8d8a0ab1569d2c9b0400153534cf63d29340510d6e2d6bc1dcb73e2e095c5018

General

Target

8d8a0ab1569d2c9b0400153534cf63d29340510d6e2d6bc1dcb73e2e095c5018
Size

3.5MB
MD5

22c1a429132f149539ed84399935bebd
SHA1

8295aedacee4022a4fa6961970eddf3ba90be358
SHA256

8d8a0ab1569d2c9b0400153534cf63d29340510d6e2d6bc1dcb73e2e095c5018
SHA512

5e2b0d8ed10a0f5835eaf206a2da533e8a80c5cdd0812316d447ccf4f0a3fa53d54b5a907126586925fc22ec8fd9a75b5560e216448fae242f5f602ea8babc64
SSDEEP

98304:x3BhqPugVfXxbTpmEPSo2nMTQc/vTN7Fb1aX:x3ePVfBTpfPS1cZF0

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 1 IoCs

description	ioc
Required by VPN services to bind with the system. Allows apps to provision VPN services.	android.permission.BIND_VPN_SERVICE

Requests dangerous framework permissions 2 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW

Files

8d8a0ab1569d2c9b0400153534cf63d29340510d6e2d6bc1dcb73e2e095c5018
.apk android arch:arm

it.colucciweb.sstpvpnclient

it.colucciweb.sstpvpnclient.MainActivity

Activities

it.colucciweb.sstpvpnclient.AppWidgetSmallConfig

android.appwidget.action.APPWIDGET_CONFIGURE

it.colucciweb.sstpvpnclient.AppWidgetBigConfig

android.appwidget.action.APPWIDGET_CONFIGURE

it.colucciweb.sstpvpnclient.plugin.EditConditionActivity

com.twofortyfouram.locale.intent.action.EDIT_CONDITION

it.colucciweb.sstpvpnclient.plugin.EditSettingActivity

com.twofortyfouram.locale.intent.action.EDIT_SETTING

it.colucciweb.sstpvpnclient.MainActivity

android.intent.action.MAIN
android.intent.action.VIEW

Permissions

com.android.vending.CHECK_LICENSE
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED

Receivers

it.colucciweb.sstpvpnclient.AppWidgetSmall

android.appwidget.action.APPWIDGET_UPDATE

it.colucciweb.sstpvpnclient.AppWidgetBig

android.appwidget.action.APPWIDGET_UPDATE

it.colucciweb.sstpvpnclient.plugin.PluginReceiver

com.twofortyfouram.locale.intent.action.QUERY_CONDITION
com.twofortyfouram.locale.intent.action.FIRE_SETTING

it.colucciweb.sstpvpnclient.ConnectivityReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE

Services

it.colucciweb.sstpvpnclient.SSTPVPNService

android.net.VpnService

Android Permissions

8d8a0ab1569d2c9b0400153534cf63d29340510d6e2d6bc1dcb73e2e095c5018

Permissions

com.android.vending.CHECK_LICENSE

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.RECEIVE_BOOT_COMPLETED

Sharing

General

Malware Config

Signatures

Files

it.colucciweb.sstpvpnclient

it.colucciweb.sstpvpnclient.MainActivity

Activities

it.colucciweb.sstpvpnclient.AppWidgetSmallConfig

it.colucciweb.sstpvpnclient.AppWidgetBigConfig

it.colucciweb.sstpvpnclient.plugin.EditConditionActivity

it.colucciweb.sstpvpnclient.plugin.EditSettingActivity

it.colucciweb.sstpvpnclient.MainActivity

Permissions

Receivers

it.colucciweb.sstpvpnclient.AppWidgetSmall

it.colucciweb.sstpvpnclient.AppWidgetBig

it.colucciweb.sstpvpnclient.plugin.PluginReceiver

it.colucciweb.sstpvpnclient.ConnectivityReceiver

Services

it.colucciweb.sstpvpnclient.SSTPVPNService

Android Permissions

8d8a0ab1569d2c9b0400153534cf63d29340510d6e2d6bc1dcb73e2e095c5018