da804bb34adabe28521773433fe082329f5fc643b4113d9757c64ee4992532be[.]apk[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

da804bb34adabe28521773433fe082329f5fc643b4113d9757c64ee4992532be.apk.zip
Size

58.3MB
MD5

239bd1f2869bf71ffbbaefc1e0885152
SHA1

1d636964b0517110c1eccd48f7a553f4c7f278a1
SHA256

665ad0d4357f1b81ee7213ca62ead22e835aeb238f151610105ddac35f9af83d
SHA512

9e6bf2b930f4a0c25b2bf9c9e597204ba1a79873a6bc6ad54b89587ff52ab18b5ab81d56570c9b55b50e1616e8d79f3bbc192c7556989f2402d718a73dff2d5f
SSDEEP

1572864:GmcLlc+dj8mIMz8LWCXPi96hcQmPdTkyVt:GmcL1xz8Ln/OUcQ4Cet

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 2 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE

Files

da804bb34adabe28521773433fe082329f5fc643b4113d9757c64ee4992532be.apk.zip
.zip

Password: infected
da804bb34adabe28521773433fe082329f5fc643b4113d9757c64ee4992532be.apk
.apk android arch:arm

com.camlyapp.Camly

com.camlyapp.Camly.ui.edit.view.subscriptionBanner.SubscriptionActivityOnLaunch

Activities

com.camlyapp.Camly.ui.edit.EditActivity

android.intent.action.SEND
android.intent.action.EDIT

com.camlyapp.Camly.ui.edit.view.subscriptionBanner.SubscriptionActivityOnLaunch

android.intent.action.MAIN
android.intent.action.VIEW
android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
com.android.vending.BILLING
android.permission.WAKE_LOCK
com.google.android.c2dm.permission.RECEIVE
android.permission.RECEIVE_BOOT_COMPLETED
com.camlyapp.Camly.permission.C2D_MESSAGE

Receivers

com.evernote.android.job.v14.PlatformAlarmReceiver

com.evernote.android.job.v14.RUN_JOB
net.vrallev.android.job.v14.RUN_JOB

com.evernote.android.job.JobBootReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
com.htc.intent.action.QUICKBOOT_POWERON
android.intent.action.MY_PACKAGE_REPLACED

com.camlyapp.Camly.service.gcm.GcmBroadcastReceiver

com.google.android.c2dm.intent.RECEIVE
com.google.android.c2dm.intent.REGISTRATION

com.camlyapp.Camly.service.managers.scheduler.ScheduleBootReceiver

android.intent.action.BOOT_COMPLETED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

android.net.conn.CONNECTIVITY_CHANGE

androidx.work.impl.background.systemalarm.RescheduleReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.background.systemalarm.UpdateProxies

