7366addcbf61b0a5c29f12de9cf0f042 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7366addcbf61b0a5c29f12de9cf0f042
Size

1.3MB
MD5

7366addcbf61b0a5c29f12de9cf0f042
SHA1

473cd5298ef8b51a4c6e652e4b48163fe21c62a5
SHA256

1830c893f91e4476dc485126477ed6361b400622ec3b82716721e202b3ed2fee
SHA512

bc058c99b6308f6e47f031e2e36389a649d0a78b80719b79592030d8d5ce30818f5ecc0525883d16d0a17ba9a89439acdf259547603d197a7332ae789c2ed06c
SSDEEP

24576:82A3lz+Mlq52ZOEft6fOHOPMPxvu11/LDuTKCkWK/KxU8EfUAlM5jn+aBeRsfwD:ewMlqs0m6GH8BDnCDxUfrUjn+jD

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 1 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE

Files

7366addcbf61b0a5c29f12de9cf0f042
.zip
1/fakebackup.ab
Superuser.apk
.apk android

com.noshufou.android.su

HomeActivity

Activities

Permissions

com.noshufou.android.su.RESPOND
com.noshufou.android.su.provider.READ
com.noshufou.android.su.provider.WRITE
android.permission.INTERNET
android.permission.NFC
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED

Receivers

SuRequestReceiver

com.noshufou.android.su.REQUEST

SuResultReceiver

com.noshufou.android.su.RESULT
com.noshufou.android.su.NOTIFICATION

SecretCodeReceiver

android.provider.Telephony.SECRET_CODE

InstallReceiver

android.intent.action.PACKAGE_ADDED

UninstallReceiver

android.intent.action.PACKAGE_REMOVED

UpdatePermissionsReceiver

com.noshufou.android.su.UPDATE_PERMISSIONS
android.intent.action.BOOT_COMPLETED

Services
busybox
.elf linux arm
gingerbreak
.elf linux arm
makespace
mempodroid
.elf linux arm
psneuter
.elf linux arm
rageagainstthecage
su
.elf linux arm
unroot
zergRush
.elf linux arm