52247705447e128a1de32574b74a7f82c13cd58124ae366e454e14d7a640cce7

Sharing

Copy URL Twitter E-mail

General

Target

52247705447e128a1de32574b74a7f82c13cd58124ae366e454e14d7a640cce7
Size

7.2MB
MD5

92c5d21942bffb13cc52964f764a84bb
SHA1

11fbabf8def068d6d20a6be9e1797e9de4ebe5dd
SHA256

52247705447e128a1de32574b74a7f82c13cd58124ae366e454e14d7a640cce7
SHA512

1a3f7fffcc8ecd6a1222e7b690079183f0fb368ec50a30bfaf39d6e310dc75a8325c1db5b095809fc4e9042a40a51e8a3d58bc2814789af35c6366c23c4efc07
SSDEEP

196608:tEsNk/RnlmoY0I8wrutOQPPb0yZAhG4B3Yu8CFCgUaicwSa3:tbG5lGowr6XPgyZAg4WuVFrCcLa3

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 1 IoCs

description	ioc
Allows an app to post notifications.	android.permission.POST_NOTIFICATIONS

Files

52247705447e128a1de32574b74a7f82c13cd58124ae366e454e14d7a640cce7
.zip
app-release.apk
.apk android arch:arm64 arch:x64

dev.sora.protohax

dev.sora.protohax.ui.activities.MainActivity

Activities

dev.sora.protohax.ui.activities.MainActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.FOREGROUND_SERVICE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.QUERY_ALL_PACKAGES
android.permission.FOREGROUND_SERVICE_SPECIAL_USE
android.permission.POST_NOTIFICATIONS
android.permission.ACCESS_NETWORK_STATE
android.permission.WAKE_LOCK
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
com.google.android.gms.permission.AD_ID
dev.sora.protohax.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

Receivers

androidx.profileinstaller.ProfileInstallReceiver

androidx.profileinstaller.action.INSTALL_PROFILE
androidx.profileinstaller.action.SKIP_FILE
androidx.profileinstaller.action.SAVE_PROFILE
androidx.profileinstaller.action.BENCHMARK_OPERATION

Services

dev.sora.protohax.relay.service.AppService

android.net.VpnService
dev.sora.libmitm.vpn.start
dev.sora.libmitm.vpn.stop
baseline.prof
baseline.profm
block_hardness.json
index.json
item_tags.json
music.nbs
runtime_block_states_388.dat
.gz
runtime_block_states_388.dat
runtime_block_states_389.dat
.gz
runtime_block_states_389.dat
runtime_block_states_407.dat
.gz
runtime_block_states_407.dat
runtime_block_states_419.dat
.gz
runtime_block_states_419.dat
runtime_block_states_428.dat
.gz
runtime_block_states_428.dat
runtime_block_states_440.dat
.gz
runtime_block_states_440.dat
runtime_block_states_448.dat
.gz
runtime_block_states_448.dat
runtime_block_states_465.dat
.gz
runtime_block_states_471.dat
.gz
runtime_block_states_486.dat
.gz
runtime_block_states_503.dat
.gz
runtime_block_states_527.dat
.gz
runtime_block_states_544.dat
.gz
runtime_block_states_560.dat
.gz
runtime_block_states_567.dat
.gz
runtime_block_states_575.dat
.gz
runtime_block_states_582.dat
.gz
runtime_block_states_589.dat
.gz
runtime_item_states_361.json
runtime_item_states_419.json
runtime_item_states_440.json
runtime_item_states_448.json
runtime_item_states_475.json
runtime_item_states_486.json
runtime_item_states_503.json
runtime_item_states_527.json
runtime_item_states_534.json
runtime_item_states_560.json
runtime_item_states_567.json
runtime_item_states_575.json
runtime_item_states_582.json
runtime_item_states_589.json

Sharing

General

Malware Config

Signatures

Files

dev.sora.protohax

dev.sora.protohax.ui.activities.MainActivity

Activities

dev.sora.protohax.ui.activities.MainActivity

Permissions

Receivers

androidx.profileinstaller.ProfileInstallReceiver

Services

dev.sora.protohax.relay.service.AppService