3cafa8eac940c7e52eac516a877319e4d413a811517cbcec22e9afeea27adea6[.]apk[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

3cafa8eac940c7e52eac516a877319e4d413a811517cbcec22e9afeea27adea6.apk.zip
Size

58.9MB
MD5

5dbc595029c2e39b9d46d8e375c351bf
SHA1

4f141e0a6f8d65f1fd910d4eb2e0681e09c78d24
SHA256

f3c4c5ba5af5046888a9be9eb23dcf337cec97ba10a6e5399fbc44e38a5e328f
SHA512

1ca2357e3d689f39158f33e9892f1b78000db448f2d0c05f70762d78b1eb4dd901fb930ada5b3bb6bc0627055fe82737188073d75429084bccd56e3a11cfd013
SSDEEP

1572864:wKwz7o01roQl+h9WP5q6d2djYor09L1/rr7EVhLo0OlV:wK28MEQl+mRJ9ouL1/DWiV

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 17 IoCs

description	ioc
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to receive WAP push messages.	android.permission.RECEIVE_WAP_PUSH
Allows an application to monitor incoming MMS messages.	android.permission.RECEIVE_MMS
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS
Allows an application to read the user's call log.	android.permission.READ_CALL_LOG
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Required to be able to access the camera device.	android.permission.CAMERA

Files

3cafa8eac940c7e52eac516a877319e4d413a811517cbcec22e9afeea27adea6.apk.zip
.zip

Password: infected
3cafa8eac940c7e52eac516a877319e4d413a811517cbcec22e9afeea27adea6.apk
.apk android arch:arm

com.anite.handy

com.anite.handy.ui.core.ResumeActivity

Activities

com.anite.handy.ui.core.ResumeActivity

android.intent.action.MAIN

com.anite.handy.ui.dialog.FileExplorerActivity

android.intent.action.SEARCH

com.anite.handy.ui.script.ScriptEditorActivity

android.intent.action.VIEW
android.intent.action.EDIT

com.dropbox.core.android.AuthActivity

android.intent.action.VIEW

com.anite.handy.mms.ComposeActivity

android.intent.action.SEND
android.intent.action.SENDTO

com.anite.handy.engine.indoormap.IbwImportActivity

android.intent.action.ibwc.OPEN

com.anite.handy.ui.core.ReceivingSimpleDataActivity

android.intent.action.SEND

jp.line.android.sdk.activity.LineAuthCompleteActivity

android.intent.action.VIEW

Permissions

android.permission.RECEIVE_BOOT_COMPLETED
android.permission.ACCESS_FINE_LOCATION
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.CALL_PHONE
android.permission.GET_TASKS
android.permission.INTERNET
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.READ_PHONE_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WAKE_LOCK
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.RECEIVE_SMS
android.permission.SEND_SMS
android.permission.VIBRATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.RECORD_AUDIO
android.permission.ACCESS_SUPERUSER
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.RECEIVE_WAP_PUSH
android.permission.RECEIVE_MMS
android.permission.WRITE_SETTINGS
android.permission.ACCESS_COARSE_LOCATION
android.permission.READ_CONTACTS
android.permission.WRITE_CONTACTS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.READ_CALL_LOG
android.permission.GET_ACCOUNTS
android.permission.CAMERA
com.trx.neon.environment.buildings
com.trx.neon.environment.floorplans
com.trx.neon.EnvironmentDataPermission

Receivers

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.anite.handy.app.BootReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
com.htc.intent.action.QUICKBOOT_POWERON

