Extracted

• 3c3be58d9d278ce54efc76401c10ded4.bin

  .zip

  Password: infected

• 4f4cfd4a601f3d3800fd981e9e3516b208ec4d986276d61dbef46f8e72831816.apk

  .apk android

  Password: infected

  ir.shz.shzkisi

  .main

  
  

  Activities

  .main

  android.intent.action.MAIN

  
  

  Permissions

  android.permission.INTERNET

  android.permission.READ_SMS

  android.permission.VIBRATE

  android.permission.RECEIVE_BOOT_COMPLETED

  android.permission.FOREGROUND_SERVICE

  android.permission.WAKE_LOCK

  android.permission.ACCESS_NETWORK_STATE

  com.google.android.c2dm.permission.RECEIVE

  ir.shz.shzkisi.permission.C2D_MESSAGE

  com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

  android.permission.SEND_SMS

  android.permission.ACCESS_WIFI_STATE

  android.permission.RECEIVE_SMS

  android.permission.READ_CONTACTS

  Receivers

  com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

  com.android.vending.INSTALL_REFERRER

  
  

  com.google.firebase.iid.FirebaseInstanceIdReceiver

  com.google.android.c2dm.intent.RECEIVE

  com.google.android.c2dm.intent.REGISTRATION

  
  

  .starter$starter_BR

  android.intent.action.BOOT_COMPLETED

  
  

  .firebasemessaging$firebasemessaging_BR

  android.intent.action.BOOT_COMPLETED

  android.provider.Telephony.SMS_RECEIVED

  
  

  Services

  com.google.firebase.iid.FirebaseInstanceIdService

  com.google.firebase.INSTANCE_ID_EVENT

  
  

  com.google.firebase.messaging.FirebaseMessagingService

  com.google.firebase.MESSAGING_EVENT

  
  

  anywheresoftware.b4a.objects.FirebaseNotificationsService

  com.google.firebase.MESSAGING_EVENT

  
  
• Toxic-Port.txt
• lmain.bal
• url.txt