com.sidalistudio.developer.app.screen.splash.SplashActivity
android.intent.action.MAIN
General
-
Target
844efceeeeff73da35ac13c217ad5723c456ecec01fada7f92b9203fc29e7dcd
-
Size
15.7MB
-
MD5
b87fea08d3fd6f9d0a4a46b18b5b3f8e
-
SHA1
9d54231e93035fcde45851fcf26795d8fe366a7a
-
SHA256
844efceeeeff73da35ac13c217ad5723c456ecec01fada7f92b9203fc29e7dcd
-
SHA512
9c578e637a81c52a32a208d90ccf99ee63693c80278309115450f21427fe9b33c2f5fc0a0a1a9b649d08fe01e73663f2aa28b8311bdb95f65b3eed72f125f3f8
-
SSDEEP
393216:v4irHAeHcBmacX7X52NWdXJq2TN51XcwnpObrfum7m:lg2CqgY5NpOLm
Score
10/10
Malware Config
Extracted
Family
sharkbot
C2
http://mefika.me/
Attributes
-
target_apps
com.example.creatersa
com.barclays.android.barclaysmobilebanking
com.bankofireland.mobilebanking
com.cooperativebank.bank
ftb.ibank.android
com.nearform.ptsb
uk.co.mbna.cardservices.android
com.danskebank.mobilebank3.uk
com.barclays.bca
com.tescobank.mobile
com.virginmoney.uk.mobile.android
com.monitise.client.android.yorkshire
com.monitise.client.android.clydesdale
com.cooperativebank.smile
com.starlingbank.android
uk.co.metrobankonline.mobile.android.production
uk.co.santander.santanderUK
uk.co.hsbc.hsbcukmobilebanking
uk.co.tsb.newmobilebank
com.grppl.android.shell.BOS
com.grppl.android.shell.halifax
com.grppl.android.shell.CMBlloydsTSB73
it.copergmps.rt.pf.android.sp.bmps
it.extrabanca.mobile
it.relaxbanking
it.bnl.apps.banking
it.bnl.apps.enterprise.hellobank
it.ingdirect.app
it.popso.SCRIGNOapp
it.nogood.container
rc4.plain
Signatures
-
Sharkbot family
-
Declares services with permission to bind to the system 1 IoCs
-
Requests dangerous framework permissions 8 IoCs
Files
-
844efceeeeff73da35ac13c217ad5723c456ecec01fada7f92b9203fc29e7dcd
com.sidalistudio.developer.app
com.sidalistudio.developer.app.screen.splash.SplashActivity
Android Permissions
844efceeeeff73da35ac13c217ad5723c456ecec01fada7f92b9203fc29e7dcd
Permissions
android.permission.INTERNET
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.CHANGE_WIFI_STATE
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.FOREFGROUND_SERVICE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.WRITE_SYNC_SETTINGS
com.android.launcher.permission.INSTALL_SHORTCUT
android.permission.ACCESS_NOTIFICATION_POLICY
android.permission.REQUEST_DELETE_PACKAGES
android.permission.WAKE_LOCK
android.permission.GET_PACKAGE_SIZE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.QUICKBOOT_POWERON
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.CLEAR_APP_CACHE
android.permission.QUERY_ALL_PACKAGES
android.permission.WRITE_SETTINGS
android.permission.GET_TASKS
android.permission.PACKAGE_USAGE_STATS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.FOREGROUND_SERVICE
android.permission.ACCESS_NETWORK_STATE
android.permission.CAMERA
android.permission.USE_FINGERPRINT
android.permission.ACCESS_WIFI_STATE
android.permission.RECEIVE_USER_PRESENT
android.permission.CHANGE_NETWORK_STATE
android.permission.SET_WALLPAPER
android.permission.VIBRATE
android.permission.MANAGE_EXTERNAL_STORAGE