com.network.android.NetworkMain
android.intent.action.MAIN
Behavioral task
behavioral1
Sample
ade8bef0ac29fa363fc9afd958af0074478aef650adeb0318517b48bd996d5d5.apk
Resource
android-x86-arm-20231023-en
android-9-x86
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
ade8bef0ac29fa363fc9afd958af0074478aef650adeb0318517b48bd996d5d5.apk
Resource
android-x64-20231023.1-en
android-10-x64
1 signatures
150 seconds
Behavioral task
behavioral3
Sample
ade8bef0ac29fa363fc9afd958af0074478aef650adeb0318517b48bd996d5d5.apk
Resource
android-x64-arm64-20231023-en
android-11-x64
1 signatures
150 seconds
General
-
Target
7c3ad8fec33465fed6563bbfabb5b13d.bin
-
Size
253KB
-
MD5
edfbf7e1b6c4dff027bc73c7fddee789
-
SHA1
a6098f4feb2d426c9c612662f8f4b112d693bba3
-
SHA256
2cc4a83847704bbb53f1bfb6000506d44a713ed565e421a2fb07ba22aeb0f116
-
SHA512
0d3f79b61af9f5e0bfc2ad601bdb22dc5d88d72a28b857e9c44bf0096efbec6e38e97441817ea31fd57254140d6a8e5ae739fa5e42f471c8f2752d8bea38fb19
-
SSDEEP
6144:KDEeClxSm4kgCSXhhUV9Og3+kQ8gGXVqJ0j8iGNgFmO9bOtL:MEeClx2CG68kQ8gGlq28HNrOkN
Score
10/10
Malware Config
Signatures
-
Pegasus family
-
Pegasus payload 1 IoCs
resource yara_rule sample family_pegasus -
Requests dangerous framework permissions 19 IoCs
description ioc Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE Required to be able to access the camera device. android.permission.CAMERA Allows access to the list of accounts in the Accounts Service. android.permission.GET_ACCOUNTS Allows an application to see the number being dialed during an outgoing call with the option to redirect the call to a different number or abort the call altogether. android.permission.PROCESS_OUTGOING_CALLS Allows an application to read the user's calendar data. android.permission.READ_CALENDAR Allows an application to read the user's contacts data. android.permission.READ_CONTACTS Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE Allows an application to read SMS messages. android.permission.READ_SMS Allows an application to monitor incoming MMS messages. android.permission.RECEIVE_MMS Allows an application to receive SMS messages. android.permission.RECEIVE_SMS Allows an application to receive WAP push messages. android.permission.RECEIVE_WAP_PUSH Allows an application to record audio. android.permission.RECORD_AUDIO Allows an application to send SMS messages. android.permission.SEND_SMS Allows an application to use SIP service. android.permission.USE_SIP Allows an application to write the user's calendar data. android.permission.WRITE_CALENDAR Allows an application to write the user's contacts data. android.permission.WRITE_CONTACTS Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE
Files
-
7c3ad8fec33465fed6563bbfabb5b13d.bin.zip
Password: infected
-
ade8bef0ac29fa363fc9afd958af0074478aef650adeb0318517b48bd996d5d5.apk.apk android
Password: infected
com.network.android
com.network.android.NetworkMain
Activities
Permissions
android.permission.FORCE_STOP_PACKAGES
android.permission.ACCESS_CHECKIN_PROPERTIES
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.ACCESS_MOCK_LOCATION
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_SURFACE_FLINGER
android.permission.ACCESS_WIFI_STATE
android.permission.ACCOUNT_MANAGER
android.permission.AUTHENTICATE_ACCOUNTS
android.permission.BATTERY_STATS
android.permission.BIND_APPWIDGET
android.permission.BIND_DEVICE_ADMIN
android.permission.BIND_INPUT_METHOD
android.permission.BIND_REMOTEVIEWS
android.permission.BIND_WALLPAPER
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.BRICK
android.permission.BROADCAST_PACKAGE_REMOVED
android.permission.BROADCAST_SMS
android.permission.BROADCAST_STICKY
android.permission.BROADCAST_WAP_PUSH
android.permission.CALL_PHONE
android.permission.CALL_PRIVILEGED
android.permission.CAMERA
android.permission.CHANGE_COMPONENT_ENABLED_STATE
android.permission.CHANGE_CONFIGURATION
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_MULTICAST_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.CLEAR_APP_CACHE
android.permission.CLEAR_APP_USER_DATA
android.permission.CONTROL_LOCATION_UPDATES
android.permission.DELETE_CACHE_FILES
