939071bfaa456cc64d3840551d8f6558ed097d58334a8f101e9367bac66f816c[.]apk[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

939071bfaa456cc64d3840551d8f6558ed097d58334a8f101e9367bac66f816c.apk.zip
Size

9.7MB
MD5

63ac565a60568e1f737a552676a78433
SHA1

7a4299894580aeac7a8a4948d982353f0c417d64
SHA256

19a5de4f9d9c06b13f2a3aa2f6495d9be1421d5eb785816ce6fec7fae55fe841
SHA512

40168e11ea85f96fd72c89d4317f4d8dc708f1b23468df25c5537f8e78f6725f7d82975f3989b9b2bed230426c39314e806e1bcb3343b0e5f629e9bbf66f6258
SSDEEP

196608:TDj1eMfa6sG3igr7ZXikBlD3VAM0pzYm4a0j3wRKZI4YofA:TDj1eMfaRSHdfjVAFzz4+KZI4lA

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 5 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to record audio.	android.permission.RECORD_AUDIO

Files

939071bfaa456cc64d3840551d8f6558ed097d58334a8f101e9367bac66f816c.apk.zip
.zip

Password: infected
939071bfaa456cc64d3840551d8f6558ed097d58334a8f101e9367bac66f816c.apk
.apk android arch:arm64 arch:arm arch:x86 arch:x64

com.uptodown

com.uptodown.activities.MainActivityScrollable

Activities

com.uptodown.activities.MainActivityScrollable

android.intent.action.MAIN
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

com.uptodown.tv.ui.activity.TvMainActivity

android.intent.action.MAIN

com.uptodown.activities.InstallerActivity

android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.GET_ACCOUNTS
com.google.android.c2dm.permission.RECEIVE
android.permission.WAKE_LOCK
com.uptodown.permission.C2D_MESSAGE
com.google.android.apps.photos.permission.GOOGLE_PHOTOS
android.permission.BATTERY_STATS
android.permission.CHANGE_CONFIGURATION
android.permission.CLEAR_APP_CACHE
android.permission.GET_PACKAGE_SIZE
android.permission.GET_TASKS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.USE_CREDENTIALS
android.permission.WRITE_SETTINGS
android.permission.AUTHENTICATE_ACCOUNTS
android.permission.MANAGE_ACCOUNTS
android.permission.ACCESS_WIFI_STATE
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.INSTALL_PACKAGES
android.permission.DELETE_PACKAGES
android.permission.RECORD_AUDIO
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

Receivers

com.startapp.android.publish.common.metaData.BootCompleteListener

android.intent.action.BOOT_COMPLETED

com.uptodown.receivers.GcmBroadcastReceiver

com.google.android.c2dm.intent.RECEIVE

com.uptodown.receivers.BootDeviceReceiver

android.intent.action.BOOT_COMPLETED

com.google.android.gms.analytics.AnalyticsReceiver

com.google.android.gms.analytics.ANALYTICS_DISPATCH

com.google.android.gms.analytics.CampaignTrackingReceiver

com.android.vending.INSTALL_REFERRER

com.evernote.android.job.v14.PlatformAlarmReceiver

com.evernote.android.job.v14.RUN_JOB
net.vrallev.android.job.v14.RUN_JOB

com.evernote.android.job.JobBootReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
com.htc.intent.action.QUICKBOOT_POWERON
android.intent.action.MY_PACKAGE_REPLACED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

android.net.conn.CONNECTIVITY_CHANGE

androidx.work.impl.background.systemalarm.RescheduleReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.background.systemalarm.UpdateProxies

Services

com.uptodown.services.AuthenticatorService

android.accounts.AccountAuthenticator

com.evernote.android.job.gcm.PlatformGcmService

com.google.android.gms.gcm.ACTION_TASK_READY
Roboto-Black.ttf
Roboto-Bold.ttf
Roboto-BoldItalic.ttf
Roboto-Light.ttf
Roboto-LightItalic.ttf
Roboto-Medium.ttf
Roboto-Regular.ttf
Roboto-Thin.ttf
closebutton.html
.html
countdown_image.png
.png
crashlytics-build.properties
mraid.js
.js
tj_close_button.png
.png

Sharing

General

Malware Config

Signatures

Files

Password: infected

com.uptodown

com.uptodown.activities.MainActivityScrollable

Activities

com.uptodown.activities.MainActivityScrollable

com.uptodown.tv.ui.activity.TvMainActivity

com.uptodown.activities.InstallerActivity

Permissions

Receivers

com.startapp.android.publish.common.metaData.BootCompleteListener

com.uptodown.receivers.GcmBroadcastReceiver

com.uptodown.receivers.BootDeviceReceiver

com.google.android.gms.analytics.AnalyticsReceiver

com.google.android.gms.analytics.CampaignTrackingReceiver

com.evernote.android.job.v14.PlatformAlarmReceiver

com.evernote.android.job.JobBootReceiver

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

androidx.work.impl.background.systemalarm.RescheduleReceiver

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

Services

com.uptodown.services.AuthenticatorService

com.evernote.android.job.gcm.PlatformGcmService