com.doviveracolo.cejexawo.fedo
android.intent.action.MAIN
com.gumefesijaze.tika.yivovuza.nuwucugoce
android.intent.action.SENDTO
android.intent.action.SEND
Static task
static1
3 signatures
Behavioral task
behavioral1
Sample
9d36f9ad8dbc04ee626aea6edf2b0e01bb28b08ec3dbfec2b65c123080512630.apk
Resource
android-x86-arm-20231215-en
android-9-x86
8 signatures
150 seconds
Behavioral task
behavioral2
Sample
9d36f9ad8dbc04ee626aea6edf2b0e01bb28b08ec3dbfec2b65c123080512630.apk
Resource
android-x64-20231215-en
android-10-x64
9 signatures
150 seconds
General
-
Target
13560653988.zip
-
Size
1.7MB
-
MD5
f13f91cf2b04a5ff0604e549695a4e07
-
SHA1
3f818a2bc873841bceacef573396e4439b5c91ed
-
SHA256
2a2160d2e66f21b096c25385a9096dfa03162dd0a0bfc84e753848a442cec08e
-
SHA512
cdab59920127652d6a03bef5c9e53300e743fceb4920de08e19814d084f516b9a28805586f93263301c8273191cbe5232c383f75a1cd489f1320fc7516ff0c87
-
SSDEEP
49152:uJQgf42kwb9GcRhxKU0He8GPnmVUlEwrdSoUFCH:mf42kw0IxK9HelmVkuFM
Score
6/10
Malware Config
Signatures
-
Declares broadcast receivers with permission to handle system events 1 IoCs
description ioc Required by device admin receivers to bind with the system. Allows apps to manage device administration features. android.permission.BIND_DEVICE_ADMIN -
Declares services with permission to bind to the system 1 IoCs
description ioc Required by accessibility services to bind with the system. Allows apps to access accessibility features. android.permission.BIND_ACCESSIBILITY_SERVICE -
Requests dangerous framework permissions 17 IoCs
description ioc Allows an application to request installing packages. android.permission.REQUEST_INSTALL_PACKAGES Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE Allows an application to receive SMS messages. android.permission.RECEIVE_SMS Allows an application to read SMS messages. android.permission.READ_SMS Allows an application to send SMS messages. android.permission.SEND_SMS Allows an application to read the user's contacts data. android.permission.READ_CONTACTS Allows access to the list of accounts in the Accounts Service. android.permission.GET_ACCOUNTS Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE Allows read access to the device's phone number(s). android.permission.READ_PHONE_NUMBERS Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION Allows an app to access location in the background. android.permission.ACCESS_BACKGROUND_LOCATION Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS Allows an application to record audio. android.permission.RECORD_AUDIO
Files
-
13560653988.zip.zip
Password: infected
-
9d36f9ad8dbc04ee626aea6edf2b0e01bb28b08ec3dbfec2b65c123080512630.apk android
com.doviveracolo.cejexawo
com.doviveracolo.cejexawo.fedo
Activities
Permissions
android.permission.DISABLE_KEYGUARD
android.permission.READ_PRIVILEGED_PHONE_STATE
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.GET_TASKS
android.permission.INTERNET
android.permission.CALL_PHONE
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.REQUEST_DELETE_PACKAGES
android.permission.RECEIVE_SMS
android.permission.READ_SMS
android.permission.SEND_SMS
android.permission.READ_CONTACTS
android.permission.QUERY_ALL_PACKAGES
android.permission.GET_ACCOUNTS
android.permission.READ_PHONE_STATE
android.permission.READ_PHONE_NUMBERS
android.permission.ACTION_MANAGE_OVERLAY_PERMISSION
android.permission.SYSTEM_ALERT_WINDOW
android.permission.ACCESS_WIFI_STATE
android.permission.RECEIVE_LAUNCH_BROADCASTS
android.permission.QUICKBOOT_POWERON
android.permission.FOREGROUND_SERVICE
android.permission.GET_CLIPS
android.permission.WRITE_CLIPS
android.permission.ACCESS_FINE_LOCATION
android.permission.WAKE_LOCK
android.permission.ACCESS_BACKGROUND_LOCATION
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.VIBRATE
android.permission.CHANGE_WIFI_STATE
android.permission.RECEIVE_BOOT_COMPLETED
com.google.android.gms.permission.ACTIVITY_RECOGNITION
android.permission.READ_EXTERNAL_STORAGE
android.permission.ACCESS_COARSE_LOCATION
android.permission.USE_FINGERPRINT
android.permission.WRITE_SETTINGS
android.permission.BLUETOOTH
android.permission.RECORD_AUDIO
android.permission.ACCESS_NOTIFICATION_POLICY
android.permission.CAPTURE_VIDEO_OUTPUT
android.permission.WRITE_SMS
android.permission.REORDER_TASKS
android.permission.MODIFY_AUDIO_SETTINGS
Receivers
com.gumefesijaze.tika.jamexo.ziwuxa
android.provider.Telephony.SMS_RECEIVED
android.intent.action.EXTERNAL_APPLICATIONS_AVAILABLE
android.app.action.DEVICE_ADMIN_DISABLED
android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED
com.gumefesijaze.tika.rupo.dekuheyunufezo
android.provider.Telephony.SMS_RECEIVED
com.gumefesijaze.tika.rupo.fawawawuwapa
android.intent.action.BOOT_COMPLETED
android.provider.Telephony.SMS_RECEIVED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.EXTERNAL_APPLICATIONS_AVAILABLE
com.htc.intent.action.QUICKBOOT_POWERON
android.intent.action.USER_PRESENT
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
android.intent.action.REBOOT
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.BATTERY_CHANGED
android.intent.action.ACTION_POWER_DISCONNECTED
android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.SCREEN_ON
android.intent.action.SCREEN_OFF
android.net.wifi.WIFI_STATE_CHANGED
android.intent.action.DREAMING_STOPPED
com.gumefesijaze.tika.yivovuza.rupegizipogoye
android.provider.Telephony.WAP_PUSH_DELIVER
com.gumefesijaze.tika.yivovuza.xomamotuwelapi
android.provider.Telephony.SMS_DELIVER
Services
com.gumefesijaze.tika.febuyewiga.cavena
android.accessibilityservice.AccessibilityService
com.gumefesijaze.tika.yivovuza.niwamumotoho
android.intent.action.RESPOND_VIA_MESSAGE