81e3fd097ccf3326f8e4ee287f35bb220705f9e17633587e4779ef87e4ae83e0

Sharing

Copy URL Twitter E-mail

General

Target

81e3fd097ccf3326f8e4ee287f35bb220705f9e17633587e4779ef87e4ae83e0
Size

2.8MB
MD5

29648f009fbd0bd4e735622a010d3664
SHA1

3cf0de9752876db47fd058b9ddea1a2ced4e10f4
SHA256

81e3fd097ccf3326f8e4ee287f35bb220705f9e17633587e4779ef87e4ae83e0
SHA512

d40b56c89c436231d3ab2f108a99abf593a4f045e579255981c8ad32785a60aad46f8043c4e0b08ac50e1f4def5e7e1d6b491e05407c7716ec51ec9661b2fcf6
SSDEEP

49152:5d2wdgRKwRoUJccB6LCs5lXzK0cFWw70NHP9lCNk0AJ0JNzPibqmt5tzWP:P2DRKwRoUqa6Os5JzKRQw70BPvCO0sqh

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 1 IoCs

description	ioc
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW

Files

81e3fd097ccf3326f8e4ee287f35bb220705f9e17633587e4779ef87e4ae83e0
.apk android

com.PqSOPlfHfP

nodcahdl.gyzeqd.sjgvf.EyJvqNc

Activities

nodcahdl.gyzeqd.sjgvf.EyJvqNc

com.ctjfyoqbqqmtvjiw.cqhqydybeedb.lpohddxewkb.dqbnthlhhvunxroni.rhyvhcqgqzueop.xerxigxpduuqgtb.hhjomlydtdskthcxmsxt.noubuogvqghu
com.qtqdsnxgjoxfplfju.giqdkmcobbbmubu.eqynpyx.hcnmlcphlxilxklwgl
com.wzeulgsuevbmkihdtky.zieizpzckafkdxoslvsf.tfnqhvvzcctmzqcmsvhr.mjyonwehwmfzruuvnxrw.kcsbu
com.whktrcduyykfhlgsezzm.ljumcfoauzlqm.oyasvupfdvhqztivl.emfumjunsfplolsw.mhwafzx.pzsaiovubuk.rwmufhnzcasmfzzegqyw
com.wcmblb.wwjqnrxveldkjcythhpt.csnqwggkattdimtvzqkd.enhdgcxqz.vtijqhiazccwaghoszwu.fobpmrsssgpdouyxw.tpknwmqchjnirprnalie.fdztmbpqvfekl
android.intent.action.MAIN

nodcahdl.gyzeqd.sjgvf.Avc

com.htqhn.oeubpqvzdks.ngeus.cglaxggebxmyqqigbphv
com.bujkpndvkfovzoytjkrz.ewzkxpzgzalracreqdho.ikfvephqmo
com.ihrszzat.rbhtegcpksp.qezjffggrmtengfzynm.wwqei.pnbhssbzbtb.fbqkzwjjj
com.bjqycayscsceyoywtot.tpqqdvqvfljykqkvrtvh.sduwyo.thwzdggpgiogshwg.iiotwebvtpicjo.daxre.ckzenxyrcgedkpsywxjn
com.ktdpzcxs.kbzuuv.qdhzpwzacs.hilum.pmcrg
com.gxnftceav.umvjdifqubznvkjcqc.pudfbdwpw.bpiumdwdzteoyla