com.anite.handy.automat.utils.SmsReceiver

android.provider.Telephony.SMS_RECEIVED

com.anite.handy.app.RemoteLogger

com.anite.handy.app.RemoteLogger

com.anite.handy.app.UpdateReceiver

android.intent.action.MY_PACKAGE_REPLACED

com.anite.handy.app.ShutdownReceiver

android.intent.action.ACTION_SHUTDOWN
android.intent.action.QUICKBOOT_POWEROFF

com.anite.handy.mms.SmsReceiver

android.provider.Telephony.SMS_DELIVER

com.anite.handy.mms.MmsReceiver

android.provider.Telephony.WAP_PUSH_DELIVER

Services

com.anite.handy.nmr.lan.LanService

com.anite.handy.lan.StartLanService
com.anite.handy.lan.BindLanService

com.anite.handy.mms.HeadlessSmsSendService

android.intent.action.RESPOND_VIA_MESSAGE
ConditionParameters.xcnf
.xml
Full Report.xml
.xml
HandyRadio.zip
.zip
arm64-v8a/libhandyradio.so
.elf linux aarch64
armeabi-v7a/libhandyradio.so
.elf linux arm
x86/libhandyradio.so
.elf linux x86
x86_64/libhandyradio.so
.elf linux x64
LICENSE.txt
LTE Report.xml
.xml
LTE and CDMA Summary Report.xml
.xml
LTE and UMTS Summary Report.xml
.xml
NblRsaPublic.key
NemoService.apk
.apk android

com.anite.nemoservice

Permissions

android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.BROADCAST_STICKY
android.permission.CAPTURE_AUDIO_OUTPUT
android.permission.ACCESS_SUPERUSER
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_MOCK_LOCATION
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.INSTALL_LOCATION_PROVIDER
android.permission.LOCATION_HARDWARE
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.BLUETOOTH_PRIVILEGED
android.permission.NFC
android.permission.CONNECTIVITY_INTERNAL
android.permission.RECEIVE_DATA_ACTIVITY_CHANGE
android.permission.CHANGE_WIFI_MULTICAST_STATE
android.permission.WAKE_LOCK
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.MANAGE_USB
android.permission.RECORD_AUDIO
android.permission.PROCESS_OUTGOING_CALLS
android.permission.MODIFY_PHONE_STATE
android.permission.READ_PHONE_STATE
android.permission.READ_PRIVILEGED_PHONE_STATE
android.permission.CALL_PHONE
android.permission.USE_SIP
android.permission.BIND_CALL_SERVICE
android.permission.GET_TASKS
android.permission.INTERACT_ACROSS_USERS
android.permission.MANAGE_USERS
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.SYSTEM_ALERT_WINDOW
android.permission.SET_TIME
android.permission.SET_TIME_ZONE
android.permission.CHANGE_CONFIGURATION
android.permission.WRITE_SETTINGS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WRITE_APN_SETTINGS
android.permission.CHANGE_NETWORK_STATE
android.permission.MANAGE_CA_CERTIFICATES
android.permission.WRITE_SECURE_SETTINGS
android.permission.DUMP
android.permission.READ_LOGS
android.permission.UPDATE_DEVICE_STATS
android.permission.GET_APP_OPS_STATS
android.permission.UPDATE_APP_OPS_STATS
android.permission.SHUTDOWN
android.permission.MANAGE_DEVICE_ADMINS
android.permission.INSTALL_PACKAGES
android.permission.DELETE_PACKAGES
android.permission.MOVE_PACKAGE
android.permission.CHANGE_COMPONENT_ENABLED_STATE
android.permission.READ_FRAME_BUFFER
android.permission.REBOOT
android.permission.CALL_PRIVILEGED
android.permission.CONTROL_LOCATION_UPDATES
android.permission.ACCESS_CHECKIN_PROPERTIES
android.permission.ACCESS_CACHE_FILESYSTEM
android.permission.READ_NETWORK_USAGE_HISTORY
android.permission.ACCESS_NOTIFICATIONS
android.permission.INVOKE_CARRIER_SETUP
android.permission.ACCESS_NETWORK_CONDITIONS
android.permission.TETHER_PRIVILEGED

