smsfactory | 9b79c49f9c3471be37bcb1c7e2c6d11f449d804d114e75b6d3fac0b7695c790d

General

Target

9b79c49f9c3471be37bcb1c7e2c6d11f449d804d114e75b6d3fac0b7695c790d
Size

5.0MB
MD5

e6bc4ad7202ba5be391d9f1df0854d92
SHA1

97ac2e5675d4dec5173318041894805ad4558cac
SHA256

9b79c49f9c3471be37bcb1c7e2c6d11f449d804d114e75b6d3fac0b7695c790d
SHA512

f23a77ecf22f36d43faf7d3155e42a2e4b9fce96dff4ab96d94010bd5ad4350e9f271cfecff51df6d7244eaadcd06b6fa0369d5478deef85e719b347af8249a8
SSDEEP

98304:y4zvn3pjWHaZ3kUtyrlfcem0VUc5hYCXRUQvijgie1OfDH+FYEUTVZv5CDkmmSqc:t7n4Ha2yydxfzvxQUYEUTVZ0kfQrk0X

Score

10^/10

smsfactory

Malware Config

Extracted

Family

smsfactory

C2

http://smartlink.mobilelinks.xyz

Signatures

Smsfactory family
smsfactory

Requests dangerous framework permissions 2 IoCs

description	ioc
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to send SMS messages.	android.permission.SEND_SMS

Files

9b79c49f9c3471be37bcb1c7e2c6d11f449d804d114e75b6d3fac0b7695c790d
.apk android

com.headupgames.bridgeconstructor.hack

com.headupgames.bridgeconstructor.hack.SplashActivity

Activities

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.QUICKBOOT_POWERON
android.permission.WAKE_LOCK
android.permission.SYSTEM_ALERT_WINDOW
android.permission.SEND_SMS
android.permission.FOREGROUND_SERVICE
android.permission.GET_TASKS
com.headupgames.bridgeconstructor.hack.permission.C2D_MESSAGE
com.google.android.c2dm.permission.RECEIVE
android.permission.VIBRATE
com.sec.android.provider.badge.permission.READ
com.sec.android.provider.badge.permission.WRITE
com.htc.launcher.permission.READ_SETTINGS
com.htc.launcher.permission.UPDATE_SHORTCUT
com.sonyericsson.home.permission.BROADCAST_BADGE
com.sonymobile.home.permission.PROVIDER_INSERT_BADGE
com.anddoes.launcher.permission.UPDATE_COUNT
com.majeur.launcher.permission.UPDATE_BADGE
com.huawei.android.launcher.permission.CHANGE_BADGE
com.huawei.android.launcher.permission.READ_SETTINGS
com.huawei.android.launcher.permission.WRITE_SETTINGS
android.permission.READ_APP_BADGE
com.oppo.launcher.permission.READ_SETTINGS
com.oppo.launcher.permission.WRITE_SETTINGS
me.everything.badger.permission.BADGE_COUNT_READ
me.everything.badger.permission.BADGE_COUNT_WRITE
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

Receivers

com.soax.sdk.AnimReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
com.htc.intent.action.QUICKBOOT_POWERON
android.net.conn.CONNECTIVITY_CHANGE
android.net.wifi.WIFI_STATE_CHANGED
android.intent.action.SCREEN_ON
android.intent.action.SCREEN_OFF
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED
android.intent.action.BATTERY_LOW
android.intent.action.BATTERY_OKAY

com.onesignal.GcmBroadcastReceiver

com.google.android.c2dm.intent.RECEIVE

com.onesignal.BootUpReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

com.onesignal.UpgradeReceiver

android.intent.action.MY_PACKAGE_REPLACED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

android.net.conn.CONNECTIVITY_CHANGE

androidx.work.impl.background.systemalarm.RescheduleReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.background.systemalarm.UpdateProxies

androidx.work.impl.diagnostics.DiagnosticsReceiver

androidx.work.diagnostics.REQUEST_DIAGNOSTICS

com.yandex.metrica.MetricaEventHandler

com.android.vending.INSTALL_REFERRER

com.yandex.metrica.ConfigurationServiceReceiver

com.yandex.metrica.configuration.service.PLC

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

Services

com.headupgames.bridgeconstructor.hack.zumotu.listeners.ZumotuOneSignal

com.onesignal.NotificationExtender

com.yandex.metrica.MetricaService

com.yandex.metrica.IMetricaService

com.yandex.metrica.ConfigurationService

com.yandex.metrica.configuration.ACTION_INIT

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.iid.FirebaseInstanceIdService

com.google.firebase.INSTANCE_ID_EVENT

Android Permissions

9b79c49f9c3471be37bcb1c7e2c6d11f449d804d114e75b6d3fac0b7695c790d

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.QUICKBOOT_POWERON

android.permission.WAKE_LOCK

android.permission.SYSTEM_ALERT_WINDOW

android.permission.SEND_SMS

android.permission.FOREGROUND_SERVICE

android.permission.GET_TASKS

com.headupgames.bridgeconstructor.hack.permission.C2D_MESSAGE

com.google.android.c2dm.permission.RECEIVE

android.permission.VIBRATE

com.sec.android.provider.badge.permission.READ

com.sec.android.provider.badge.permission.WRITE

com.htc.launcher.permission.READ_SETTINGS

com.htc.launcher.permission.UPDATE_SHORTCUT

com.sonyericsson.home.permission.BROADCAST_BADGE

com.sonymobile.home.permission.PROVIDER_INSERT_BADGE

com.anddoes.launcher.permission.UPDATE_COUNT

com.majeur.launcher.permission.UPDATE_BADGE

com.huawei.android.launcher.permission.CHANGE_BADGE

com.huawei.android.launcher.permission.READ_SETTINGS

com.huawei.android.launcher.permission.WRITE_SETTINGS

android.permission.READ_APP_BADGE

com.oppo.launcher.permission.READ_SETTINGS

com.oppo.launcher.permission.WRITE_SETTINGS

me.everything.badger.permission.BADGE_COUNT_READ

me.everything.badger.permission.BADGE_COUNT_WRITE

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

Sharing

General

Malware Config

Extracted

Signatures

Files

com.headupgames.bridgeconstructor.hack

com.headupgames.bridgeconstructor.hack.SplashActivity

Activities

Permissions

Receivers

com.soax.sdk.AnimReceiver

com.onesignal.GcmBroadcastReceiver

com.onesignal.BootUpReceiver

com.onesignal.UpgradeReceiver

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

androidx.work.impl.background.systemalarm.RescheduleReceiver

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.diagnostics.DiagnosticsReceiver

com.yandex.metrica.MetricaEventHandler

com.yandex.metrica.ConfigurationServiceReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

Services

com.headupgames.bridgeconstructor.hack.zumotu.listeners.ZumotuOneSignal

com.yandex.metrica.MetricaService

com.yandex.metrica.ConfigurationService

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.iid.FirebaseInstanceIdService

Android Permissions

9b79c49f9c3471be37bcb1c7e2c6d11f449d804d114e75b6d3fac0b7695c790d