Permissions

android.permission.FOREGROUND_SERVICE
android.permission.RECEIVE_BOOT_COMPLETED
com.asus.android.QtwSTbnGxYOXMF.vQegmhkQrs.oglRIvVYCAbwq
com.asus.zNuRgupCpxmt.yfyZqtcSOM.RZInhlURtozb
com.asus.WomalnHMtXyIGAh.qBfpLZShMTSw.cJOOrlvTGqO
com.asus.WRprrfkBRBh.XDQpHrpuXqmjz.VZfpwkyQ
com.asus.TZYNJOVIhCTOk.ZHqYmGJR.kRBZoRRit
com.asus.YQzkerlfkmECVvu.LwrmmHsFg.SBvdElWmDWaclX
com.asus.iVyzZwkci.settings.ZDcSEJWIF.PjHxLlMlNisTd
android.permission.SYSTEM_ALERT_WINDOW
android.permission.INTERNET
com.asus.android.provider.QkqQCDIjgNzIrHb.qMhVZWqImW
android.permission.USE_FULL_SCREEN_INTENT
com.asus.android.PJKwQojeV.QuoodFwXEtUOSe.sWdRMXpdSvQsJ
com.asus.SvEkTVmbDw.kYTygPMbplQzTr.jergepKykc
com.asus.vVyJPaHNVUyj.SOlYeACNRC.OqenxKKBLGC
com.asus.android.EiUvxCBeIWv.xwBqgqlavT.EjwJuCqKT
com.asus.RyOMxpzEYyZ.PqHdtEZg.eYlgeNIzPzKn
com.asus.nISkytUQsgc.RvSOTEIDa.qFVSnZwsLVPXHEA
android.permission.WAKE_LOCK
com.asus.android.provider.cQclslkOJhj.pHZVUmfelkBoqCo

Receivers

com.bfoajddblbm.mombbnnkccy.ucswqueujlhedcvxissy

com.bujmmbhzrsp.nuwqdvgdyseqqnse.irfvoyshtchygbkghm.eodty
com.vuqpouknjzfywntzxudx.ksihegyerghyodvbscw.lvjurbfrmeezfbraxizp
com.pwsiwspzrgxodhzavnav.xrovtfn.mpfhx

nodcahdl.gyzeqd.wtioi.RWZcVLIodYAT

com.hpcbdgxluyep.msimf.hwbmfxcurpxavcyls.rrbdoafsrpehcljxyl
android.net.wifi.STATE_CHANGE
com.tjjpvlfcqbkvttvtxysb.evekhpygokhj.nwxshltwdsrkmsxiid.sjuwxik.pnqkhxfdzygtxeiydyu.yklaulv.hqsslkkdvk.kxxwghotewou
com.odkzayduekynvx.erwtqwlkhgmnwzv.wncnpurlpopdzlwsnmtn.leukowyzy
android.media.SCO_AUDIO_STATE_CHANGED
android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED
android.net.conn.CONNECTIVITY_CHANGE
android.media.RINGER_MODE_CHANGED
com.keierjcyodggpwu.ngbhaekyutedvqrtalkd.laoriupqihezx.jlboh.tsbrochmauthssii.soddmkwdsfdoisuriz.lzrzwvpyatujiijzfyxm.xcgycazh
android.intent.action.TIME_TICK
android.net.wifi.p2p.STATE_CHANGED
com.mqyrcdisfuicfafstooj.tgmxqpeovvx.tqxnmbthwbnkgqmxphvp.bdukbaomi.rcwlsulkcy.fzjjrabquw

com.dloryafe.pjzgglhjkzzgbp.mxbynmejjbplh

com.nuujhmaxgubhamncq.rsxpicuxtdxbfzdemowr.kbyfomdluqfdcuv.fkxhnwklxfk.quvttzinysvgvmwcheyg.aizeo.bzovywfmmkohodqpz
com.loyjfbdbejzqdczoxixa.pscsrneefskhhfkijjsn.cwezyfvoaoaaqvalpzbc.znylgpoopnpolqivxkqs.rusrzyuaievvgxmmhrxi
com.ssdpdzu.qvjxeentnacelxygyxqf.uithrjirqgwbyswdt.wmahkygndbviqfyfyjqr.qfzabbelldmqvh.vqycqkoolqsvojejg.xbldvnebeqttqrhgkmve
com.gedmgwtu.zqmhtmqisktztxin.wmyuff.xcsorcx.tunourablmiqmqdpnmmk
com.oyasi.zohfhostuou.qhknq.sqfjxbepuuldtsloqixu.kplpbxybreuptph.zjxmngzqyrkuxtvjwqdu.wjrlwd.bmlrl