Services

com.anite.nemoservice.NemoService

com.anite.nemoservice.BIND
logback.xml
.xml
ReportLayoutKey.aes
Roboto-Black.ttf
Roboto-Regular.ttf
Summary Report.xml
.xml
YourLogo.png
.png
agents.zip
.zip
agent-01
.elf linux arm
agent-02
.elf linux arm
apache_license.html
.html
app_version.csv
bin.zip
.zip
dexhax
.elf linux arm
hrlversion
.elf linux arm
iperf-jni
.elf linux arm
libhrl_nemoservice.so
.elf linux arm
qmisend
.elf linux arm
tcpdump
.elf linux arm
tcpdump.arm64-v8a
.elf linux aarch64
tcpdump.legacy
.elf linux arm
tinycap
.elf linux arm
tinymix
.elf linux arm
tinyplay
.elf linux arm
udsproxy
.elf linux arm
browser-profile.zip
.zip
extensions/[email protected]
.zip
README.md
bootstrap.js
data/nemo-browser.html
data/ws-worker.js
.js
icon.png
.png
index.js
.js
install.rdf
.xml
lib/debug.js
.js
lib/netmon-session.js
.js
lib/netmonitor/DevToolsUtils.js
.js
lib/netmonitor/network-helper.js
.js
lib/netmonitor/network-monitor.js
.js
lib/set-prefs.js
.js .vbs
lib/tab-control.js
.js
lib/ws-connection.js
.js
package.json
info.json
user.js
device_pictures.zip
.zip
100_HTC_OneS.png
.png
102_105_106_HTC_One.png
.png
121_122_Sony_Xperia_Z.png
.png
130_131_132_133_134_136_137_138_139_142_143_144_147_148_Samsung_Galaxy_S4.png
.png
135_Samsung_Galaxy_S4_Active.png
.png
140_141_Samsung_Galaxy_Note_8.0.png
.png
62_HTC_Velocity.png
.png
70_71_72_73_74_Samsung_Galaxy_S2II.png
.png
80_81_82_83_89_Samsung_Note10_1.png
.png
88_103_106_107_108_145_146_Samsung_Galaxy_NoteII.png
.png
90_91_92_93_94_95_86_87_97_98_99_Samsung_Galaxy_SIII.png
.png
96_Samsung_Galaxy_Note_LTE.png
.png
default.png
.png
epl-v10.html
.html
eula.txt
ff2.xml
filedialog_license.html
.html
gnu_lesser_general_public_license.html
.html
handy-a help.pdf
.pdf
handyicon.png
.png
iot_tester_pdf_template.xml
iperf_license.html
.html
logback.xml
.xml
nemologo.png
.png
openssl_license.html
.html
pevqs_samples.zip
.zip
pevqslibs.zip
.zip
pevqslibs64.zip
.zip
samples.zip
.zip
script_qc_reset_modem_subsys_sh.txt
.sh linux
script_qc_test_reset_modem_subsys_force_related_sh.txt
.sh linux
script_qc_test_reset_modem_subsys_sh.txt
.sh linux
script_rndis.sh
.sh linux
script_rndis_sony.sh
.sh linux
site_verification_pdf_template.xml
slf4j_license.html
.html
trxneon.html
.html
udsproxy
.elf linux arm
webviewhomepage.html
.html

Sharing

General

Malware Config

Signatures

Files

Password: infected

com.anite.handy

com.anite.handy.ui.core.ResumeActivity

Activities

com.anite.handy.ui.core.ResumeActivity

com.anite.handy.ui.dialog.FileExplorerActivity

com.anite.handy.ui.script.ScriptEditorActivity

com.dropbox.core.android.AuthActivity

com.anite.handy.mms.ComposeActivity

com.anite.handy.engine.indoormap.IbwImportActivity

com.anite.handy.ui.core.ReceivingSimpleDataActivity

jp.line.android.sdk.activity.LineAuthCompleteActivity

Permissions

Receivers

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.anite.handy.app.BootReceiver

com.anite.handy.automat.utils.SmsReceiver

com.anite.handy.app.RemoteLogger

com.anite.handy.app.UpdateReceiver

com.anite.handy.app.ShutdownReceiver

com.anite.handy.mms.SmsReceiver

com.anite.handy.mms.MmsReceiver

Services

com.anite.handy.nmr.lan.LanService

com.anite.handy.mms.HeadlessSmsSendService

com.anite.nemoservice

Permissions

Services

com.anite.nemoservice.NemoService