com.secure.vpn.activity.SplashActivity
android.intent.action.MAIN
General
-
Target
b420db3dff4637f07caaa145b634106e4c2fc559ae1b4b692271cedbe21b62c8
-
Size
29.1MB
-
MD5
548674d18b82bc0d58a1b7722029a156
-
SHA1
c74b006badbb3844843609dd5811ab2cef16d63b
-
SHA256
b420db3dff4637f07caaa145b634106e4c2fc559ae1b4b692271cedbe21b62c8
-
SHA512
76fda6a5c9475a8d4a367649002f7875b9be434d3e28fd370a46e3b83d2aefd60ce24693bc1151dc4f8f18519e03f23cccf4e19c7366055aa803015b298a924a
-
SSDEEP
393216:z3J8b3SRZd1v3uFwCPwmSP8VbiaOhECW1Fypl+W9ESAHRDQ60/rBxqHoyvc2IGpI:+bKhE/cYxU6A/q3lq2sDIMe+1AppO
Score
10/10
Malware Config
Extracted
Family
bahamut
C2
https://ft8hua063okwfdcu21pw.de/api/v0.0.1/device/
Signatures
-
Bahamut family
-
Declares services with permission to bind to the system 3 IoCs
-
Requests dangerous framework permissions 11 IoCs
Files
-
b420db3dff4637f07caaa145b634106e4c2fc559ae1b4b692271cedbe21b62c8
com.secure.vpn
com.secure.vpn.activity.SplashActivity
Android Permissions
b420db3dff4637f07caaa145b634106e4c2fc559ae1b4b692271cedbe21b62c8
Permissions
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.FOREGROUND_SERVICE
com.android.vending.BILLING
android.permission.GET_ACCOUNTS
android.permission.CAMERA
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.READ_SMS
android.permission.READ_CONTACTS
android.permission.READ_CALL_LOG
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
android.permission.CALL_PHONE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.ACCESS_WIFI_STATE
android.permission.WAKE_LOCK