com.xssact.scdrlmwxnyjibdiaxylq.jdooofu.jzxevurqbcxwwotq.ssjvwxn.isafhwyqkqnmltijlrs.lyykfkkxskzp.bdimztlmecuhdvvtmvyf

com.fisuqyieryxzactdiepw.bvvdiuvjnorewkn.yhlyut.bpyhgeiqyhoodvm
com.txccyolbctzsjnfqfbhi.wlukekfryquieplcnvjq.wlwydilwicspiwmjnrof.srlwy.lqmprwcae
com.qehviwlcgq.njciaebxnlfmwuoyofih.cdjvjpz.tsirkn.khdxtxrqu.fzffechdmcwhnpjgj

com.xoicodatxbjyudausacx.ipopkerbvczmokeew.dcofrzeztrcnsgzazeme.nrshifmlci.qzescflhgqvypwirkdwu.cgokqhyurguvhgft

com.xpemarkr.gmvklquirvy.kquyemjzpqgzasserhvq.wyddlyhpwzglodfwywar.oplldffeymoohaacrdvh.jhnyqqjcj.aexaksxgvkxdjhx.abaxh
com.gchjyvw.gufmmtnunlxoenaaxtsu.kinejz.kswyfuwwhlgegl.nxyngdghqgomavbjgte.pdlfzjddgyvt
com.sevsvssxwmscvhjgkn.mluozope.ppxmgjhjmaechnshg.duengxpnwqvpd
com.yjzfwneumdtdibthetsa.vfbfsiksyywvfzbgrivj.uisgahgxytetemrvynyo.ajhmrwooloavfct.vcudxrz
com.ejzcx.fhgbmtlfefemhdwjkpqs.vagnvqwsklc.zeftjhgefkspq.hpmazvmifyqst
com.mdvwoegnlmgtaiworlpy.fhonngnzynxeaicaswlo.kbqqhigyfrzcbfwc.zrkjicnpecdybmvzym.npztkbohfsfqyuxbhtb.vztqrhpfryt.qshiutbeeubvhxco.jfqpgsnaunsmbfeqecnj

Services

nodcahdl.gyzeqd.tmivq.eCDJloFzFX

com.elskcstvowhpffwoirij.numrjppnqvj.jvwhjdglveuqmekvnxzp.zyvmzhjxrjktdvzfcagc.scdiipqzgkxyirkmporf.cpecamn.xwpqg.vkdfsfn
com.nunbidcaitldalum.vgqjndvjrmr.ssykupripefkm.ukdfpoig.jvpyvbtcphlhsylyuem.bexsehghb.nwbkq.jmwazqalrqadhnu
com.ylhmridysxhnzhdjqhoj.dieofizpwynzkvdbjeyu.ztjxlkylzg
com.zypzgsgdeb.ugirkradupscvimtdz.oeeuumxtfsxovvt.frielpreshbxcvf

nodcahdl.gyzeqd.tmivq.ytwM

com.uiaxdzkwzfuwknlwjw.voycfxoukbbefpodpdkp.knajjsdnqwgdq.fphgiaoaidhtcpkllgql
com.exxhzwjeawovjktoiwvq.dhzlzuxjmpv.owlvvwr.yiosxsopxfcoufvakuhk
com.vwqurksooxytzktsxpvj.psqfcrnyjpevbmauywo.woiwnlydqavfgrvql
com.csheavtmliq.zbkpumafcol.jmeywwzynstgvyjhrha

com.bosrbk.fasxmbsdvmwcpwrdvxqj.ntrvsbdiefuxvengb.ehbgeb.viqgs.gptphgkpjtsckvoxcipi

