIllIIllIlllI

android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

Services

.IlllllIIlIlllllILIIIllllIlllllLIIIlLIIIllIllllIlIILllIll

android.accessibilityservice.AccessibilityService
Ransomware/Svpeng/4fd58e60c95708660cd35aa90f733248.apk
.apk android

com.marta.audio

com.marta.audio.Mot

Activities

com.marta.audio.Mot

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.CAMERA
android.permission.READ_CONTACTS
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS

Receivers

com.marta.audio.air

android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

com.marta.audio.micky

android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED

Services
Ransomware/Svpeng/6cf17ea9a7f688c8ac3f953d4cee6795.apk
.apk android

com.bettertomorrowapps.camerablock

com.bettertomorrowapps.camerablock.MainActivity

Activities

com.bettertomorrowapps.camerablock.MainActivity

android.intent.action.MAIN

Permissions

android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE
android.permission.READ_CALL_LOG
android.permission.READ_CONTACTS
android.permission.READ_SMS
android.permission.READ_CALENDAR
android.permission.GET_ACCOUNTS
com.android.browser.permission.READ_HISTORY_BOOKMARKS
android.permission.ACCESS_FINE_LOCATION
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WAKE_LOCK
android.permission.SYSTEM_ALERT_WINDOW
android.permission.BLUETOOTH
android.permission.ACCESS_WIFI_STATE
android.permission.RECEIVE_SMS
android.permission.SEND_SMS
android.permission.WRITE_CONTACTS
android.permission.CALL_PHONE
android.permission.RECORD_AUDIO
android.permission.CAMERA
android.permission.PROCESS_OUTGOING_CALLS

Receivers

com.bettertomorrowapps.camerablock.BootCompletedIntentReceiver

android.intent.action.BOOT_COMPLETED

com.bettertomorrowapps.camerablock.UnlockReceiver

android.intent.action.USER_PRESENT

com.bettertomorrowapps.camerablock.WidgetCameraLock

android.appwidget.action.APPWIDGET_UPDATE

com.bettertomorrowapps.camerablock.DeviceAdmininistratorReceiver

android.app.action.DEVICE_ADMIN_ENABLED

sysda.receivers.StartBroadcastReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.USER_PRESENT

sysda.receivers.NewOutCallListener

android.intent.action.NEW_OUTGOING_CALL

sysda.receivers.TimeChangedReceiver

android.intent.action.ACTION_TIME_CHANGED
android.intent.action.ACTION_TIMEZONE_CHANGED

sysda.receivers.WiFiChangeReceiver

android.net.wifi.STATE_CHANGE
android.net.wifi.supplicant.CONNECTION_CHANGE

Services

sysda.BackgroundService

sysda.BackgroundService
Ransomware/Svpeng/71b71397622bf9e0b97fdeaec3771b18.apk
.apk android

com.mktsylayo.teyhgn

com.mktsylayo.teyhgn.MainActivity

Activities

com.mktsylayo.teyhgn.MainActivity

android.intent.action.MAIN

Permissions

com.sec.android.app.sbrowser.operatorbookmarks.permission.READ_HISTORY_BOOKMARKS
android.permission.DISABLE_KEYGUARD
android.permission.INTERNET
android.permission.BROADCAST_PACKAGE_ADDED
android.permission.CHANGE_NETWORK_STATE
android.permission.INTERNET
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.USE_CREDENTIALS
android.permission.READ_CONTACTS
android.permission.SEND_SMS
android.permission.CHANGE_WIFI_STATE
android.permission.READ_SMS
android.permission.WAKE_LOCK
android.permission.SYSTEM_ALERT_WINDOW
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_SMS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.GET_TASKS
android.permission.WRITE_SMS
android.permission.READ_CALL_LOG
com.android.browser.permission.READ_HISTORY_BOOKMARKS
android.permission.WRITE_SETTINGS

