90068066457f0f07b91ca4dc68aef7a2a9158c5d6d7867974412920e132a7cfd[.]apk[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

90068066457f0f07b91ca4dc68aef7a2a9158c5d6d7867974412920e132a7cfd.apk.zip
Size

44.5MB
MD5

3309c6fb4ea9c94b3a3d1931e9c7655c
SHA1

a12c226fc0d5bf0e4379250ddee3472468463696
SHA256

251993b35f5d0e6edf6dd177ee3d67f2a8a62b688f812c5dbb2a8f67f90a51a6
SHA512

0f559666c53ae97912a4dae38dcc9ca14b2a7f341039425124e71ca60e0421b1b68b914a0d69266cc4496d13ba6a38fbd9468eb0aa52d8065215f976f512b465
SSDEEP

786432:FDchrYzhDYVyr7rEgpzwVVzHHoZz477iiMGcSutO0Yi78109WCN8EauFYa+xzSxU:FeYzBYVyr7rboVzHI5yiaputOJi7810G

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 3 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE

Files

90068066457f0f07b91ca4dc68aef7a2a9158c5d6d7867974412920e132a7cfd.apk.zip
.zip

Password: infected
90068066457f0f07b91ca4dc68aef7a2a9158c5d6d7867974412920e132a7cfd.apk
.apk android arch:arm64 arch:arm

com.megopanels.cobratvbox

com.kingtvone.kingtviptvbox.view.activity.SplashActivity

Activities

com.kingtvone.kingtviptvbox.view.activity.SplashActivity

android.intent.action.MAIN

com.kingtvone.kingtviptvbox.view.activity.ImportM3uActivity

redirect_live_tv
redirect_vod

com.kingtvone.kingtviptvbox.view.activity.MultiUserActivity

m3u
api

com.kingtvone.kingtviptvbox.miscelleneious.chromecastfeature.ExpandedControlsActivity

android.intent.action.MAIN

de.blinkt.openvpn.api.GrantPermissionsActivity

android.intent.action.MAIN

de.blinkt.openvpn.api.ConfirmDialog

android.intent.action.MAIN

com.kingtvone.kingtviptvbox.view.activity.HoneyPlayer

android.intent.action.VIEW
android.intent.action.SEND_MULTIPLE

com.kingtvone.kingtviptvbox.view.demo.SampleChooserActivity

android.intent.action.VIEW

com.kingtvone.kingtviptvbox.view.demo.PlayerActivity

com.google.android.exoplayer.demo.action.VIEW
com.google.android.exoplayer.demo.action.VIEW_LIST

com.onesignal.NotificationOpenedActivityHMS

android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.RECORD_AUDIO
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.READ_OWNER_DATA
android.permission.WRITE_OWNER_DATA
android.permission.CLEAR_APP_CACHE
android.permission.FOREGROUND_SERVICE
com.megopanels.cobratvbox.permission.C2D_MESSAGE
com.megopanels.cobratvbox_com.google.android.c2dm.permission.RECEIVE
android.permission.WAKE_LOCK
android.permission.VIBRATE
com.megopanels.cobratvbox_com.sec.android.provider.badge.permission.READ
com.megopanels.cobratvbox_com.sec.android.provider.badge.permission.WRITE
com.megopanels.cobratvbox_com.htc.launcher.permission.READ_SETTINGS
com.megopanels.cobratvbox_com.htc.launcher.permission.UPDATE_SHORTCUT
com.megopanels.cobratvbox_com.sonyericsson.home.permission.BROADCAST_BADGE
com.megopanels.cobratvbox_com.sonymobile.home.permission.PROVIDER_INSERT_BADGE
com.megopanels.cobratvbox_com.anddoes.launcher.permission.UPDATE_COUNT
com.megopanels.cobratvbox_com.majeur.launcher.permission.UPDATE_BADGE
com.megopanels.cobratvbox_com.huawei.android.launcher.permission.CHANGE_BADGE
com.megopanels.cobratvbox_com.huawei.android.launcher.permission.READ_SETTINGS
com.megopanels.cobratvbox_com.huawei.android.launcher.permission.WRITE_SETTINGS
android.permission.READ_APP_BADGE
com.megopanels.cobratvbox_com.oppo.launcher.permission.READ_SETTINGS
com.megopanels.cobratvbox_com.oppo.launcher.permission.WRITE_SETTINGS
com.megopanels.cobratvbox_me.everything.badger.permission.BADGE_COUNT_READ
com.megopanels.cobratvbox_me.everything.badger.permission.BADGE_COUNT_WRITE
com.megopanels.cobratvbox_com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

