299825a93e0c6f8e97d49ac6c20efcb8d0d3dd510259e7fb6625ea1fc03335c7[.]apk[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

299825a93e0c6f8e97d49ac6c20efcb8d0d3dd510259e7fb6625ea1fc03335c7.apk.zip
Size

17.3MB
MD5

260e0a3c036c4b96a444f92c56bd16c5
SHA1

fa39f5e8e720a5154ed29e013e042df959ae4568
SHA256

e1236413d0c9c2c08cab2dd8efef0f0180a62a3f528899ae86f2a68f2b947372
SHA512

fb7e6264dd701ff7789d525fd65dfaed45770915bc828ebaaa8741f8789d05e2e17ec7d16a291b8bf2a33f2e7d0afc29a656305244706f51c78db594bdb7df87
SSDEEP

393216:M+QBzRwp/DZzMEybeGlPqNuJejpO7nRXPdtAQd:uaeEybeGly+4pwfBd

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 12 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to read the user's calendar data.	android.permission.READ_CALENDAR
Allows an application to write the user's calendar data.	android.permission.WRITE_CALENDAR
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS

Files

299825a93e0c6f8e97d49ac6c20efcb8d0d3dd510259e7fb6625ea1fc03335c7.apk.zip
.zip

Password: infected
299825a93e0c6f8e97d49ac6c20efcb8d0d3dd510259e7fb6625ea1fc03335c7.apk
.apk android arch:arm64 arch:arm

com.microsoft.launcher

com.microsoft.launcher.LauncherActivity

Activities

com.microsoft.launcher.LauncherActivity

android.intent.action.MAIN

com.microsoft.launcher.SecondaryHomeLauncher

android.intent.action.MAIN

com.microsoft.launcher.allapps.AllAppsShortcutActivity

android.intent.action.CREATE_SHORTCUT

com.microsoft.launcher.setting.ESettingActivity

android.intent.action.APPLICATION_PREFERENCES
com.microsoft.launcher.setting.ESettingActivity
com.android.settings.action.IA_SETTINGS

com.microsoft.launcher.setting.SettingActivity

android.intent.action.APPLICATION_PREFERENCES
com.microsoft.launcher.setting.SettingActivity
android.intent.action.CREATE_SHORTCUT

com.microsoft.launcher.setting.NavigationSettingActivity

com.microsoft.launcher.navigation_settings

com.microsoft.launcher.setting.NavigationSettingCardFeedActivity

com.microsoft.launcher.navigation_edit

com.microsoft.launcher.setting.NavigationSettingNewsActivity

com.microsoft.launcher.navigation_news

com.microsoft.launcher.defaultlauncher.FakeHome

android.intent.action.MAIN

com.microsoft.launcher.setting.NewsCategoryActivity

com.microsoft.launcher.navigation_news_category

com.microsoft.launcher.setting.FakeSms

android.intent.action.VIEW
android.intent.action.SEND
android.intent.action.SENDTO

com.android.launcher3.dragndrop.AddItemActivity

android.content.pm.action.CONFIRM_PIN_SHORTCUT
android.content.pm.action.CONFIRM_PIN_APPWIDGET

com.microsoft.launcher.wallpaper.activity.WallpaperCategoryActivity

android.intent.action.SET_WALLPAPER

com.microsoft.launcher.wallpaper.activity.WallpaperPreviewActivity

android.service.wallpaper.CROP_AND_SET_WALLPAPER
android.intent.action.ATTACH_DATA

com.microsoft.launcher.wallpaper.activity.SwitchWallpaperActivity

com.microsoft.launcher.wallpaper.activity.SwitchWallpaperActivity
android.intent.action.CREATE_SHORTCUT