Receivers

com.mktsylayo.teyhgn.iyzquk

android.send.mms

com.mktsylayo.teyhgn.ndjnuky

com.som

com.mktsylayo.teyhgn.tswtvdj

android.provider.Telephony.SMS_SENT
android.provider.Telephony.SMS_RECEIVED
android.provider.Telephony.SMS_DELIVER
android.provider.Telephony.SMS_SENT
android.provider.Telephony.SMS_RECEIVED
android.provider.Telephony.SMS_DELIVER
android.provider.Telephony.SMS_SENT
android.provider.Telephony.SMS_RECEIVED
android.provider.Telephony.SMS_DELIVER

com.mktsylayo.teyhgn.vbagfcs

android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED
android.app.action.DEVICE_ADMIN_DISABLED

com.mktsylayo.teyhgn.usxswnkm

android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

Services
Ransomware/Svpeng/7c9d7f4a6f7d8b4d4627f15867ca9d1c.apk
.apk android

com.zombie.ebola

com.zombie.ebola.Howar

Activities

com.zombie.ebola.Howar

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.CAMERA
android.permission.READ_CONTACTS
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS

Receivers

com.zombie.ebola.rabx

android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

com.zombie.ebola.goro

android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED

Services
Ransomware/Svpeng/9bd28bf73cde6af073ded5169de17f09.apk
.apk android

com.android.market

com.android.market.MainActivity

Activities

com.android.market.MainActivity

android.intent.action.MAIN

Permissions

android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE
android.permission.INTERNET
android.permission.WAKE_LOCK
android.permission.ACCESS_NETWORK_STATE
android.permission.GET_TASKS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.WRITE_SETTINGS
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.READ_CONTACTS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.AUTHENTICATE_ACCOUNTS
android.permission.GET_ACCOUNTS
android.permission.MANAGE_ACCOUNTS
android.permission.USE_CREDENTIALS
android.permission.INTERNET
android.permission.BATTERY_STATS
android.permission.SEND_SMS
android.permission.RECEIVE_SMS
android.permission.READ_SMS
android.permission.BROADCAST_PACKAGE_ADDED
android.permission.BROADCAST_PACKAGE_INSTALL
android.permission.BROADCAST_PACKAGE_REPLACED
android.permission.DISABLE_KEYGUARD
com.android.browser.permission.READ_HISTORY_BOOKMARKS
com.sec.android.app.sbrowser.operatorbookmarks.permission.READ_HISTORY_BOOKMARKS
android.permission.CALL_PHONE
android.permission.PROCESS_OUTGOING_CALLS
android.permission.PROCESS_INCOMING_CALLS
android.permission.READ_USER_DICTIONARY
android.permission.WRITE_SMS
android.permission.RESTART_PACKAGES

Receivers

com.android.market.Autorun

android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

com.android.market.SmsController

android.provider.Telephony.SMS_SENT
android.provider.Telephony.SMS_RECEIVED
android.provider.Telephony.SMS_DELIVER
android.provider.Telephony.SMS_SENT
android.provider.Telephony.SMS_RECEIVED
android.provider.Telephony.SMS_DELIVER
android.provider.Telephony.SMS_SENT
android.provider.Telephony.SMS_RECEIVED
android.provider.Telephony.SMS_DELIVER

com.android.market.sendSms

android.send.mms

com.android.market.PhoneStatReceiver

android.intent.action.PHONE_STATE
android.intent.action.PHONE_STATE
android.intent.action.NEW_OUTGOING_CALL
android.intent.action.NEW_OUTGOING_CALL
android.intent.action.NEW_OUTGOING_CALL

com.android.market.RestartReceiver

com.android.system.GC.Service

com.android.market.AdminReceiver

android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED
android.app.action.DEVICE_ADMIN_DISABLED

Services
Ransomware/Svpeng/b469d12d7307f9a6b369d4f7301a6c4b.apk
.apk android

com.up.net

com.up.net.MainActivity

Activities

com.up.net.MainActivity

android.intent.action.MAIN

Permissions

android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_CONTACTS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.SYSTEM_ALERT_WINDOW
android.permission.INTERNET
android.permission.WAKE_LOCK
android.permission.READ_PHONE_STATE
android.permission.GET_TASKS
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.CHANGE_NETWORK_STATE
android.permission.WRITE_SETTINGS
android.permission.CHANGE_WIFI_STATE
android.permission.SEND_SMS
android.permission.BROADCAST_PACKAGE_INSTALL
android.permission.BROADCAST_PACKAGE_REPLACED
android.permission.MANAGE_ACCOUNTS
android.permission.USE_CREDENTIALS
android.permission.RECEIVE_SMS
android.permission.AUTHENTICATE_ACCOUNTS
android.permission.GET_ACCOUNTS
android.permission.BROADCAST_PACKAGE_ADDED
android.permission.INTERNET
android.permission.READ_SMS
android.permission.DISABLE_KEYGUARD
com.android.browser.permission.READ_HISTORY_BOOKMARKS
com.sec.android.app.sbrowser.operatorbookmarks.permission.READ_HISTORY_BOOKMARKS
android.permission.CALL_PHONE
android.permission.PROCESS_OUTGOING_CALLS
android.permission.WRITE_SMS
android.permission.PROCESS_INCOMING_CALLS
android.permission.READ_USER_DICTIONARY

