11566166199[.]zip

Resubmissions

23-08-2023 14:52

230823-r841zscg84 7

23-08-2023 14:37

230823-rzae1scf85 7

23-08-2023 14:32

230823-rwlnwacf75 7

Sharing

Copy URL

Twitter E-mail

General

Target

11566166199.zip
Size

18.4MB
MD5

7c91544ef492cc2363165ef428595bc9
SHA1

00c4e6e56e890adaf5b90364ab2950d80fe9d2ba
SHA256

0ee9eaa5d437cc12945ecdfe43f41413589a5d947474f1b7fd4426e88fad319c
SHA512

367018f8ece9d2279f9a37caebb43ad503216d3b8e8ddbe05e5dee478b88a45c9b4dfe3849a46317928ecb59c08393800c656b96b9e6375695997f1f884c0127
SSDEEP

393216:JZUGPQQgv6eYmt5koegZDMtTtmvGMiRQOEB6uAjNvoj2qav5G:JVPnm7koegqtTtmvGMiN26usqjvaRG

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 2 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE

Files

11566166199.zip
.zip

Password: infected
031e99a4bb3cd925baffc1ee3fb9376d714f546e5465ac3e20625c461848d0b3
.apk android arch:arm

Password: infected

com.sportzfy.inc

com.sportzfy.inc.ui.SplashActivity

Activities

com.sportzfy.inc.ui.SplashActivity

android.intent.action.MAIN

com.sportzfy.inc.player.player

android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

com.onesignal.NotificationOpenedActivityHMS

android.intent.action.VIEW

Permissions

android.permission.REQUEST_DELETE_PACKAGES
android.permission.INTERNET
android.permission.VIBRATE
android.permission.ACCESS_NETWORK_STATE
android.permission.BLUETOOTH
android.permission.ACCESS_WIFI_STATE
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.WAKE_LOCK
com.sportzfy.inc.permission.C2D_MESSAGE
com.google.android.c2dm.permission.RECEIVE
android.permission.RECEIVE_BOOT_COMPLETED
com.sec.android.provider.badge.permission.READ
com.sec.android.provider.badge.permission.WRITE
com.htc.launcher.permission.READ_SETTINGS
com.htc.launcher.permission.UPDATE_SHORTCUT
com.sonyericsson.home.permission.BROADCAST_BADGE
com.sonymobile.home.permission.PROVIDER_INSERT_BADGE
com.anddoes.launcher.permission.UPDATE_COUNT
com.majeur.launcher.permission.UPDATE_BADGE
com.huawei.android.launcher.permission.CHANGE_BADGE
com.huawei.android.launcher.permission.READ_SETTINGS
com.huawei.android.launcher.permission.WRITE_SETTINGS
android.permission.READ_APP_BADGE
com.oppo.launcher.permission.READ_SETTINGS
com.oppo.launcher.permission.WRITE_SETTINGS
me.everything.badger.permission.BADGE_COUNT_READ
me.everything.badger.permission.BADGE_COUNT_WRITE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.FOREGROUND_SERVICE
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
com.google.android.gms.permission.AD_ID

Receivers

com.onesignal.FCMBroadcastReceiver

com.google.android.c2dm.intent.RECEIVE

com.onesignal.BootUpReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

com.onesignal.UpgradeReceiver

android.intent.action.MY_PACKAGE_REPLACED

io.popanet.receiver.BootupReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
com.htc.intent.action.QUICKBOOT_POWERON
android.intent.action.SCREEN_ON

io.popanet.support.NetworkStateReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

com.startapp.sdk.adsbase.remoteconfig.BootCompleteListener

android.intent.action.BOOT_COMPLETED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

android.net.conn.CONNECTIVITY_CHANGE

androidx.work.impl.background.systemalarm.RescheduleReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.background.systemalarm.UpdateProxies

androidx.work.impl.diagnostics.DiagnosticsReceiver

androidx.work.diagnostics.REQUEST_DIAGNOSTICS

Services

com.sportzfy.inc.ui.pushNotificationService

com.google.firebase.MESSAGING_EVENT

com.onesignal.HmsMessageServiceOneSignal

com.huawei.push.action.MESSAGING_EVENT

io.popanet.service.PopaService

android.net.VpnService

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT
TZDB.dat
client.jks
client2.jks

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

com.sportzfy.inc

com.sportzfy.inc.ui.SplashActivity

Activities

com.sportzfy.inc.ui.SplashActivity

com.sportzfy.inc.player.player

com.onesignal.NotificationOpenedActivityHMS

Permissions

Receivers

com.onesignal.FCMBroadcastReceiver

com.onesignal.BootUpReceiver

com.onesignal.UpgradeReceiver

io.popanet.receiver.BootupReceiver

io.popanet.support.NetworkStateReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.startapp.sdk.adsbase.remoteconfig.BootCompleteListener

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

androidx.work.impl.background.systemalarm.RescheduleReceiver

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.diagnostics.DiagnosticsReceiver

Services

com.sportzfy.inc.ui.pushNotificationService

com.onesignal.HmsMessageServiceOneSignal

io.popanet.service.PopaService

com.google.firebase.messaging.FirebaseMessagingService