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

com.facebook.sdk.ACTION_CURRENT_ACCESS_TOKEN_CHANGED

Services

com.evernote.android.job.gcm.PlatformGcmService

com.google.android.gms.gcm.ACTION_TASK_READY
1.jpg
1.png
.png
1.svg
.xml
10.png
.png
10.svg
.xml
11.png
.png
11.svg
.xml
12.png
.png
12.svg
.xml
13.png
.png
13.svg
.xml
14.png
.png
14.svg
.xml
15.png
.png
15.svg
.xml
16.png
.png
16.svg
.xml
17.png
.png
17.svg
.xml
18.png
.png
18.svg
.xml
19.png
.png
19.svg
.xml
1942.ttf
2.jpg
2.png
.png
2.svg
.xml
20.png
.png
20.svg
.xml
21.png
.png
21.svg
.xml
22.png
.png
22.svg
.xml
23.png
.png
23.svg
.xml
24.png
.png
24.svg
.xml
25.png
.png
25.svg
.xml
26.png
.png
26.svg
.xml
27.png
.png
27.svg
.xml
28.png
.png
28.svg
.xml
29.png
.png
29.svg
.xml
3.jpg
3.png
.png
3.svg
.xml
30.png
.png
30.svg
.xml
31.png
.png
31.svg
.xml
32.png
.png
32.svg
.xml
33.png
.png
33.svg
.xml
34.png
.png
34.svg
.xml
35.png
.png
35.svg
.xml
36.png
.png
36.svg
.xml
37.svg
.xml
38.svg
.xml
39.svg
.xml
4.jpg
4.png
.png
4.svg
.xml
40.svg
.xml
41.svg
.xml
42.svg
.xml
43.svg
.xml
44.svg
.xml
45.svg
.xml
46.svg
.xml
47.svg
.xml
48.svg
.xml
49.svg
.xml
5.jpg
5.png
.png
5.svg
.xml
50.svg
.xml
51.svg
.xml
52.svg
.xml
53.svg
.xml
54.svg
.xml
55.svg
.xml
56.svg
.xml
57.svg
.xml
58.svg
.xml
59.svg
.xml
6.jpg
6.png
.png
6.svg
.xml
60.svg
.xml
61.svg
.xml
62.svg
.xml
63.svg
.xml
64.svg
.xml
65.svg
.xml
66.svg
.xml
67.svg
.xml
68.svg
.xml
69.svg
.xml
7.jpg
7.png
.png
7.svg
.xml
70.svg
.xml
71.svg
.xml
72.svg
.xml
73.svg
.xml
74.svg
.xml
75.svg
.xml
76.svg
.xml
77.svg
.xml
78.svg
.xml
79.svg
.xml
8.jpg
8.png
.png
8.svg
.xml
80.svg
.xml
81.svg
.xml
82.svg
.xml
83.svg
.xml
84.svg
.xml
9.png
.png
9.svg
.xml
AlfaSlabOne-Regular.ttf
Amaranth-Bold.otf
Amaranth-BoldItalic.otf
Amaranth-Italic.otf
Amaranth-Regular.otf
Antonio-Bold.ttf
Antonio-Light.ttf
Antonio-Regular.ttf
BLOODY.ttf
Barrio-Regular.otf
BebasNeue.otf
BlackCasper.ttf
Chunkfive.otf
Curly_patterns_2-01.jpg
Curly_patterns_2-02.jpg
Curly_patterns_2-03.jpg
Curly_patterns_2-04.jpg
Curly_patterns_2-05.jpg
Curly_patterns_2-06.jpg
Curly_patterns_2-07.jpg
Curly_patterns_2-08.jpg
Curly_patterns_2-09.jpg
Curly_patterns_2-10.jpg
DESTROY_.ttf
DISCO___.ttf
Deutsch.ttf
Fascinate-Regular.otf
FascinateInline-Regular.otf
Forque.ttf
GrandHotel-Regular.otf
GrutchShaded.ttf
HVD_Bodedo.ttf
Headhunter-Regular.ttf
IFC INSANE RODEO BOLD Bold.ttf
IFC INSANE RODEO.ttf
Impact_Label.ttf
Impact_Label_Reversed.ttf
JosefinSans-Bold.ttf
JosefinSans-BoldItalic.ttf
JosefinSans-Italic.ttf
JosefinSans-Light.ttf
JosefinSans-LightItalic.ttf
JosefinSans-Regular.ttf
JosefinSans-SemiBold.ttf
JosefinSans-SemiBoldItalic.ttf
JosefinSans-Thin.ttf
JosefinSans-ThinItalic.ttf
KaushanScript-Regular.otf
Kavoon-Regular.otf
Kingthings_Calligraphica_2.ttf
Kingthings_Calligraphica_Italic.ttf
Kingthings_Calligraphica_Light.ttf
Kingthings_Italique.ttf
Kirsty.ttf
KirstyBold.ttf
KirstyBoldItalic.ttf
KirstyItalic.ttf
Kreon-Bold.ttf