com.clbdrrghq.snqnlveultinpit.wivrepojjlwg.ruwrhbwotssrlgnjk.xozgnwtwfuvmecoc.gpzmyrxedwqf
com.aqpcvzpezdtm.wprmewomwpciqj.laqai.awarnbqoxjzxygdpcehq.jjkmuv
com.tcxaxcnoszbpqv.zdkohtbmtgvak.eaickmjnqroyunqryrmd.rnrtkuwih.kgmnnbu.oktnqbyr.ipqinxpqf
com.jfphuy.yjiloeuvqgazvlioehix.lqqwbmgtlowyytxgfij.sklumkmwkerucmadz
com.yzjdjcuy.vygcueotmicbriuuloqg.trsjjaeikvsbywbdn.pczomtqzipy.lhrzwlglbfdqhkn.xjkdttfurlcguletynmq.gnomfurlzrqdwhcygofk
com.hnkswcmhsmoh.mbyotnwraelaptbayvci.vcgwkwgrtyfsdr.bcecpwkfyugicqkhahjx.ykykxfidylnsucm.cqjuwezddhvawovvebv.kzrhtgqjbobnytxsjso.egjfkjdiklkpqcrhwmpw

com.choonaaruxvwgvvwbqa.aetegeh.jqedaytsqsisjveaepqq.bhsvtgvgmvbnr

com.zeccfc.fdqvmtyubchlfyrhvwjk.ggrrvmhkhjwfrn.bucbgbloyswxhqakgzfs.uqjnlaopf.whbzpkzngqlzcfjbgbid.lobhb
com.qsdbhxdqpddjtiorurqq.rvpjcmkftjg.vmigrvsrlopozxmfezuh.ouaunbakhpxeznod.gvsjxexkpfbvcnz.ecixccpq.mmzopnhcllbisakjhrf
com.numbsxxvuxjknrliec.yfyodraytctkgpkwjtc.ufujpuewmwwwt.hznutnjgevvalwga.jvjysaff.yztucmfkfhozv.pahpfgfgnhwn.uyasqhbkcicaojha
com.invobmgqgexupuiucwmc.xtjjevnhtkkp.wvltoevlzdsovzjezpm.djkuclpzi.rptqanhkee.dpdblcqbnctnwewufe
com.uhnhellnrq.ppxcccxsalnwdmzad.wpjohaiemwfhayqwax.nevemopd.mgcndrekhymbkewwvdjj.avzinmhpcoiyxjohhkbi
com.xsrengoqnuksrxkd.yduxhm.xjbqzajpgt.rrfslcraawtov.wfbbdmsefdfzuufqony.msejjfjonlfrqz.uveenxabjnnucoqup

com.oquvelwklosm.jkhaujnjsrd.slkrp.ydjkidtycpsudwndlnal.vdzncoyfuvqyauzvt.jbvutvf.fncinnysredqqwa

com.eghwwwozuxhvqyczluhe.zvzkerfrq.mzwsjxfqwant
com.rrfcmbrcxylymmxhnep.nafqlrjzslvswfmdjc.svgzoyxcfu
com.truakyvstqmjpgibl.vrxyu.hajghcesxwywxgcanvgp.fxsxdknvafqreh.snyntdcokgj.euecocyfmxfpwqpbnjoj.kopmbotu
com.rlhclijl.egawfyckjmessougl.bwlffcxiom.jngffuhvdqqlulre.yhmpmzedrhescvn
com.jtuhjejwrjb.jhyjqcpwikxvo.fywykr.dbwontfpysbnzpsmwxbh.kkmhouv.ouropbpeuehvjlgzxicf
com.mfszgdqawppsjnb.wnkzolfmxroxkmhwlbii.dlyomtltnujhivqfdir.dnpfdtgcdbxmq.fjrocouah.xbnzoqldsdr.xewovrz.edlhdy

com.lmffag.frywikozuirulte.kafsup.idsjyr.lezonjrurrakcvzeilsl

com.topuexgltgyynrwjcuhu.eztserinx.iamcbaijkbgxdv.hapcghimgqxomzahxemc.qbmkqvvlwdnvouglxkp.tzacdg
com.hinhdmkkpjjojxfoltaj.wcylwqekkedomozfcwdj.wtdgm.ppvhlcjtbgfptwuwrlq.ipsdbreemxknjjm.eeotyxhzuargchrobq.czipfjw.yjsfirugczl
com.bucsmcwjqcaqhfxyjlpq.xzylydohg.nrpfptbyoxakdcfknihv.etvzfdiyywztmkyhryw.lyovvdjhhvoiuucps.ilykdcyeqgdbvrhjamyb
com.dlzpjifbotpceqdsnajs.zjxcvpibtkrddaibm.jmbsrjqygkvchqfd.tmweihqwmnisfhpycgqf.zffumddtsduteupktsv.rbdubztesexom.slgspgdorsg

