2160eb24bba2a43a08272464eb2cbf0c567cf83c361c0d44c4f2c78272868aae[.]apk[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

2160eb24bba2a43a08272464eb2cbf0c567cf83c361c0d44c4f2c78272868aae.apk.zip
Size

7.7MB
MD5

a5156d4f1f48313ebc908bd800ca90b0
SHA1

46c55ca676ab18c74ac7bf0491b50d277212fa12
SHA256

b73f66b49511251d49e397ce2e094a30f9ca914611d76539ca6e2121f45072f2
SHA512

a932927c2e05b1ffdb5dcbc75d6bda1f24e7e09082b257426edde37fea144f770221777fbfde4572b6373861044f316f3c71b8b32daec8853ecdecb910d3ebdd
SSDEEP

196608:S5CCCwdhYI7JNtlXCVTVscX/CkzY2nAuibBAozeFg:SjCyWqHtlXCV/iZui2oKC

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 5 IoCs

description	ioc
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION

Files

2160eb24bba2a43a08272464eb2cbf0c567cf83c361c0d44c4f2c78272868aae.apk.zip
.zip

Password: infected
2160eb24bba2a43a08272464eb2cbf0c567cf83c361c0d44c4f2c78272868aae.apk
.apk android

cz.eternal.cityguide.bilovice

cz.eternal.cityguide.SplashScreenActivity

Activities

cz.eternal.cityguide.SplashScreenActivity

android.intent.action.MAIN
android.intent.action.VIEW

cz.eternal.weatherlib.CityWeatherActivity

android.intent.action.MAIN

cz.eternal.weatherlib.SettingsActivity

android.intent.action.MAIN

com.google.android.gms.appinvite.PreviewActivity

com.google.android.gms.appinvite.ACTION_PREVIEW

Permissions

android.permission.RECEIVE_BOOT_COMPLETED
android.permission.CAMERA
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WAKE_LOCK
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
com.google.android.providers.gsf.permission.READ_GSERVICES
com.android.alarm.permission.SET_ALARM
android.permission.FOREGROUND_SERVICE
cz.eternal.cityguide.bilovice.permission.C2D_MESSAGE
com.google.android.c2dm.permission.RECEIVE
android.permission.VIBRATE
android.permission.READ_APP_BADGE
com.oppo.launcher.permission.READ_SETTINGS
com.oppo.launcher.permission.WRITE_SETTINGS
me.everything.badger.permission.BADGE_COUNT_READ
me.everything.badger.permission.BADGE_COUNT_WRITE

Receivers

com.onesignal.GcmBroadcastReceiver

com.google.android.c2dm.intent.RECEIVE

com.onesignal.BootUpReceiver

android.intent.action.ACTION_BOOT_COMPLETED
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

com.onesignal.UpgradeReceiver

android.intent.action.MY_PACKAGE_REPLACED

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

android.net.conn.CONNECTIVITY_CHANGE

androidx.work.impl.background.systemalarm.RescheduleReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.background.systemalarm.UpdateProxies

Services

cz.eternal.cityguide.workmanager.StarterJobService

com.firebase.jobdispatcher.ACTION_EXECUTE

cz.eternal.cityguide.workmanager.ProcessJobService

com.firebase.jobdispatcher.ACTION_EXECUTE

cz.eternal.cityguide.UpdateService

com.google.android.gms.gcm.ACTION_TASK_READY

androidx.work.impl.background.firebase.FirebaseJobService

com.firebase.jobdispatcher.ACTION_EXECUTE

com.google.firebase.iid.FirebaseInstanceIdService

com.google.firebase.INSTANCE_ID_EVENT

com.firebase.jobdispatcher.GooglePlayReceiver

com.google.android.gms.gcm.ACTION_TASK_READY
9639D2D19F83D890A320ABA7DDF3997D
.png
B3830D3367F7539E8053AC41AD26CD3E
.png
about.html
.html
cityguide.db
crashlytics-build.properties
oppk.jpg
.jpg
style.css

Sharing

General

Malware Config

Signatures

Files

Password: infected

cz.eternal.cityguide.bilovice

cz.eternal.cityguide.SplashScreenActivity

Activities

cz.eternal.cityguide.SplashScreenActivity

cz.eternal.weatherlib.CityWeatherActivity

cz.eternal.weatherlib.SettingsActivity

com.google.android.gms.appinvite.PreviewActivity

Permissions

Receivers

com.onesignal.GcmBroadcastReceiver

com.onesignal.BootUpReceiver

com.onesignal.UpgradeReceiver

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

androidx.work.impl.background.systemalarm.RescheduleReceiver

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

Services

cz.eternal.cityguide.workmanager.StarterJobService

cz.eternal.cityguide.workmanager.ProcessJobService

cz.eternal.cityguide.UpdateService

androidx.work.impl.background.firebase.FirebaseJobService

com.google.firebase.iid.FirebaseInstanceIdService

com.firebase.jobdispatcher.GooglePlayReceiver