6c29d5f92f8378bf40c1b7c46971037a0ac364f09d9507d367425714eab66305[.]apk[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

6c29d5f92f8378bf40c1b7c46971037a0ac364f09d9507d367425714eab66305.apk.zip
Size

7.6MB
MD5

3d1a11fa2e3e4c3377dda92596cedf1b
SHA1

9a5816d9385d4994de0d92b07a9c388ac1331c10
SHA256

271ea4a41761f3717c0cda4ae32f78abb715672dc7f4f7cc19e84edab91b2b07
SHA512

9375480fb7d2de992f279df01689130debdea19045133da8a4d4984d2bc5c23492fedf21ef5a996ca509b79cdafd269dabbc808131f7a5dac3cbd83ab1a1dc55
SSDEEP

98304:LflUGGwYb8hvPLMDaOpNHweJJSRVFpqeMvOYdgoZQi8tqGxZ8quQVTP6nECFjEuR:LPH88VPID7pT84NioZ0V7JVTP6FjEua6

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 5 IoCs

description	ioc
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION

Files

6c29d5f92f8378bf40c1b7c46971037a0ac364f09d9507d367425714eab66305.apk.zip
.zip

Password: infected
6c29d5f92f8378bf40c1b7c46971037a0ac364f09d9507d367425714eab66305.apk
.apk android

cz.eternal.cityguide.bilovice

cz.eternal.cityguide.SplashScreenActivity

Activities

cz.eternal.cityguide.SplashScreenActivity

android.intent.action.MAIN
android.intent.action.VIEW

cz.eternal.weatherlib.CityWeatherActivity

android.intent.action.MAIN

cz.eternal.weatherlib.SettingsActivity

android.intent.action.MAIN

com.google.android.gms.appinvite.PreviewActivity

com.google.android.gms.appinvite.ACTION_PREVIEW

Permissions

android.permission.RECEIVE_BOOT_COMPLETED
android.permission.CAMERA
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WAKE_LOCK
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
com.google.android.providers.gsf.permission.READ_GSERVICES
com.android.alarm.permission.SET_ALARM
android.permission.FOREGROUND_SERVICE
cz.eternal.cityguide.bilovice.permission.C2D_MESSAGE
com.google.android.c2dm.permission.RECEIVE
android.permission.VIBRATE
android.permission.READ_APP_BADGE
com.oppo.launcher.permission.READ_SETTINGS
com.oppo.launcher.permission.WRITE_SETTINGS
me.everything.badger.permission.BADGE_COUNT_READ
me.everything.badger.permission.BADGE_COUNT_WRITE

Receivers

com.onesignal.GcmBroadcastReceiver

com.google.android.c2dm.intent.RECEIVE

com.onesignal.BootUpReceiver

android.intent.action.ACTION_BOOT_COMPLETED
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

com.onesignal.UpgradeReceiver

android.intent.action.MY_PACKAGE_REPLACED

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

android.net.conn.CONNECTIVITY_CHANGE

androidx.work.impl.background.systemalarm.RescheduleReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.background.systemalarm.UpdateProxies

Services

cz.eternal.cityguide.workmanager.StarterJobService

com.firebase.jobdispatcher.ACTION_EXECUTE

cz.eternal.cityguide.workmanager.ProcessJobService

com.firebase.jobdispatcher.ACTION_EXECUTE

cz.eternal.cityguide.UpdateService

com.google.android.gms.gcm.ACTION_TASK_READY

androidx.work.impl.background.firebase.FirebaseJobService

com.firebase.jobdispatcher.ACTION_EXECUTE

com.google.firebase.iid.FirebaseInstanceIdService

com.google.firebase.INSTANCE_ID_EVENT

com.firebase.jobdispatcher.GooglePlayReceiver

com.google.android.gms.gcm.ACTION_TASK_READY
4D37AA9124646B85515F2478BBF98DA4
.png
BC9DD4431A602289DD5E7C631AAF2222
.png
about.html
.html
cityguide.db
crashlytics-build.properties
oppk.jpg
.jpg
style.css

Sharing

General

Malware Config

Signatures

Files

Password: infected

cz.eternal.cityguide.bilovice

cz.eternal.cityguide.SplashScreenActivity

Activities

cz.eternal.cityguide.SplashScreenActivity

cz.eternal.weatherlib.CityWeatherActivity

cz.eternal.weatherlib.SettingsActivity

com.google.android.gms.appinvite.PreviewActivity

Permissions

Receivers

com.onesignal.GcmBroadcastReceiver

com.onesignal.BootUpReceiver

com.onesignal.UpgradeReceiver

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

androidx.work.impl.background.systemalarm.RescheduleReceiver

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

Services

cz.eternal.cityguide.workmanager.StarterJobService

cz.eternal.cityguide.workmanager.ProcessJobService

cz.eternal.cityguide.UpdateService

androidx.work.impl.background.firebase.FirebaseJobService

com.google.firebase.iid.FirebaseInstanceIdService

com.firebase.jobdispatcher.GooglePlayReceiver