furball | 8324266e25d6a8dbc6e561e035b9e713c3bd339ba9bb5e5b9d4f0821a0262510

General

Target

8324266e25d6a8dbc6e561e035b9e713c3bd339ba9bb5e5b9d4f0821a0262510
Size

1.4MB
MD5

86da3a7378e17b51ba83ba3333e86a32
SHA1

e09c6fdc034da5c5cd1656a7b3b49116db575ac1
SHA256

8324266e25d6a8dbc6e561e035b9e713c3bd339ba9bb5e5b9d4f0821a0262510
SHA512

a75464f878d20a7539bf5404c76f938233a45a155db7832b27eb81fd4c91701fb5a70a2e1d03f4e9f74d8b92edcbad17045f50c28d036a5b17798641b1104b4b
SSDEEP

24576:TyDre0Wdj/xldIocaP/cfUZnWNruf7r50+89Woaa60rLrLUR07DthTRVXFO:Met9xjnEfUZgun970TLUR07HTHXFO

Score

10^/10

furball

Malware Config

Extracted

Family

furball

C2

http://www.firmwaresystemupdate.com/mmh

Signatures

Furball family
furball

Requests dangerous framework permissions 7 IoCs

Processes:

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to read the user's call log.	android.permission.READ_CALL_LOG
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS

Files

8324266e25d6a8dbc6e561e035b9e713c3bd339ba9bb5e5b9d4f0821a0262510
.apk android

ir.hukmi.moanzalalloh

ir.hukmi.moanzalalloh.MainActivity

Activities

ir.hukmi.moanzalalloh.MainActivity

android.intent.action.MAIN

ir.hukmi.moanzalalloh.RssActivity

ir.hukmi.moanzalalloh.RssActivity

ir.hukmi.moanzalalloh.ListActivity

ir.hukmi.moanzalalloh.ListActivity

ir.hukmi.moanzalalloh.SearchActivity

ir.hukmi.moanzalalloh.SearchActivity

ir.hukmi.moanzalalloh.PageActivity

ir.hukmi.moanzalalloh.PageActivity

ir.hukmi.moanzalalloh.WebActivity

ir.hukmi.moanzalalloh.WebActivity

ir.hukmi.moanzalalloh.HtmlActivity

ir.hukmi.moanzalalloh.HtmlActivity

ir.hukmi.moanzalalloh.BookmarksActivity

ir.hukmi.moanzalalloh.BookmarksActivity

ir.hukmi.moanzalalloh.SettingActivity

ir.hukmi.moanzalalloh.SettingActivity

ir.hukmi.moanzalalloh.UpdateActivity

ir.hukmi.moanzalalloh.UpdateActivity

ir.hukmi.moanzalalloh.AudioPlayer

ir.hukmi.moanzalalloh.AudioPlayer

ir.hukmi.moanzalalloh.VideoPlayer

ir.hukmi.moanzalalloh.VideoPlayer

ir.hukmi.moanzalalloh.ImageViewActivity

ir.hukmi.moanzalalloh.ImageViewActivity

ir.hukmi.moanzalalloh.GalleryActivity

ir.hukmi.moanzalalloh.GalleryActivity

Permissions

android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.QUICKBOOT_POWERON
android.permission.READ_SMS
android.permission.GET_ACCOUNTS
com.android.browser.permission.READ_HISTORY_BOOKMARKS
android.permission.READ_CONTACTS
android.permission.GET_TASKS
android.permission.READ_PHONE_STATE
android.permission.READ_CALL_LOG
android.permission.READ_LOGS
android.permission.WRITE_SETTINGS

Receivers

com.andriod.browser.OnBootManager

android.intent.action.BOOT_COMPLETED
android.intent.action.ACTION_POWER_CONNECTED

Services

Android Permissions

8324266e25d6a8dbc6e561e035b9e713c3bd339ba9bb5e5b9d4f0821a0262510

Permissions

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.QUICKBOOT_POWERON

android.permission.READ_SMS

android.permission.GET_ACCOUNTS

com.android.browser.permission.READ_HISTORY_BOOKMARKS

android.permission.READ_CONTACTS

android.permission.GET_TASKS

android.permission.READ_PHONE_STATE

android.permission.READ_CALL_LOG

android.permission.READ_LOGS

android.permission.WRITE_SETTINGS

Sharing

General

Malware Config

Extracted

Signatures

Files

ir.hukmi.moanzalalloh

ir.hukmi.moanzalalloh.MainActivity

Activities

ir.hukmi.moanzalalloh.MainActivity

ir.hukmi.moanzalalloh.RssActivity

ir.hukmi.moanzalalloh.ListActivity

ir.hukmi.moanzalalloh.SearchActivity

ir.hukmi.moanzalalloh.PageActivity

ir.hukmi.moanzalalloh.WebActivity

ir.hukmi.moanzalalloh.HtmlActivity

ir.hukmi.moanzalalloh.BookmarksActivity

ir.hukmi.moanzalalloh.SettingActivity

ir.hukmi.moanzalalloh.UpdateActivity

ir.hukmi.moanzalalloh.AudioPlayer

ir.hukmi.moanzalalloh.VideoPlayer

ir.hukmi.moanzalalloh.ImageViewActivity

ir.hukmi.moanzalalloh.GalleryActivity

Permissions

Receivers

com.andriod.browser.OnBootManager

Services

Android Permissions

8324266e25d6a8dbc6e561e035b9e713c3bd339ba9bb5e5b9d4f0821a0262510