9931da6dce43df1522ca2c1b397f0df37cdc9caa8c48e7cfc6815d2e7d8ebabf[.]apk[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

9931da6dce43df1522ca2c1b397f0df37cdc9caa8c48e7cfc6815d2e7d8ebabf.apk.zip
Size

7.6MB
MD5

c6a43110af945c21499d3745c0453146
SHA1

26cd00c18a99759db076ff7225d4fab429216651
SHA256

046eabcba27a0acf32bb06d97531be27bd0d6c47796d9ad8957f798cfeb3614f
SHA512

245273ee6f502b39673168c385d8e34fa3dd6a39b85ad0ee92c743a2ba8408ca783108b4198f2a437b7c2a316756c278f2ae0446064bd2d6a1ec0f1c77fe0409
SSDEEP

196608:vCT8TJ33quufmJuCmpzAKfCuJ+j4Ll9u6/nWYVW8tdp9wy:6u9bu1zDjS4K6/WYVW2iy

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 5 IoCs

description	ioc
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION

Files

9931da6dce43df1522ca2c1b397f0df37cdc9caa8c48e7cfc6815d2e7d8ebabf.apk.zip
.zip

Password: infected
9931da6dce43df1522ca2c1b397f0df37cdc9caa8c48e7cfc6815d2e7d8ebabf.apk
.apk android

cz.eternal.cityguide.bilovice

cz.eternal.cityguide.SplashScreenActivity

Activities

cz.eternal.cityguide.SplashScreenActivity

android.intent.action.MAIN
android.intent.action.VIEW

cz.eternal.weatherlib.CityWeatherActivity

android.intent.action.MAIN

cz.eternal.weatherlib.SettingsActivity

android.intent.action.MAIN

com.google.android.gms.appinvite.PreviewActivity

com.google.android.gms.appinvite.ACTION_PREVIEW

Permissions

android.permission.RECEIVE_BOOT_COMPLETED
android.permission.CAMERA
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WAKE_LOCK
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
com.google.android.providers.gsf.permission.READ_GSERVICES
com.android.alarm.permission.SET_ALARM
android.permission.FOREGROUND_SERVICE
cz.eternal.cityguide.bilovice.permission.C2D_MESSAGE
com.google.android.c2dm.permission.RECEIVE
android.permission.VIBRATE
android.permission.READ_APP_BADGE
com.oppo.launcher.permission.READ_SETTINGS
com.oppo.launcher.permission.WRITE_SETTINGS
me.everything.badger.permission.BADGE_COUNT_READ
me.everything.badger.permission.BADGE_COUNT_WRITE

Receivers

com.onesignal.GcmBroadcastReceiver

com.google.android.c2dm.intent.RECEIVE

com.onesignal.BootUpReceiver

android.intent.action.ACTION_BOOT_COMPLETED
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

com.onesignal.UpgradeReceiver

android.intent.action.MY_PACKAGE_REPLACED

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

android.net.conn.CONNECTIVITY_CHANGE

androidx.work.impl.background.systemalarm.RescheduleReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.background.systemalarm.UpdateProxies

Services

cz.eternal.cityguide.workmanager.StarterJobService

com.firebase.jobdispatcher.ACTION_EXECUTE

cz.eternal.cityguide.workmanager.ProcessJobService

com.firebase.jobdispatcher.ACTION_EXECUTE

cz.eternal.cityguide.UpdateService

com.google.android.gms.gcm.ACTION_TASK_READY

androidx.work.impl.background.firebase.FirebaseJobService

com.firebase.jobdispatcher.ACTION_EXECUTE

com.google.firebase.iid.FirebaseInstanceIdService

com.google.firebase.INSTANCE_ID_EVENT

com.firebase.jobdispatcher.GooglePlayReceiver

com.google.android.gms.gcm.ACTION_TASK_READY
4D37AA9124646B85515F2478BBF98DA4
.png
BC9DD4431A602289DD5E7C631AAF2222
.png
about.html
.html
cityguide.db
crashlytics-build.properties
oppk.jpg
.jpg
style.css

Sharing

General

Malware Config

Signatures

Files

Password: infected

cz.eternal.cityguide.bilovice

cz.eternal.cityguide.SplashScreenActivity

Activities

cz.eternal.cityguide.SplashScreenActivity

cz.eternal.weatherlib.CityWeatherActivity

cz.eternal.weatherlib.SettingsActivity

com.google.android.gms.appinvite.PreviewActivity

Permissions

Receivers

com.onesignal.GcmBroadcastReceiver

com.onesignal.BootUpReceiver

com.onesignal.UpgradeReceiver

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

androidx.work.impl.background.systemalarm.RescheduleReceiver

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

Services

cz.eternal.cityguide.workmanager.StarterJobService

cz.eternal.cityguide.workmanager.ProcessJobService

cz.eternal.cityguide.UpdateService

androidx.work.impl.background.firebase.FirebaseJobService

com.google.firebase.iid.FirebaseInstanceIdService

com.firebase.jobdispatcher.GooglePlayReceiver