bffa577268dd3f0fd462ef5eb17acb61[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

bffa577268dd3f0fd462ef5eb17acb61.bin
Size

23.4MB
MD5

bffa577268dd3f0fd462ef5eb17acb61
SHA1

911af45fa11e153170632b7cac9ef6870fa7c5c9
SHA256

fd08654f0968d07eeb7a51996d1852228c2b9b4924533df90ba47587c1efdb08
SHA512

66d3531786915caea7c796d2f04b172c3a21444055b5f85c2d8c3544efb87e9bfba5997838a45db3feb4961d38003bc2a026c419c6a84c1ff131befb2e094dfc
SSDEEP

393216:khFGyYtRK/xs4FxtL02xDm69Etjf46nJWdCW3AuFDc/h6wAXNYDim17W:qF9Yy/xb1TOhA6JWFwoc/hlU4JW

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 2 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to post notifications.	android.permission.POST_NOTIFICATIONS

Files

bffa577268dd3f0fd462ef5eb17acb61.bin
.apk android

Password: infected

net.chordify.chordify

net.chordify.chordify.presentation.activities.navigation.NavigationActivity

Activities

net.chordify.chordify.presentation.activities.navigation.NavigationActivity

android.intent.action.MAIN
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.SEND

com.facebook.CustomTabActivity

android.intent.action.VIEW
android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.POST_NOTIFICATIONS
android.permission.WAKE_LOCK
com.google.android.gms.permission.AD_ID
com.google.android.c2dm.permission.RECEIVE
android.permission.FOREGROUND_SERVICE
net.chordify.chordify.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

Receivers

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

com.facebook.sdk.ACTION_CURRENT_ACCESS_TOKEN_CHANGED

com.facebook.AuthenticationTokenManager$CurrentAuthenticationTokenChangedBroadcastReceiver

com.facebook.sdk.ACTION_CURRENT_AUTHENTICATION_TOKEN_CHANGED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

android.net.conn.CONNECTIVITY_CHANGE

androidx.work.impl.background.systemalarm.RescheduleReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.background.systemalarm.UpdateProxies

androidx.work.impl.diagnostics.DiagnosticsReceiver

androidx.work.diagnostics.REQUEST_DIAGNOSTICS

androidx.profileinstaller.ProfileInstallReceiver

androidx.profileinstaller.action.INSTALL_PROFILE
androidx.profileinstaller.action.SKIP_FILE
androidx.profileinstaller.action.SAVE_PROFILE
androidx.profileinstaller.action.BENCHMARK_OPERATION

Services

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT
48.wav
49.wav
50.wav
51.wav
52.wav
53.wav
54.wav
55.wav
56.wav
57.wav
58.wav
59.wav
60.wav
61.wav
62.wav
63.wav
64.wav
65.wav
66.wav
67.wav
68.wav
69.wav
70.wav
71.wav
acknowledgements.html
.html
baseline.prof
baseline.profm
css.css
silence.m4a
youtube_embedded_player.html
.js

Android Permissions

bffa577268dd3f0fd462ef5eb17acb61.bin

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.POST_NOTIFICATIONS

android.permission.WAKE_LOCK

com.google.android.gms.permission.AD_ID

com.google.android.c2dm.permission.RECEIVE

android.permission.FOREGROUND_SERVICE

net.chordify.chordify.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

Sharing

General

Malware Config

Signatures

Files

Password: infected

net.chordify.chordify

net.chordify.chordify.presentation.activities.navigation.NavigationActivity

Activities

net.chordify.chordify.presentation.activities.navigation.NavigationActivity

com.facebook.CustomTabActivity

Permissions

Receivers

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

com.facebook.AuthenticationTokenManager$CurrentAuthenticationTokenChangedBroadcastReceiver

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

androidx.work.impl.background.systemalarm.RescheduleReceiver

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.diagnostics.DiagnosticsReceiver

androidx.profileinstaller.ProfileInstallReceiver

Services

com.google.firebase.messaging.FirebaseMessagingService

Android Permissions

bffa577268dd3f0fd462ef5eb17acb61.bin