Receivers

com.kingtvone.kingtviptvbox.view.activity.BootStartupActivity

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

com.onesignal.FCMBroadcastReceiver

com.google.android.c2dm.intent.RECEIVE

com.onesignal.BootUpReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

com.onesignal.UpgradeReceiver

android.intent.action.MY_PACKAGE_REPLACED

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

android.net.conn.CONNECTIVITY_CHANGE

androidx.work.impl.background.systemalarm.RescheduleReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.background.systemalarm.UpdateProxies

Services

com.kingtvone.kingtviptvbox.WHMCSClientapp.notifications.MyFirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.kingtvone.kingtviptvbox.WHMCSClientapp.notifications.MyFirebaseInstanceIDService

com.google.firebase.INSTANCE_ID_EVENT

de.blinkt.openvpn.core.OpenVPNService

android.net.VpnService

de.blinkt.openvpn.core.OpenVPNStatusService

android.net.VpnService

de.blinkt.openvpn.api.ExternalOpenVPNService

de.blinkt.openvpn.api.IOpenVPNAPIService

de.blinkt.openvpn.OpenVPNTileService

android.service.quicksettings.action.QS_TILE

com.onesignal.HmsMessageServiceOneSignal

com.huawei.push.action.MESSAGING_EVENT

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT
AndroidManifest.xml
CERT.RSA
CERT.SF
MANIFEST.MF
activity-ktx_release.kotlin_module
androidx.activity_activity-ktx.version
androidx.activity_activity.version
androidx.annotation_annotation-experimental.version
androidx.appcompat_appcompat-resources.version
androidx.appcompat_appcompat.version
androidx.arch.core_core-runtime.version
androidx.asynclayoutinflater_asynclayoutinflater.version
androidx.browser_browser.version
androidx.cardview_cardview.version
androidx.coordinatorlayout_coordinatorlayout.version
androidx.core_core-ktx.version
androidx.core_core.version
androidx.cursoradapter_cursoradapter.version
androidx.customview_customview.version
androidx.documentfile_documentfile.version
androidx.drawerlayout_drawerlayout.version
androidx.dynamicanimation_dynamicanimation.version
androidx.fragment_fragment-ktx.version
androidx.fragment_fragment.version
androidx.interpolator_interpolator.version
androidx.leanback_leanback-preference.version
androidx.leanback_leanback.version
androidx.legacy_legacy-preference-v14.version
androidx.legacy_legacy-support-core-ui.version
androidx.legacy_legacy-support-core-utils.version
androidx.legacy_legacy-support-v4.version
androidx.lifecycle_lifecycle-livedata-core-ktx.version
androidx.lifecycle_lifecycle-livedata-core.version
androidx.lifecycle_lifecycle-livedata.version
androidx.lifecycle_lifecycle-runtime-ktx.version
androidx.lifecycle_lifecycle-runtime.version
androidx.lifecycle_lifecycle-service.version
androidx.lifecycle_lifecycle-viewmodel-ktx.version
androidx.lifecycle_lifecycle-viewmodel-savedstate.version
androidx.lifecycle_lifecycle-viewmodel.version
androidx.loader_loader.version
androidx.localbroadcastmanager_localbroadcastmanager.version
androidx.media_media.version
androidx.mediarouter_mediarouter.version
androidx.navigation_navigation-common-ktx.version
androidx.navigation_navigation-common.version
androidx.navigation_navigation-dynamic-features-fragment.version
androidx.navigation_navigation-dynamic-features-runtime.version
androidx.navigation_navigation-fragment-ktx.version
androidx.navigation_navigation-fragment.version
androidx.navigation_navigation-runtime-ktx.version
androidx.navigation_navigation-runtime.version
androidx.navigation_navigation-ui-ktx.version
androidx.navigation_navigation-ui.version
androidx.palette_palette.version
androidx.preference_preference.version
androidx.print_print.version
androidx.recyclerview_recyclerview.version
androidx.room_room-runtime.version
androidx.savedstate_savedstate.version
androidx.slidingpanelayout_slidingpanelayout.version
androidx.sqlite_sqlite-framework.version
androidx.sqlite_sqlite.version
androidx.swiperefreshlayout_swiperefreshlayout.version
androidx.tracing_tracing.version
androidx.transition_transition.version
androidx.vectordrawable_vectordrawable-animated.version
androidx.vectordrawable_vectordrawable.version
androidx.versionedparcelable_versionedparcelable.version
androidx.viewpager2_viewpager2.version
androidx.viewpager_viewpager.version
annotation-experimental_release.kotlin_module
assets.dex
.dex
audience_network.dex
.dex
collection-ktx.kotlin_module
com.google.android.material_material.version
com.google.protobuf.GeneratedExtensionRegistryLoader
core-ktx_release.kotlin_module
demo.html
.html
dex
fragment-ktx_release.kotlin_module
kotlin-android-extensions-runtime.kotlin_module
kotlin-stdlib-common.kotlin_module
kotlin-stdlib-jdk7.kotlin_module
kotlin-stdlib.kotlin_module
kotlinx-coroutines-android.kotlin_module
kotlinx-coroutines-core.kotlin_module
kotlinx.coroutines.CoroutineExceptionHandler
lifecycle-livedata-core-ktx_release.kotlin_module
lifecycle-runtime-ktx_release.kotlin_module
lifecycle-viewmodel-ktx_release.kotlin_module
media.exolist.json
navigation-common-ktx_release.kotlin_module
navigation-dynamic-features-fragment_release.kotlin_module
navigation-dynamic-features-runtime_release.kotlin_module
navigation-fragment-ktx_release.kotlin_module
navigation-runtime-ktx_release.kotlin_module
navigation-ui-ktx_release.kotlin_module
nopie_openvpn.arm64-v8a
.elf linux aarch64
nopie_openvpn.armeabi-v7a
.elf linux arm
nopie_openvpn.x86
.elf linux x86
nopie_openvpn.x86_64
.elf linux x64
onesignal_release.kotlin_module
open_sans.ttf
open_sans_regular.ttf
pie_openvpn.arm64-v8a
.elf linux aarch64
pie_openvpn.armeabi-v7a
.elf linux arm
pie_openvpn.x86
.elf linux x86
pie_openvpn.x86_64
.elf linux x64
terms.html
.html
tourguide_release.kotlin_module

