2_5420308938698527393[.]apk | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2_5420308938698527393.apk
Size

7.5MB
MD5

7957897ed7a436b5e91a7f14e349b22a
SHA1

f3c9b496597b0d0744af74cb94c15ed24b7973d2
SHA256

5a83120b07a561ef358dda73656e6a22900be8a39976a4e6f02748108e9cd088
SHA512

387ff079229b3ecc0b6ff6b172d63440a9f5323d05704e7f753f00eb09f6671b664569a0caa9086580ed44be08c58db2c9ef51632d554f484d9541e2ab247f4e
SSDEEP

196608:XEFVot9Xtz4LgLyTn2/ChB7clAtsHRithp5t06rI5D:XEFu4edahJyHRQp5mQkD

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 1 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE

Files

2_5420308938698527393.apk
.apk android arch:arm64 arch:x64 arch:x86 arch:arm

com.protectstar.firewall

com.protectstar.firewall.activity.ActivityFirstLaunch

Activities

com.protectstar.firewall.activity.ActivityFirstLaunch

android.intent.action.MAIN
android.intent.action.MANAGE_NETWORK_USAGE

Permissions

android.permission.BROADCAST_CLOSE_SYSTEM_DIALOGS
android.permission.READ_PHONE_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
com.android.vending.BILLING
android.permission.INTERNET
android.permission.VIBRATE
android.permission.FOREGROUND_SERVICE
android.permission.QUERY_ALL_PACKAGES
com.google.android.c2dm.permission.RECEIVE
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

Receivers

com.protectstar.firewall.receiver.BootUpReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.REBOOT

com.protectstar.firewall.receiver.AppUpdate

android.intent.action.MY_PACKAGE_REPLACED

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

Services

com.protectstar.firewall.service.BlackHoleService

android.net.VpnService

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT
anim_apps.json
anim_monitor.json
circle.json
disclosure.html
.html
done.json
img_0.png
.png
myps_policy.html
.html
policy.html
.html .js

Android Permissions

2_5420308938698527393.apk

Permissions

android.permission.BROADCAST_CLOSE_SYSTEM_DIALOGS

android.permission.READ_PHONE_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.WAKE_LOCK

com.android.vending.BILLING

android.permission.INTERNET

android.permission.VIBRATE

android.permission.FOREGROUND_SERVICE

android.permission.QUERY_ALL_PACKAGES

com.google.android.c2dm.permission.RECEIVE

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE