install-16[.]12[.]apk

Resubmissions

03/10/2023, 09:19

231003-k96smsbe22 8

03/10/2023, 09:07

231003-k3cafsbd76 8

Sharing

Copy URL Twitter E-mail

General

Target

install-16.12.apk
Size

15.0MB
MD5

0facce127c4ad79e6ea9449632fd632d
SHA1

10ae0f6b3a106ecea4aa5e6072d866f6e87c8206
SHA256

42225071d0547eb6ba424b6a14da67aa5d016b583dd72bb2ba5e6168336acccc
SHA512

691db2275ff93f56da22c6e862722df41a0a22c8bcb3ff3edfbd88961ca6ae8e5598e9c35ebed2f7c7a7a05b025b6a55936ed479d7805fbbab2f4c13efffa907
SSDEEP

393216:xR7YwPwVJAVTFXu9e91NVhJcn7NQr4yVRyRoE4rgDn:x9hPYLe91Ne7NQcinMj

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 19 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an app to post notifications.	android.permission.POST_NOTIFICATIONS
Allows an application to read the user's calendar data.	android.permission.READ_CALENDAR
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to see the number being dialed during an outgoing call with the option to redirect the call to a different number or abort the call altogether.	android.permission.PROCESS_OUTGOING_CALLS
Allows an app to access location in the background.	android.permission.ACCESS_BACKGROUND_LOCATION
Allows an application to write (but not read) the user's call log data.	android.permission.WRITE_CALL_LOG
Allows an application to read the user's call log.	android.permission.READ_CALL_LOG
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to monitor incoming MMS messages.	android.permission.RECEIVE_MMS
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE

Files

install-16.12.apk
.apk android arch:x86 arch:arm arch:x64 arch:arm64

com.spa_app.alarm

com.spa_app.alarm.MainActivity

Activities

Permissions

android.permission.CHANGE_WIFI_STATE
android.permission.INTERNET
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_PHONE_STATE
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.RECEIVE_SMS
android.permission.READ_SMS
android.permission.FOREGROUND_SERVICE
android.permission.ACCESS_COARSE_LOCATION
android.permission.GET_ACCOUNTS
android.permission.ACCESS_WIFI_STATE
android.permission.MANAGE_ACCOUNTS
android.permission.ACCESS_NETWORK_STATE
android.permission.BLUETOOTH
android.permission.POST_NOTIFICATIONS
com.android.browser.permission.READ_HISTORY_BOOKMARKS
com.android.browser.permission.WRITE_HISTORY_BOOKMARKS
android.permission.READ_CALENDAR
android.permission.RECORD_AUDIO
android.permission.READ_EXTERNAL_STORAGE
android.permission.PROCESS_OUTGOING_CALLS
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_BACKGROUND_LOCATION
android.permission.WRITE_CALL_LOG
android.permission.READ_CALL_LOG
android.permission.CHANGE_NETWORK_STATE
android.permission.BIND_ACCESSIBILITY_SERVICE
android.permission.READ_CONTACTS
android.permission.ACCESS_FINE_LOCATION
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.CAMERA
android.permission.KILL_BACKGROUND_PROCESSES
android.hardware.camera.autofocus
android.permission.RECEIVE_MMS
android.permission.GET_TASKS
android.permission.WAKE_LOCK
android.permission.FLASHLIGHT
android.permission.BROADCAST_STICKY
android.permission.CAPTURE_AUDIO_OUTPUT
android.permission.MODIFY_PHONE_STATE
android.permission.CALL_PHONE
android.permission.PACKAGE_USAGE_STATS
android.permission.VOICE_COMMUNICATION
android.permission.CAMCORDER
android.permission.SYSTEM_ALERT_WINDOW
android.permission.ACCESS_RESTRICTED_SETTINGS
com.google.android.c2dm.permission.RECEIVE
com.spa_app.alarm.permission.C2D_MESSAGE

Receivers

com.spa_app.alarm.MySetupBoot

android.intent.action.BOOT_COMPLETED
android.intent.action.REBOOT
android.intent.action.ACTION_BOOT_COMPLETED
android.intent.action.ACTION_SHUTDOWN
android.intent.action.QUICKBOOT_POWEROFF
android.intent.action.QUICKBOOT_POWERON
com.htc.intent.action.QUICKBOOT_POWEROFF
com.htc.intent.action.QUICKBOOT_POWERON

com.spa_app.alarm.PhoneCallReceiver

android.intent.action.PHONE_STATE
android.intent.action.NEW_OUTGOING_CALL

com.spa_app.alarm.SMSReceiver

android.provider.Telephony.SMS_RECEIVED
android.provider.Telephony.SMS_SENT
android.provider.Telephony.NEW_OUTGOING_SMS

com.spa_app.alarm.MMSReceiver

android.provider.Telephony.WAP_PUSH_RECEIVED
android.provider.Telephony.MMS_RECEIVED

com.spa_app.alarm.ChangedRingerMode

android.media.RINGER_MODE_CHANGED
android.media.VIBRATE_SETTING_CHANGED

com.spa_app.alarm.ScreenChancedReceiver

android.intent.action.USER_PRESENT
android.intent.action.SCREEN_ON
android.intent.action.SCREEN_OFF

