14e5e10bc7be963fcbf0fbc307d33cf3[.]bin

General

Target

14e5e10bc7be963fcbf0fbc307d33cf3.bin
Size

19.6MB
MD5

14e5e10bc7be963fcbf0fbc307d33cf3
SHA1

d3b908df52641ac5d3a1376f2a01b33261909af4
SHA256

e43bbff3090b8153002ebecde9916545a50565f84d2190530f4a283a84a2cae2
SHA512

e8cd29194d60d8c81c2ad1f2163f4242cd039aa8e529fa5fd8756207ec153350c06bd58286ba898c3c1b276cbdac3c8e4e87985705beb84ca2adb189bfbc8d99
SSDEEP

393216:Wb6xmJGsExt2G3u3MCoG1gO0/UaKIjLugnnsSBOu75VRG:oiz3ucbMujign7o

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 9 IoCs

description	ioc
Allows an application to record audio.	android.permission.RECORD_AUDIO
Required to be able to access the camera device.	android.permission.CAMERA
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Required to be able to connect to paired Bluetooth devices.	android.permission.BLUETOOTH_CONNECT
Required to be able to discover and pair nearby Bluetooth devices.	android.permission.BLUETOOTH_SCAN
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an app to post notifications.	android.permission.POST_NOTIFICATIONS

Files

14e5e10bc7be963fcbf0fbc307d33cf3.bin
.apk android arch:arm64 arch:arm

Password: infected

it.urmet.callme

it.urmet.callforwarding_app.Launcher

Activities

it.urmet.callforwarding_app.Launcher

android.intent.action.MAIN

it.urmet.callforwarding_app.Main

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.WAKE_LOCK
android.permission.RECORD_AUDIO
android.permission.VIBRATE
android.permission.CAMERA
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.ACCESS_WIFI_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.BLUETOOTH_CONNECT
android.permission.BLUETOOTH_SCAN
android.permission.BROADCAST_STICKY
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.FOREGROUND_SERVICE
android.permission.USE_FULL_SCREEN_INTENT
android.permission.SYSTEM_ALERT_WINDOW
android.permission.POST_NOTIFICATIONS
com.google.android.c2dm.permission.RECEIVE
com.google.android.gms.permission.AD_ID
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

Receivers

it.urmet.callforwarding_sdk.UCFBootReceiver

android.intent.action.BOOT_COMPLETED

it.urmet.callforwarding_sdk.BluetoothAlarmReceiver

bluetoothalarm

it.urmet.callforwarding_sdk.UCFHeadsetPlugManager

android.intent.action.HEADSET_PLUG

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

Services

it.urmet.callforwarding_sdk.UCFFirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

Android Permissions

14e5e10bc7be963fcbf0fbc307d33cf3.bin

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.WAKE_LOCK

android.permission.RECORD_AUDIO

android.permission.VIBRATE

android.permission.CAMERA

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.ACCESS_WIFI_STATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.READ_PHONE_STATE

android.permission.BLUETOOTH

android.permission.BLUETOOTH_ADMIN

android.permission.BLUETOOTH_CONNECT

android.permission.BLUETOOTH_SCAN

android.permission.BROADCAST_STICKY

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS

android.permission.FOREGROUND_SERVICE

android.permission.USE_FULL_SCREEN_INTENT

android.permission.SYSTEM_ALERT_WINDOW

android.permission.POST_NOTIFICATIONS

com.google.android.c2dm.permission.RECEIVE

com.google.android.gms.permission.AD_ID

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

Sharing

General

Malware Config

Signatures

Files

Password: infected

it.urmet.callme

it.urmet.callforwarding_app.Launcher

Activities

it.urmet.callforwarding_app.Launcher

it.urmet.callforwarding_app.Main

Permissions

Receivers

it.urmet.callforwarding_sdk.UCFBootReceiver

it.urmet.callforwarding_sdk.BluetoothAlarmReceiver

it.urmet.callforwarding_sdk.UCFHeadsetPlugManager

com.google.firebase.iid.FirebaseInstanceIdReceiver

Services

it.urmet.callforwarding_sdk.UCFFirebaseMessagingService

com.google.firebase.messaging.FirebaseMessagingService

Android Permissions

14e5e10bc7be963fcbf0fbc307d33cf3.bin