6aaefe16360f1d57ab0c6525854490f7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6aaefe16360f1d57ab0c6525854490f7
Size

600KB
MD5

6aaefe16360f1d57ab0c6525854490f7
SHA1

24a3f03daba1617e67e1d4f8b304d0029e7b903b
SHA256

38ad4d334299b7766b9b740952d82cf50ef7c7064c63d907f0d7141fe04da932
SHA512

84e64cff1cda6e92f346761b35c1f82f77a170fa5a178390f375780bd7caf93045617fc2788ec51c0a7b587a8148c8344f2b1ebd9bd09280f5d98c6ac41b49af
SSDEEP

12288:fKdi5UgTvCJESVpPHR235ELciGs8xv/OzA4M:idUdvsj23dZ2A4M

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 1 IoCs

description	ioc
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW

Files

6aaefe16360f1d57ab0c6525854490f7
.zip
ExynosAbuse-v1.40.apk
.apk android

eu.chainfire.exynosabuse

.MainActivity

Activities

.MainActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
superuser.png
.apk android

eu.chainfire.supersu

.MainActivity

Activities

.MainActivity

android.intent.action.MAIN

Permissions

android.permission.WAKE_LOCK
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.GET_TASKS
android.permission.SYSTEM_ALERT_WINDOW

Receivers

.InstallReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_REPLACED

.NativeAccessReceiver

eu.chainfire.supersu.NativeAccess

.BootCompleteReceiver

android.intent.action.BOOT_COMPLETED

Services