com.microsoft.rewards.activity.RewardsActionsActivity

android.intent.action.VIEW

com.microsoft.rewards.activity.OfferLandingActivity

android.intent.action.VIEW

com.microsoft.launcher.contacts.PeopleDeepLinkActivity

android.intent.action.VIEW

com.microsoft.mmx.core.ui.WebPageShareActivityDebug

android.intent.action.SEND

Permissions

android.permission.FOREGROUND_SERVICE
com.android.launcher.permission.READ_SETTINGS
com.android.launcher2.permission.READ_SETTINGS
com.android.launcher3.permission.READ_SETTINGS
com.anddoes.launcher.permission.READ_SETTINGS
com.yandex.launcher.permission.READ_SETTINGS
com.htc.launcher.permission.READ_SETTINGS
com.google.android.launcher.permission.READ_SETTINGS
com.cyanogenmod.trebuchet.permission.READ_SETTINGS
com.teslacoilsw.launcher.permission.READ_SETTINGS
com.android.launcher.permission.WRITE_SETTINGS
com.google.android.apps.nexuslauncher.permission.READ_SETTINGS
com.lge.launcher3.permission.READ_SETTINGS
com.actionlauncher.playstore.permission.READ_SETTINGS
com.samsung.android.launcher.permission.READ_SETTINGS
net.oneplus.launcher.permission.READ_SETTINGS
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_USER_PRESENT
android.permission.QUERY_ALL_PACKAGES
com.android.calendar.huawei.permission.CALENDAR_RECESS
com.android.launcher.permission.INSTALL_SHORTCUT
android.permission.EXPAND_STATUS_BAR
android.permission.CALL_PHONE
android.permission.SET_WALLPAPER
android.permission.SET_WALLPAPER_HINTS
android.permission.BIND_APPWIDGET
android.permission.READ_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.REQUEST_DELETE_PACKAGES
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WAKE_LOCK
com.microsoft.launcher.config.READCONFIG
android.permission.READ_DEVICE_CONFIG
com.microsoft.launcher.permission.READ_SETTINGS
com.microsoft.launcher.permission.WRITE_SETTINGS
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_NETWORK_STATE
com.android.alarm.permission.SET_ALARM
com.sec.android.app.clockpackage.permission.READ_ALARM
android.permission.SYSTEM_ALERT_WINDOW
android.permission.VIBRATE
android.permission.PACKAGE_USAGE_STATS
android.permission.INTERNET
android.permission.READ_CONTACTS
android.permission.READ_SEARCH_INDEXABLES
android.permission.CAMERA
android.permission.FLASHLIGHT
com.android.browser.permission.READ_HISTORY_BOOKMARKS
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.WRITE_SETTINGS
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.READ_CALENDAR
android.permission.WRITE_CALENDAR
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
android.permission.RECORD_AUDIO
android.permission.CHANGE_NETWORK_STATE
com.google.android.c2dm.permission.RECEIVE
com.sony.mobile.permission.SYSTEM_UI_VISIBILITY_EXTENSION
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
android.permission.GET_ACCOUNTS
android.permission.MANAGE_ACCOUNTS
android.permission.USE_CREDENTIALS

Receivers

com.android.launcher3.provider.PAIBroadcastReceiver

com.microsoft.launcher.MSPAI_INTENT

com.android.launcher3.InstallShortcutReceiver

com.microsoft.launcher.action.INSTALL_SHORTCUT
com.android.launcher.action.INSTALL_SHORTCUT

com.android.launcher3.AppWidgetsRestoredReceiver

android.appwidget.action.APPWIDGET_HOST_RESTORED

com.microsoft.bing.usbsdk.internal.connectivity.ConnectivityStatusReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.microsoft.bing.partnercodelib.api.InstallListener

com.android.vending.INSTALL_REFERRER

com.microsoft.launcher.enterprise.receiver.CrossProfileBroadcastReceiver

android.content.pm.action.CAN_INTERACT_ACROSS_PROFILES_CHANGED

com.microsoft.launcher.connected.CrossProfileAvailabilityReceiver

android.intent.action.MANAGED_PROFILE_AVAILABLE
android.intent.action.MANAGED_PROFILE_UNAVAILABLE
android.content.pm.action.CAN_INTERACT_ACROSS_PROFILES_CHANGED

com.microsoft.launcher.appusage.settime.SystemTimeChangeReceiver

android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED

com.microsoft.launcher.receiver.LockScreenAdmin

android.app.action.DEVICE_ADMIN_ENABLED

com.microsoft.mmx.reporting.SharedStateManager

com.microsoft.mmx.reporting.ACTION_JOIN
com.microsoft.mmx.reporting.ACTION_VOTE

com.microsoft.mmx.continuity.registration.ConnectivityStateChangeReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.microsoft.mmx.continuity.receiver.InstallUninstallReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REPLACED
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_FULLY_REMOVED

com.microsoft.mmx.continuity.receiver.PolicyReceiver

com.microsoft.mmx.intent.action.UPDATE_POLICY

com.microsoft.mmx.continuity.receiver.AppUpgradeReceiver

android.intent.action.MY_PACKAGE_REPLACED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

android.net.conn.CONNECTIVITY_CHANGE

androidx.work.impl.background.systemalarm.RescheduleReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.background.systemalarm.UpdateProxies

