com.secure.vpn.activity.SplashActivity
android.intent.action.MAIN
General
-
Target
a71290070f826292c0ce907f21280e46cb4b800163ca3b81301c75710387ff1b
-
Size
29.1MB
-
MD5
7ac30a4488748e4be24c04325f147c9f
-
SHA1
b54fff5a7f0a279040a4499d5aabce41ea1840fb
-
SHA256
a71290070f826292c0ce907f21280e46cb4b800163ca3b81301c75710387ff1b
-
SHA512
2bde3d4bb8a5df81f1e0230cf6e1464853bb52c104ce3da594a0218fee62b83610d673b999c186b158b469c50213be4057c8a23aea2b693fd9083293db44cc9c
-
SSDEEP
393216:bjd8b3Stod1v3uFwCPwmSPkkbiaOhECW1Fypl+W9ESATJXQY0/rBxqHoyvc2IGif:SbKhE3cYFAYA/q3Yq2w2AEZ+1AphH
Score
10/10
Malware Config
Extracted
Family
bahamut
C2
https://ft8hua063okwfdcu21pw.de/api/v0.0.1/device/
Signatures
-
Bahamut family
-
Declares services with permission to bind to the system 3 IoCs
-
Requests dangerous framework permissions 11 IoCs
Files
-
a71290070f826292c0ce907f21280e46cb4b800163ca3b81301c75710387ff1b
com.secure.vpn
com.secure.vpn.activity.SplashActivity
Android Permissions
a71290070f826292c0ce907f21280e46cb4b800163ca3b81301c75710387ff1b
Permissions
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.FOREGROUND_SERVICE
com.android.vending.BILLING
android.permission.GET_ACCOUNTS
android.permission.CAMERA
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.READ_SMS
android.permission.READ_CONTACTS
android.permission.READ_CALL_LOG
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
android.permission.CALL_PHONE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.ACCESS_WIFI_STATE
android.permission.WAKE_LOCK