BAD_TEAM[.]apk

Sharing

Copy URL Twitter E-mail

General

Target

BAD_TEAM.apk
Size

75.6MB
MD5

9a009f9b619fce91a5b81237bd8edd3c
SHA1

ebe34e34276d0937fee05feeaef8da43881a8956
SHA256

f9866e5b5181fd2fe0ab7dcb927c34439836866f2a3dea48df6610e6235e23a3
SHA512

577d56cd6361cd2ea8d66aedb67dc652fb69339e898ef89570478461bf207f8f40317aa91f3b2519d4116763014fb9453059214a2f81e71fe7336bf8c5a3319b
SSDEEP

1572864:OXNLXN+ZPI/4AHT0t8mEyqNOemetGwFA2jOs3oXmq5DLDhoflkHaN2odfv:OXNM5IgvVExmetfFA2nTcBskHToN

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 6 IoCs

description	ioc
Allows an app to post notifications.	android.permission.POST_NOTIFICATIONS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Required to be able to connect to paired Bluetooth devices.	android.permission.BLUETOOTH_CONNECT
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to record audio.	android.permission.RECORD_AUDIO

Files

BAD_TEAM.apk
.apk android arch:arm

com.dts.freefireth

com.dts.freefireth.FFMainActivity

Activities

com.dts.freefireth.FFMainActivity

android.intent.action.MAIN
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

com.facebook.CustomTabActivity

android.intent.action.VIEW

com.linecorp.linesdk.auth.internal.LineAuthenticationCallbackActivity

android.intent.action.VIEW

Permissions

android.permission.POST_NOTIFICATIONS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
com.google.android.gms.permission.AD_ID
android.permission.WAKE_LOCK
com.dts.freefireth.permission.C2D_MESSAGE
com.google.android.c2dm.permission.RECEIVE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.BLUETOOTH_CONNECT
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
com.seagroup.spark.sdk
com.android.vending.BILLING
android.permission.FOREGROUND_SERVICE
android.permission.GET_ACCOUNTS
android.permission.AUTHENTICATE_ACCOUNTS
android.permission.MANAGE_ACCOUNTS
android.permission.USE_CREDENTIALS
com.android.vending.CHECK_LICENSE
android.permission.RECORD_AUDIO
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.BLUETOOTH
android.permission.VIBRATE
android.permission.SYSTEM_ALERT_WINDOW

Receivers

com.appsflyer.MultipleInstallBroadcastReceiver

com.android.vending.INSTALL_REFERRER

com.dts.freefireth.FFBroadcastReceiver

android.intent.action.BOOT_COMPLETED
com.dts.freefireth.action.LOCAL_NOTIFICATION

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

com.facebook.sdk.ACTION_CURRENT_ACCESS_TOKEN_CHANGED

com.facebook.AuthenticationTokenManager$CurrentAuthenticationTokenChangedBroadcastReceiver

com.facebook.sdk.ACTION_CURRENT_AUTHENTICATION_TOKEN_CHANGED

Services

com.beetalk.sdk.account.AccountAuthenticatorService

android.accounts.AccountAuthenticator

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.messaging.cpp.ListenerService

com.google.firebase.MESSAGING_EVENT
Compat.browser
DefaultWsdlHelpGenerator.aspx
.js
GMP.png
.png
__accfinfo.tsa
__acinfo.tsa
__acinfo.tsd
__acinfo.tsd.sig
__acsinfo.t.p.sin
acginf.dat
boot.config
browscap.ini
config
config.xml
.xml
global-metadata.dat
globalgamemanagers
globalgamemanagers.assets.split0
globalgamemanagers.assets.split1
globalgamemanagers.assets.split2
google-services.json
hook.apk
.apk android arch:arm

com.dts.freefireth

com.dts.freefireth.FFMainActivity

Activities

com.dts.freefireth.FFMainActivity

android.intent.action.MAIN
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

com.facebook.CustomTabActivity

android.intent.action.VIEW

com.linecorp.linesdk.auth.internal.LineAuthenticationCallbackActivity

android.intent.action.VIEW

Permissions

android.permission.POST_NOTIFICATIONS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
com.google.android.gms.permission.AD_ID
android.permission.WAKE_LOCK
com.dts.freefireth.permission.C2D_MESSAGE
com.google.android.c2dm.permission.RECEIVE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.BLUETOOTH_CONNECT
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
com.seagroup.spark.sdk
com.android.vending.BILLING
android.permission.FOREGROUND_SERVICE
android.permission.GET_ACCOUNTS
android.permission.AUTHENTICATE_ACCOUNTS
android.permission.MANAGE_ACCOUNTS
android.permission.USE_CREDENTIALS
com.android.vending.CHECK_LICENSE
android.permission.RECORD_AUDIO
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.BLUETOOTH
android.permission.VIBRATE