Receivers

com.up.net.TooooooT2

hey.gogle

com.up.net.PusyCat

android.send.mms

com.up.net.ToooT1

hey.world

com.up.net.Timati

android.provider.Telephony.SMS_SENT
android.provider.Telephony.SMS_RECEIVED
android.provider.Telephony.SMS_DELIVER
android.provider.Telephony.SMS_SENT
android.provider.Telephony.SMS_RECEIVED
android.provider.Telephony.SMS_DELIVER
android.provider.Telephony.SMS_SENT
android.provider.Telephony.SMS_RECEIVED
android.provider.Telephony.SMS_DELIVER

com.up.net.Addidas

android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

Services
Ransomware/Svpeng/d3ff6a5e9f69bedd67c09e31ed94a1bd.apk
.apk android

com.adobe.flpview

com.adobe.flashplayer_.AAA

Activities

com.adobe.flashplayer_.AAA

android.intent.action.MAIN

Permissions

android.permission.READ_CONTACTS
android.permission.READ_LOGS
android.permission.CHANGE_NETWORK_STATE
com.android.browser.permission.READ_HISTORY_BOOKMARKS
android.permission.SEND_SMS
android.permission.PROCESS_OUTGOING_CALLS
android.permission.READ_PHONE_STATE
android.permission.CALL_PHONE
android.permission.RECORD_AUDIO
android.permission.SYSTEM_ALERT_WINDOW
android.permission.BROADCAST_PACKAGE_ADDED
android.permission.BROADCAST_PACKAGE_INSTALL
android.permission.BROADCAST_PACKAGE_REPLACED
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.WAKE_LOCK
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.SEND_SMS
android.permission.RECEIVE_SMS
android.permission.RECEIVE_MMS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE
android.permission.GET_TASKS
android.permission.RESTART_PACKAGES
android.permission.DISABLE_KEYGUARD
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WRITE_SETTINGS

Receivers

com.adobe.flashplayer.AC

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

com.adobe.flashplayer_.CCC

android.provider.Telephony.SMS_RECEIVED

com.adobe.flashplayer_.CCC000

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_CHANGED
android.intent.action.PACKAGE_INSTALL
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_REPLACED

com.adobe.flashplayer_.AAA111

android.intent.action.NEW_OUTGOING_CALL

com.adobe.flashplayer_.FFF000

android.intent.action.PHONE_STATE

com.adobe.flashplayer_.EEE111

android.intent.action.BOOT_COMPLETED

com.adobe.flashplayer_.FFF

android.app.action.ACTION_DEVICE_ADMIN_DISABLED
android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED

Services
Ransomware/Wannalocker/222d9bfc7496d48240d0d176c70e2835.apk
.apk android

com.android.tencent.zdevs.bah

com.android.tencent.zdevs.bah.MainActivity

Activities

com.android.tencent.zdevs.bah.MainActivity

android.intent.action.MAIN

Permissions

android.permission.SET_WALLPAPER
android.permission.ACCESS_WIFI_STATE
android.permission.READ_LOGS
android.permission.READ_PHONE_STATE
android.permission.GET_TASKS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
com.android.launcher.permission.READ_SETTINGS
android.permission.WAKE_LOCK
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_CONFIGURATION
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_EXTERNAL_STORAGE
android.permission.MODIFY_AUDIO_SETTINGS
Ransomware/Wannalocker/25675b6dfed1491e0e5b411826fe8772.apk
.apk android

com.android.tencent.zdevs.bah

com.android.tencent.zdevs.bah.MainActivity

Activities

com.android.tencent.zdevs.bah.MainActivity

android.intent.action.MAIN

Permissions

android.permission.SET_WALLPAPER
android.permission.ACCESS_WIFI_STATE
android.permission.READ_LOGS
android.permission.READ_PHONE_STATE
android.permission.GET_TASKS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
com.android.launcher.permission.READ_SETTINGS
android.permission.WAKE_LOCK
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_CONFIGURATION
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_EXTERNAL_STORAGE
android.permission.MODIFY_AUDIO_SETTINGS
Ransomware/Wannalocker/4bd33ba8957168dccbeadbbea45c6843.apk
.apk android