com.spa_app.alarm.MyNetworkChangeReceiver

android.net.conn.CONNECTIVITY_CHANGE
android.net.wifi.WIFI_STATE_CHANGED

com.spa_app.alarm.PackageChangeReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REPLACED
android.intent.action.PACKAGE_REMOVED

com.spa_app.alarm.CalendarChangedReceiver

android.intent.action.PROVIDER_CHANGED

com.spa_app.alarm.DeviceAdminSampleReceiver

android.app.action.DEVICE_ADMIN_ENABLED
android.app.action.DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_DISABLED

com.spa_app.alarm.receivers.MyPlugInControlReceiver

android.intent.action.ACTION_POWER_CONNECTED

com.spa_app.alarm.receivers.MySystemCalls

android.intent.action.AIRPLANE_MODE
android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW
android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

android.net.conn.CONNECTIVITY_CHANGE

androidx.work.impl.background.systemalarm.RescheduleReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.background.systemalarm.UpdateProxies

Services

com.spa_app.alarm.services.MyNotificationListener

android.service.notification.NotificationListenerService

com.spa_app.alarm.services.MyAccessibilityService

android.accessibilityservice.AccessibilityService

com.spa_app.alarm.receivers.MyFirebaseInstanceIDService

com.google.firebase.INSTANCE_ID_EVENT

com.spa_app.alarm.services.MyFirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.iid.FirebaseInstanceIdService

com.google.firebase.INSTANCE_ID_EVENT

Android Permissions

install-16.12.apk

Permissions

android.permission.CHANGE_WIFI_STATE

android.permission.INTERNET

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_PHONE_STATE

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS

android.permission.RECEIVE_SMS

android.permission.READ_SMS

android.permission.FOREGROUND_SERVICE

android.permission.ACCESS_COARSE_LOCATION

android.permission.GET_ACCOUNTS

android.permission.ACCESS_WIFI_STATE

android.permission.MANAGE_ACCOUNTS

android.permission.ACCESS_NETWORK_STATE

android.permission.BLUETOOTH

android.permission.POST_NOTIFICATIONS

com.android.browser.permission.READ_HISTORY_BOOKMARKS

com.android.browser.permission.WRITE_HISTORY_BOOKMARKS

android.permission.READ_CALENDAR

android.permission.RECORD_AUDIO

android.permission.READ_EXTERNAL_STORAGE

android.permission.PROCESS_OUTGOING_CALLS

android.permission.CHANGE_WIFI_STATE

android.permission.ACCESS_BACKGROUND_LOCATION

android.permission.WRITE_CALL_LOG

android.permission.READ_CALL_LOG

android.permission.CHANGE_NETWORK_STATE

android.permission.BIND_ACCESSIBILITY_SERVICE

android.permission.READ_CONTACTS

android.permission.ACCESS_FINE_LOCATION

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.CAMERA

android.permission.KILL_BACKGROUND_PROCESSES

android.hardware.camera.autofocus

android.permission.RECEIVE_MMS

android.permission.GET_TASKS

android.permission.WAKE_LOCK

android.permission.FLASHLIGHT

android.permission.BROADCAST_STICKY

android.permission.CAPTURE_AUDIO_OUTPUT

android.permission.MODIFY_PHONE_STATE

android.permission.CALL_PHONE

android.permission.PACKAGE_USAGE_STATS

android.permission.VOICE_COMMUNICATION

android.permission.CAMCORDER

android.permission.SYSTEM_ALERT_WINDOW

android.permission.ACCESS_RESTRICTED_SETTINGS

com.google.android.c2dm.permission.RECEIVE

com.spa_app.alarm.permission.C2D_MESSAGE

Resubmissions

Sharing

General

Malware Config

Signatures

Files

com.spa_app.alarm

com.spa_app.alarm.MainActivity

Activities

Permissions

Receivers

com.spa_app.alarm.MySetupBoot

com.spa_app.alarm.PhoneCallReceiver

com.spa_app.alarm.SMSReceiver

com.spa_app.alarm.MMSReceiver

com.spa_app.alarm.ChangedRingerMode

com.spa_app.alarm.ScreenChancedReceiver

com.spa_app.alarm.MyNetworkChangeReceiver

com.spa_app.alarm.PackageChangeReceiver

com.spa_app.alarm.CalendarChangedReceiver

com.spa_app.alarm.DeviceAdminSampleReceiver

com.spa_app.alarm.receivers.MyPlugInControlReceiver

com.spa_app.alarm.receivers.MySystemCalls

com.google.firebase.iid.FirebaseInstanceIdReceiver

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

androidx.work.impl.background.systemalarm.RescheduleReceiver

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

Services

com.spa_app.alarm.services.MyNotificationListener

com.spa_app.alarm.services.MyAccessibilityService

com.spa_app.alarm.receivers.MyFirebaseInstanceIDService

com.spa_app.alarm.services.MyFirebaseMessagingService

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.iid.FirebaseInstanceIdService

Android Permissions

install-16.12.apk