Android Permissions

81e3fd097ccf3326f8e4ee287f35bb220705f9e17633587e4779ef87e4ae83e0

Permissions

android.permission.FOREGROUND_SERVICE

android.permission.RECEIVE_BOOT_COMPLETED

com.asus.android.QtwSTbnGxYOXMF.vQegmhkQrs.oglRIvVYCAbwq

com.asus.zNuRgupCpxmt.yfyZqtcSOM.RZInhlURtozb

com.asus.WomalnHMtXyIGAh.qBfpLZShMTSw.cJOOrlvTGqO

com.asus.WRprrfkBRBh.XDQpHrpuXqmjz.VZfpwkyQ

com.asus.TZYNJOVIhCTOk.ZHqYmGJR.kRBZoRRit

com.asus.YQzkerlfkmECVvu.LwrmmHsFg.SBvdElWmDWaclX

com.asus.iVyzZwkci.settings.ZDcSEJWIF.PjHxLlMlNisTd

android.permission.SYSTEM_ALERT_WINDOW

android.permission.INTERNET

com.asus.android.provider.QkqQCDIjgNzIrHb.qMhVZWqImW

android.permission.USE_FULL_SCREEN_INTENT

com.asus.android.PJKwQojeV.QuoodFwXEtUOSe.sWdRMXpdSvQsJ

com.asus.SvEkTVmbDw.kYTygPMbplQzTr.jergepKykc

com.asus.vVyJPaHNVUyj.SOlYeACNRC.OqenxKKBLGC

com.asus.android.EiUvxCBeIWv.xwBqgqlavT.EjwJuCqKT

com.asus.RyOMxpzEYyZ.PqHdtEZg.eYlgeNIzPzKn

com.asus.nISkytUQsgc.RvSOTEIDa.qFVSnZwsLVPXHEA

android.permission.WAKE_LOCK

com.asus.android.provider.cQclslkOJhj.pHZVUmfelkBoqCo

Sharing

General

Malware Config

Signatures

Files

com.PqSOPlfHfP

nodcahdl.gyzeqd.sjgvf.EyJvqNc

Activities

nodcahdl.gyzeqd.sjgvf.EyJvqNc

nodcahdl.gyzeqd.sjgvf.Avc

Permissions

Receivers

com.bfoajddblbm.mombbnnkccy.ucswqueujlhedcvxissy

nodcahdl.gyzeqd.wtioi.RWZcVLIodYAT

com.dloryafe.pjzgglhjkzzgbp.mxbynmejjbplh

com.xssact.scdrlmwxnyjibdiaxylq.jdooofu.jzxevurqbcxwwotq.ssjvwxn.isafhwyqkqnmltijlrs.lyykfkkxskzp.bdimztlmecuhdvvtmvyf

com.xoicodatxbjyudausacx.ipopkerbvczmokeew.dcofrzeztrcnsgzazeme.nrshifmlci.qzescflhgqvypwirkdwu.cgokqhyurguvhgft

Services

nodcahdl.gyzeqd.tmivq.eCDJloFzFX

nodcahdl.gyzeqd.tmivq.ytwM

com.bosrbk.fasxmbsdvmwcpwrdvxqj.ntrvsbdiefuxvengb.ehbgeb.viqgs.gptphgkpjtsckvoxcipi

com.choonaaruxvwgvvwbqa.aetegeh.jqedaytsqsisjveaepqq.bhsvtgvgmvbnr

com.oquvelwklosm.jkhaujnjsrd.slkrp.ydjkidtycpsudwndlnal.vdzncoyfuvqyauzvt.jbvutvf.fncinnysredqqwa

com.lmffag.frywikozuirulte.kafsup.idsjyr.lezonjrurrakcvzeilsl

Android Permissions

81e3fd097ccf3326f8e4ee287f35bb220705f9e17633587e4779ef87e4ae83e0