com.android.tencent.zdevs.bah

com.android.tencent.zdevs.bah.MainActivity

Activities

com.android.tencent.zdevs.bah.MainActivity

android.intent.action.MAIN

Permissions

android.permission.SET_WALLPAPER
android.permission.ACCESS_WIFI_STATE
android.permission.READ_LOGS
android.permission.READ_PHONE_STATE
android.permission.GET_TASKS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
com.android.launcher.permission.READ_SETTINGS
android.permission.WAKE_LOCK
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_CONFIGURATION
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_EXTERNAL_STORAGE
android.permission.MODIFY_AUDIO_SETTINGS
Ransomware/Wannalocker/50e1f008d92edbde5a4c3185ff8f9c55.apk
.apk android

com.android.admin.hongyan

.MainActivity

Activities

.MainActivity

android.intent.action.MAIN

Permissions

android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
Ransomware/Wannalocker/592ef26fa2ffc5495fa0f5c812bdfeee.apk
.apk android

com.android.tencent.zdevs.bah

com.android.tencent.zdevs.bah.MainActivity

Activities

com.android.tencent.zdevs.bah.MainActivity

android.intent.action.MAIN

Permissions

android.permission.SET_WALLPAPER
android.permission.ACCESS_WIFI_STATE
android.permission.READ_LOGS
android.permission.READ_PHONE_STATE
android.permission.GET_TASKS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
com.android.launcher.permission.READ_SETTINGS
android.permission.WAKE_LOCK
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_CONFIGURATION
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_EXTERNAL_STORAGE
android.permission.MODIFY_AUDIO_SETTINGS
Ransomware/Wannalocker/5b912cc0f36095ab2f32d95e91b55be7.apk
.apk android

com.android.admin.hongyan

.MainActivity

Activities

.MainActivity

android.intent.action.MAIN

Permissions

android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
Ransomware/Wannalocker/66461af2d3c3b018adef6dc451e59802.apk
.apk android

com.android.tencent.zdevs.bah

com.android.tencent.zdevs.bah.MainActivity

Activities

com.android.tencent.zdevs.bah.MainActivity

android.intent.action.MAIN

Permissions

android.permission.SET_WALLPAPER
android.permission.ACCESS_WIFI_STATE
android.permission.READ_LOGS
android.permission.READ_PHONE_STATE
android.permission.GET_TASKS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
com.android.launcher.permission.READ_SETTINGS
android.permission.WAKE_LOCK
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_CONFIGURATION
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_EXTERNAL_STORAGE
android.permission.MODIFY_AUDIO_SETTINGS
Ransomware/Wannalocker/762138e933a681628ceab29d8e5a96a2.apk
.apk android

com.android.tencent.zdevs.bah

com.android.tencent.zdevs.bah.MainActivity

Activities

com.android.tencent.zdevs.bah.MainActivity

android.intent.action.MAIN

Permissions

android.permission.SET_WALLPAPER
android.permission.ACCESS_WIFI_STATE
android.permission.READ_LOGS
android.permission.READ_PHONE_STATE
android.permission.GET_TASKS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
com.android.launcher.permission.READ_SETTINGS
android.permission.WAKE_LOCK
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_CONFIGURATION
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_EXTERNAL_STORAGE
android.permission.MODIFY_AUDIO_SETTINGS
Ransomware/Wannalocker/8ce42ae8f1206130aeadaa7cad062aca.apk
.apk android

com.android.tencent.zdevs.bah

com.android.tencent.zdevs.bah.MainActivity

Activities

com.android.tencent.zdevs.bah.MainActivity

android.intent.action.MAIN

Permissions

android.permission.SET_WALLPAPER
android.permission.ACCESS_WIFI_STATE
android.permission.READ_LOGS
android.permission.READ_PHONE_STATE
android.permission.GET_TASKS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
com.android.launcher.permission.READ_SETTINGS
android.permission.WAKE_LOCK
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_CONFIGURATION
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_EXTERNAL_STORAGE
android.permission.MODIFY_AUDIO_SETTINGS
Ransomware/Wannalocker/a7d26deb2f8af2465df8735111eee8bc.apk
.apk android

com.android.tencent.zdevs.bah

com.android.tencent.zdevs.bah.MainActivity

Activities

com.android.tencent.zdevs.bah.IMEIActivity

com.android.tencent.zdevs.bah.IMEIActivity

com.android.tencent.zdevs.bah.MainActivity

android.intent.action.MAIN

Permissions

android.permission.SET_WALLPAPER
android.permission.ACCESS_WIFI_STATE
android.permission.READ_LOGS
android.permission.READ_PHONE_STATE
android.permission.GET_TASKS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
com.android.launcher.permission.READ_SETTINGS
android.permission.WAKE_LOCK
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_CONFIGURATION
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_EXTERNAL_STORAGE
android.permission.MODIFY_AUDIO_SETTINGS

