c95f15d6ed26c541e69c09c858774ef918d69d110beb09cb83c20e1c325302d1[.]apk[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

c95f15d6ed26c541e69c09c858774ef918d69d110beb09cb83c20e1c325302d1.apk.zip
Size

10.9MB
MD5

c403a46cd4fde4af1bd2526a7395564a
SHA1

b3f39d9b76b39e631d4966d28b59054eaa8079cf
SHA256

7e07fdb39c3b1edfe7c79800be3911a6bdb9c75da5b37a9c6f8f39e400b19f5a
SHA512

a39d62b9dc8066bf4e46ced20422283235742f6d43350f54535d45945b5355e4171f8221f4869bc38a7867e807cd5298a10726d407985a77b0fdc0a08f8a86e9
SSDEEP

196608:xQCvhORaWyUJkb0RyNUvOqBF+XGVdP8NJM9p4VfrdMTNlEp/:xGJrJayyNUvFBF+XGVdyip4VfZMTXEx

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 4 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION

Files

c95f15d6ed26c541e69c09c858774ef918d69d110beb09cb83c20e1c325302d1.apk.zip
.zip

Password: infected
c95f15d6ed26c541e69c09c858774ef918d69d110beb09cb83c20e1c325302d1.apk
.apk android arch:arm64 arch:arm arch:mips arch:x86 arch:x64

sanity.podcast.freaks

sanity.podcast.freak.activities.SplashActivity

Activities

sanity.podcast.freak.activities.SplashActivity

android.intent.action.MAIN

sanity.podcast.freak.activities.PlayerActivity

android.media.action.MEDIA_PLAY_FROM_SEARCH

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.WAKE_LOCK
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.SEND_DOWNLOAD_COMPLETED_INTENTS
com.android.vending.BILLING
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
com.google.android.c2dm.permission.RECEIVE
sanity.podcast.freak.permission.C2D_MESSAGEqy
android.permission.ACCESS_WIFI_STATE
android.permission.RECEIVE_BOOT_COMPLETED

Receivers

android.support.v4.media.session.MediaButtonReceiver

android.intent.action.MEDIA_BUTTON

sanity.podcast.freak.receivers.DownloadedReceiver

android.intent.action.DOWNLOAD_COMPLETE

sanity.podcast.freak.receivers.DownloadClickReceiver

android.intent.action.DOWNLOAD_NOTIFICATION_CLICKED

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

com.evernote.android.job.v14.PlatformAlarmReceiver

com.evernote.android.job.v14.RUN_JOB
net.vrallev.android.job.v14.RUN_JOB

com.evernote.android.job.JobBootReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
com.htc.intent.action.QUICKBOOT_POWERON
android.intent.action.MY_PACKAGE_REPLACED

Services

sanity.podcast.freak.services.URLPlayerService

android.intent.action.MEDIA_BUTTON
android.media.AUDIO_BECOMING_NOISY
android.media.browse.MediaBrowserService

com.google.firebase.iid.FirebaseInstanceIdService

com.google.firebase.INSTANCE_ID_EVENT

com.evernote.android.job.gcm.PlatformGcmService

com.google.android.gms.gcm.ACTION_TASK_READY
communitymaterial-font-v1.7.22.ttf
consentform.html
.html .js
crashlytics-build.properties
fontawesome-font-v4.6.0.1.ttf
materialdrawerfont-font-v5.0.0.ttf

Sharing

General

Malware Config

Signatures

Files

Password: infected

sanity.podcast.freaks

sanity.podcast.freak.activities.SplashActivity

Activities

sanity.podcast.freak.activities.SplashActivity

sanity.podcast.freak.activities.PlayerActivity

Permissions

Receivers

android.support.v4.media.session.MediaButtonReceiver

sanity.podcast.freak.receivers.DownloadedReceiver

sanity.podcast.freak.receivers.DownloadClickReceiver

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.evernote.android.job.v14.PlatformAlarmReceiver

com.evernote.android.job.JobBootReceiver

Services

sanity.podcast.freak.services.URLPlayerService

com.google.firebase.iid.FirebaseInstanceIdService

com.evernote.android.job.gcm.PlatformGcmService