Sharing

General

Malware Config

Signatures

Files

Password: infected

com.megopanels.cobratvbox

com.kingtvone.kingtviptvbox.view.activity.SplashActivity

Activities

com.kingtvone.kingtviptvbox.view.activity.SplashActivity

com.kingtvone.kingtviptvbox.view.activity.ImportM3uActivity

com.kingtvone.kingtviptvbox.view.activity.MultiUserActivity

com.kingtvone.kingtviptvbox.miscelleneious.chromecastfeature.ExpandedControlsActivity

de.blinkt.openvpn.api.GrantPermissionsActivity

de.blinkt.openvpn.api.ConfirmDialog

com.kingtvone.kingtviptvbox.view.activity.HoneyPlayer

com.kingtvone.kingtviptvbox.view.demo.SampleChooserActivity

com.kingtvone.kingtviptvbox.view.demo.PlayerActivity

com.onesignal.NotificationOpenedActivityHMS

Permissions

Receivers

com.kingtvone.kingtviptvbox.view.activity.BootStartupActivity

com.onesignal.FCMBroadcastReceiver

com.onesignal.BootUpReceiver

com.onesignal.UpgradeReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

androidx.work.impl.background.systemalarm.RescheduleReceiver

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

Services

com.kingtvone.kingtviptvbox.WHMCSClientapp.notifications.MyFirebaseMessagingService

com.kingtvone.kingtviptvbox.WHMCSClientapp.notifications.MyFirebaseInstanceIDService

de.blinkt.openvpn.core.OpenVPNService

de.blinkt.openvpn.core.OpenVPNStatusService

de.blinkt.openvpn.api.ExternalOpenVPNService

de.blinkt.openvpn.OpenVPNTileService

com.onesignal.HmsMessageServiceOneSignal

com.google.firebase.messaging.FirebaseMessagingService