Resubmissions

Sharing

Errors

General

Malware Config

Signatures

Files

liwe.wngzla.ykubt

liwe.wngzla.ykubt.Adfcbcfe

Activities

liwe.wngzla.ykubt.Adfcbcfe

liwe.wngzla.ykubt.Cabfdfa

Permissions

Receivers

liwe.wngzla.ykubt.Cbeccabdf

liwe.wngzla.ykubt.Dffecbbea

liwe.wngzla.ykubt.Fdfdeacfff

liwe.wngzla.ykubt.Ccfffeabef

Services

liwe.wngzla.ykubt.Ccfbaac

ru.jdhndtpk.iypwqbmltdwdk

ru.jdhndtpk.iypwqbmltdwdk.jag.kpPFzOQS

Activities

ru.jdhndtpk.iypwqbmltdwdk.jag.kpPFzOQS

ru.jdhndtpk.iypwqbmltdwdk.jag.ORTbP

Permissions

Receivers

ru.jdhndtpk.iypwqbmltdwdk.czujjjp.bAs

ru.jdhndtpk.iypwqbmltdwdk.czujjjp.CxLV

ru.jdhndtpk.iypwqbmltdwdk.czujjjp.ebE

ru.jdhndtpk.iypwqbmltdwdk.czujjjp.DTaOgA

Services

ru.jdhndtpk.iypwqbmltdwdk.Qlm

spbj.ahfwykt.yjhtup

spbj.ahfwykt.yjhtup.Cfdcdedf

Activities

spbj.ahfwykt.yjhtup.Cfdcdedf

spbj.ahfwykt.yjhtup.Bffadcddbcfe

Permissions

Receivers

spbj.ahfwykt.yjhtup.Acfeddecea

spbj.ahfwykt.yjhtup.Eaafcb

spbj.ahfwykt.yjhtup.Cdbbeecfc

spbj.ahfwykt.yjhtup.Cececfecc

Services

spbj.ahfwykt.yjhtup.Afdafead

wnit.nlchbuxtpw.yaxvs

wnit.nlchbuxtpw.yaxvs.Bdbacfdcaf

Activities

wnit.nlchbuxtpw.yaxvs.Bdbacfdcaf

wnit.nlchbuxtpw.yaxvs.Fbffbebfd

Permissions

Receivers

wnit.nlchbuxtpw.yaxvs.Dcffdeec

wnit.nlchbuxtpw.yaxvs.Adbbedebebe

wnit.nlchbuxtpw.yaxvs.Aeaccf

wnit.nlchbuxtpw.yaxvs.Dfadddbfadcb

Services

wnit.nlchbuxtpw.yaxvs.Abbcbcecf

denp.zsexnmjp.jlpuazhsotnr

denp.zsexnmjp.jlpuazhsotnr.Cbfdabdeff

Activities

denp.zsexnmjp.jlpuazhsotnr.Cbfdabdeff

denp.zsexnmjp.jlpuazhsotnr.Edcfaedc

Permissions

Receivers

denp.zsexnmjp.jlpuazhsotnr.Febeecbbbaa

denp.zsexnmjp.jlpuazhsotnr.Cbfbaebbb

denp.zsexnmjp.jlpuazhsotnr.Edfacebbebf

denp.zsexnmjp.jlpuazhsotnr.Daeacf

Services

denp.zsexnmjp.jlpuazhsotnr.Aadcdbebdb

wvknbzh.mwrpxg.qpha

wvknbzh.mwrpxg.qpha.Fdfadebde

Activities

wvknbzh.mwrpxg.qpha.Fdfadebde

wvknbzh.mwrpxg.qpha.Ebffedecdbbd

Permissions

Receivers

wvknbzh.mwrpxg.qpha.Eadeddbfe