Kreon-Light.ttf
Kreon-Regular.ttf
LANENAR_.ttf
LANEPOSH.ttf
LANEUP__.ttf
LeagueGothic-CondensedItalic.otf
LeagueGothic-CondensedRegular.otf
LeagueGothic-Italic.otf
LeagueGothic-Regular.otf
LeckerliOne-Regular.otf
Monoton-Regular.ttf
Mothproof_Script.ttf
MyUnderwood.ttf
MyriadArabic-Bold.otf
MyriadArabic-BoldIt.otf
MyriadArabic-It.otf
MyriadArabic-Regular.otf
MyriadHebrew-Bold.otf
MyriadHebrew-BoldIt.otf
MyriadHebrew-It.otf
MyriadHebrew-Regular.otf
MyriadPro-Bold.otf
MyriadPro-BoldCond.otf
MyriadPro-BoldCondIt.otf
MyriadPro-BoldIt.otf
MyriadPro-Cond.otf
MyriadPro-CondIt.otf
MyriadPro-It.otf
MyriadPro-Regular.otf
MyriadPro-Semibold.otf
MyriadPro-SemiboldIt.otf
Note_this.ttf
Operatinginstructions.ttf
Pacifico.ttf
PaulMaul-b.ttf
PaulMaul.ttf
Risque-Regular.otf
RobotoSlab-Bold.ttf
RobotoSlab-Light.ttf
RobotoSlab-Regular.ttf
RobotoSlab-Thin.ttf
SF_Toontime.ttf
SF_Toontime_Blotch.ttf
SF_Toontime_Blotch_Italic.ttf
SF_Toontime_Bold.ttf
SF_Toontime_Bold_Italic.ttf
SF_Toontime_Italic.ttf
Santana-Black.ttf
Santana-BlackCondensed.ttf
Santana-Bold.ttf
Santana-RegularCondensed.ttf
Santana.ttf
Signika-Bold.otf
Signika-Light.otf
Signika-Regular.otf
Signika-Semibold.otf
Softfade.ttf
Softplain.ttf
SpicyRice-Regular.otf
TZDB.dat
Top_Secret.ttf
UbuntuTitling-Bold.ttf
Vintage_seamless_patterns-01.jpg
Vintage_seamless_patterns-02.jpg
Windsong.ttf
akaPosse.ttf
archive.zip.001
archive.zip.002
archive.zip.003
banksb20.ttf
banksb26.ttf
banksia.ttf
belligerent.ttf
closebutton.html
.html
comic_zine_ot.otf
config.txt
countdown_image.png
.png
crashlytics-build.properties
ds_pixel_cyr-webfont.ttf
empty.png
.png
filters.json
goodfoot.ttf
know_your_product.ttf
launica.ttf
mobvista_jscommon_authtext.html
.html .js
mraid.js
.js
myriadpro-semibold_opentype.ttf
myriadpro-semibold_opentype_0.ttf
myriadpro-semicn.otf
osmcore_arm
.elf linux arm
osmcore_arm_pie
.elf linux arm
porter-sans-inline-block.otf
rabiohead.ttf
roboto_regular.ttf
rothenbg.ttf
seamlesstexture15_500_s.jpg
.jpg
seamlesstexture25_500_s.jpg
.jpg
seamlesstexture26_500_s.jpg
.jpg
settings.txt
spilt-ink.ttf
tj_close_button.png
.png
true-crimes.ttf
umbrage2.ttf
veteran_typewriter.ttf
zero_and_zero_is.ttf

Sharing

General

Malware Config

Signatures

Files

Password: infected

com.camlyapp.Camly

com.camlyapp.Camly.ui.edit.view.subscriptionBanner.SubscriptionActivityOnLaunch

Activities

com.camlyapp.Camly.ui.edit.EditActivity

com.camlyapp.Camly.ui.edit.view.subscriptionBanner.SubscriptionActivityOnLaunch

Permissions

Receivers

com.evernote.android.job.v14.PlatformAlarmReceiver

com.evernote.android.job.JobBootReceiver

com.camlyapp.Camly.service.gcm.GcmBroadcastReceiver

com.camlyapp.Camly.service.managers.scheduler.ScheduleBootReceiver

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

androidx.work.impl.background.systemalarm.RescheduleReceiver

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

Services

com.evernote.android.job.gcm.PlatformGcmService