com.microsoft.intune.mam.client.service.MAMBackgroundReceiver

android.intent.action.DOWNLOAD_COMPLETE

com.microsoft.intune.mam.client.app.ApplicationUpdateReceiver

android.intent.action.MY_PACKAGE_REPLACED

Services

com.microsoft.launcher.plugincard.PluginCardService

PluginCardService

com.android.launcher3.notification.NotificationListenerProxy

android.service.notification.NotificationListenerService

com.microsoft.launcher.sapphire.SapphireSubPageModule

com.microsoft.launcher.navigation.subpagemodule

com.microsoft.launcher.accessibility.LauncherAccessibilityService

android.accessibilityservice.AccessibilityService

com.microsoft.mmx.reporting.PostRequestService

com.firebase.jobdispatcher.ACTION_EXECUTE

com.firebase.jobdispatcher.GooglePlayReceiver

com.google.android.gms.gcm.ACTION_TASK_READY

com.microsoft.tokenshare.TokenSharingService

com.microsoft.tokenshare.TokenSharingService
Wundercon-Light.otf
app_policy_list.json
campaign_definitions.json
campaign_definitions_debug.json
defaultShortcuts.txt
default_settings_demo.json
default_settings_launcher.json
default_settings_launcher_e.json
default_settings_xiaomi.json
fre_01_welcome.json
fre_02_simplify.json
fre_03_style.json
fre_04_signIn.json
launcher-icons.ttf
mmx_sdk_icon_font.ttf
refresh_intro.json
refresh_intro_v1.json
refresh_loop.json
refresh_loop_v1.json
refresh_outro.json
refresh_outro_v1.json
setting_json_version_2_4.json
signature.dat
systemShortcuts.txt
ts_configuration.jwt
whatsnew_darkmode.json
whatsnew_fast.json
whatsnew_landscape.json
whatsnew_newlook.json
whatsnew_news.json

Sharing

General

Malware Config

Signatures

Files

Password: infected

com.microsoft.launcher

com.microsoft.launcher.LauncherActivity

Activities

com.microsoft.launcher.LauncherActivity

com.microsoft.launcher.SecondaryHomeLauncher

com.microsoft.launcher.allapps.AllAppsShortcutActivity

com.microsoft.launcher.setting.ESettingActivity

com.microsoft.launcher.setting.SettingActivity

com.microsoft.launcher.setting.NavigationSettingActivity

com.microsoft.launcher.setting.NavigationSettingCardFeedActivity

com.microsoft.launcher.setting.NavigationSettingNewsActivity

com.microsoft.launcher.defaultlauncher.FakeHome

com.microsoft.launcher.setting.NewsCategoryActivity

com.microsoft.launcher.setting.FakeSms

com.android.launcher3.dragndrop.AddItemActivity

com.microsoft.launcher.wallpaper.activity.WallpaperCategoryActivity

com.microsoft.launcher.wallpaper.activity.WallpaperPreviewActivity

com.microsoft.launcher.wallpaper.activity.SwitchWallpaperActivity

com.microsoft.rewards.activity.RewardsActionsActivity

com.microsoft.rewards.activity.OfferLandingActivity

com.microsoft.launcher.contacts.PeopleDeepLinkActivity

com.microsoft.mmx.core.ui.WebPageShareActivityDebug

Permissions

Receivers

com.android.launcher3.provider.PAIBroadcastReceiver

com.android.launcher3.InstallShortcutReceiver

com.android.launcher3.AppWidgetsRestoredReceiver

com.microsoft.bing.usbsdk.internal.connectivity.ConnectivityStatusReceiver

com.microsoft.bing.partnercodelib.api.InstallListener

com.microsoft.launcher.enterprise.receiver.CrossProfileBroadcastReceiver

com.microsoft.launcher.connected.CrossProfileAvailabilityReceiver

com.microsoft.launcher.appusage.settime.SystemTimeChangeReceiver

com.microsoft.launcher.receiver.LockScreenAdmin

com.microsoft.mmx.reporting.SharedStateManager

com.microsoft.mmx.continuity.registration.ConnectivityStateChangeReceiver

com.microsoft.mmx.continuity.receiver.InstallUninstallReceiver

com.microsoft.mmx.continuity.receiver.PolicyReceiver

com.microsoft.mmx.continuity.receiver.AppUpgradeReceiver

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

androidx.work.impl.background.systemalarm.RescheduleReceiver

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

com.microsoft.intune.mam.client.service.MAMBackgroundReceiver

com.microsoft.intune.mam.client.app.ApplicationUpdateReceiver

Services

com.microsoft.launcher.plugincard.PluginCardService

com.android.launcher3.notification.NotificationListenerProxy

com.microsoft.launcher.sapphire.SapphireSubPageModule

com.microsoft.launcher.accessibility.LauncherAccessibilityService

com.microsoft.mmx.reporting.PostRequestService

com.firebase.jobdispatcher.GooglePlayReceiver

com.microsoft.tokenshare.TokenSharingService