Receivers

com.appsflyer.MultipleInstallBroadcastReceiver

com.android.vending.INSTALL_REFERRER

com.dts.freefireth.FFBroadcastReceiver

android.intent.action.BOOT_COMPLETED
com.dts.freefireth.action.LOCAL_NOTIFICATION

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

com.facebook.sdk.ACTION_CURRENT_ACCESS_TOKEN_CHANGED

com.facebook.AuthenticationTokenManager$CurrentAuthenticationTokenChangedBroadcastReceiver

com.facebook.sdk.ACTION_CURRENT_AUTHENTICATION_TOKEN_CHANGED

Services

com.beetalk.sdk.account.AccountAuthenticatorService

android.accounts.AccountAuthenticator

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.messaging.cpp.ListenerService

com.google.firebase.MESSAGING_EVENT
Compat.browser
DefaultWsdlHelpGenerator.aspx
.js
__accfinfo.tsa
__acinfo.tsa
__acinfo.tsd
__acinfo.tsd.sig
__acsinfo.t.p.sin
acginf.dat
boot.config
browscap.ini
config
config.xml
.xml
global-metadata.dat
globalgamemanagers
globalgamemanagers.assets.split0
globalgamemanagers.assets.split1
globalgamemanagers.assets.split2
google-services.json
level0
machine.config
.xml
mscorlib.dll-resources.dat
settings.map
.xml
sharedassets0.assets
supplierconfig.json
unity default resources
unity_builtin_extra
web.config
.xml
level0
machine.config
.xml
mscorlib.dll-resources.dat
settings.map
.xml
sharedassets0.assets
supplierconfig.json
unity default resources
unity_builtin_extra
web.config
.xml

Android Permissions

BAD_TEAM.apk

Permissions

android.permission.POST_NOTIFICATIONS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.CHANGE_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

com.google.android.gms.permission.AD_ID

android.permission.WAKE_LOCK

com.dts.freefireth.permission.C2D_MESSAGE

com.google.android.c2dm.permission.RECEIVE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.BLUETOOTH_CONNECT

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

com.seagroup.spark.sdk

com.android.vending.BILLING

android.permission.FOREGROUND_SERVICE

android.permission.GET_ACCOUNTS

android.permission.AUTHENTICATE_ACCOUNTS

android.permission.MANAGE_ACCOUNTS

android.permission.USE_CREDENTIALS

com.android.vending.CHECK_LICENSE

android.permission.RECORD_AUDIO

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.BLUETOOTH

android.permission.VIBRATE

android.permission.SYSTEM_ALERT_WINDOW

Sharing

General

Malware Config

Signatures

Files

com.dts.freefireth

com.dts.freefireth.FFMainActivity

Activities

com.dts.freefireth.FFMainActivity

com.facebook.CustomTabActivity

com.linecorp.linesdk.auth.internal.LineAuthenticationCallbackActivity

Permissions

Receivers

com.appsflyer.MultipleInstallBroadcastReceiver

com.dts.freefireth.FFBroadcastReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

com.facebook.AuthenticationTokenManager$CurrentAuthenticationTokenChangedBroadcastReceiver

Services

com.beetalk.sdk.account.AccountAuthenticatorService

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.messaging.cpp.ListenerService

com.dts.freefireth

com.dts.freefireth.FFMainActivity

Activities

com.dts.freefireth.FFMainActivity

com.facebook.CustomTabActivity

com.linecorp.linesdk.auth.internal.LineAuthenticationCallbackActivity

Permissions

Receivers

com.appsflyer.MultipleInstallBroadcastReceiver

com.dts.freefireth.FFBroadcastReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

com.facebook.AuthenticationTokenManager$CurrentAuthenticationTokenChangedBroadcastReceiver

Services

com.beetalk.sdk.account.AccountAuthenticatorService

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.messaging.cpp.ListenerService

Android Permissions

BAD_TEAM.apk