android.permission.DELETE_PACKAGES
android.permission.DEVICE_POWER
android.permission.DIAGNOSTIC
android.permission.DISABLE_KEYGUARD
android.permission.DUMP
android.permission.EXPAND_STATUS_BAR
android.permission.FACTORY_TEST
android.permission.FLASHLIGHT
android.permission.FORCE_BACK
android.permission.GET_ACCOUNTS
android.permission.GET_PACKAGE_SIZE
android.permission.GET_TASKS
android.permission.GLOBAL_SEARCH
android.permission.HARDWARE_TEST
android.permission.INJECT_EVENTS
android.permission.INSTALL_LOCATION_PROVIDER
android.permission.INSTALL_PACKAGES
android.permission.INTERNAL_SYSTEM_WINDOW
android.permission.INTERNET
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.MANAGE_ACCOUNTS
android.permission.MANAGE_APP_TOKENS
android.permission.MASTER_CLEAR
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.MODIFY_PHONE_STATE
android.permission.MOUNT_FORMAT_FILESYSTEMS
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.NFC
android.permission.PERSISTENT_ACTIVITY
android.permission.PROCESS_OUTGOING_CALLS
android.permission.READ_CALENDAR
android.permission.READ_CONTACTS
android.permission.READ_FRAME_BUFFER
android.permission.READ_HISTORY_BOOKMARKS
android.permission.READ_INPUT_STATE
android.permission.READ_LOGS
android.permission.READ_PHONE_STATE
android.permission.READ_SMS
android.permission.READ_SYNC_SETTINGS
android.permission.READ_SYNC_STATS
android.permission.REBOOT
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.RECEIVE_MMS
android.permission.RECEIVE_SMS
android.permission.RECEIVE_WAP_PUSH
android.permission.RECORD_AUDIO
android.permission.REORDER_TASKS
android.permission.RESTART_PACKAGES
android.permission.SEND_SMS
android.permission.SET_ACTIVITY_WATCHER
android.permission.SET_ALARM
android.permission.SET_ALWAYS_FINISH
android.permission.SET_ANIMATION_SCALE
android.permission.SET_DEBUG_APP
android.permission.SET_ORIENTATION
android.permission.SET_PREFERRED_APPLICATIONS
android.permission.SET_PROCESS_LIMIT
android.permission.SET_TIME
android.permission.SET_TIME_ZONE
android.permission.SET_WALLPAPER
android.permission.SET_WALLPAPER_HINTS
android.permission.SIGNAL_PERSISTENT_PROCESSES
android.permission.STATUS_BAR
android.permission.SUBSCRIBED_FEEDS_READ
android.permission.SUBSCRIBED_FEEDS_WRITE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.UPDATE_DEVICE_STATS
android.permission.USE_CREDENTIALS
android.permission.USE_SIP
android.permission.VIBRATE
android.permission.WAKE_LOCK
android.permission.WRITE_APN_SETTINGS
android.permission.WRITE_CALENDAR
android.permission.WRITE_CONTACTS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WRITE_GSERVICES
android.permission.WRITE_HISTORY_BOOKMARKS
com.android.browser.permission.WRITE_HISTORY_BOOKMARKS
android.permission.WRITE_SECURE_SETTINGS
android.permission.WRITE_SETTINGS
android.permission.WRITE_SMS
android.permission.WRITE_SYNC_SETTINGS
com.android.browser.permission.READ_HISTORY_BOOKMARKS
com.android.email.permission.ACCESS_PROVIDER
com.android.email.provider.EmailProvider
android.permission.WRITE_APN_SETTINGS
Receivers
com.network.android.SmsReceiver
android.intent.action.DATA_SMS_RECEIVED
com.network.android.agent.NetworkReceiver
android.intent.action.PHONE_STATE
android.intent.action.USER_PRESENT
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED
android.intent.action.BOOT_COMPLETED
android.provider.Telephony.SMS_RECEIVED
android.provider.Telephony.NEW_OUTGOING_SMS
android.intent.action.ACTION_TIMEZONE_CHANGED
android.intent.action.ACTION_TIME_CHANGED
android.intent.action.ACTION_UID_REMOVED
android.intent.action.ACTION_USER_PRESENT
android.bluetooth.device.action.ACL_CONNECTED
android.bluetooth.device.action.ACL_DISCONNECTED
android.net.conn.CONNECTIVITY_CHANGE
com.network.android.USER_PRESENT
android.intent.action.DATA_SMS_RECEIVED
android.intent.action.BATTERY_CHANGED
.roomTap.AutoAnswerReceiver
android.intent.action.PHONE_STATE
com.network.android.AndroidCallDirectWatcher
android.intent.action.PHONE_STATE
com.network.android.BootReceiver
android.intent.action.BOOT_COMPLETED
Services
com.network.ussd.CDUSSDService
com.android.ussd.IExtendedNetworkService