11eafc28b694d9029e4880d71a07f39b

General

Target

11eafc28b694d9029e4880d71a07f39b
Size

9.5MB
MD5

11eafc28b694d9029e4880d71a07f39b
SHA1

e9df5ab4ad377755a40d8e331a4f74172d7c8a92
SHA256

de53023882274e414a5f562ae6ac9b9eed23d4cf35d69b8feaae3f790ae2d2de
SHA512

607ff3df82edae71c9e7a8116f1504bebdc1b22353ee2a957428874ed9417faca4f01cbf059e2a101133ac664f29041939d95c5c505a1dd27d1e851ce86682c1
SSDEEP

196608:2wToNR62p+0RUdy4o03wOyx86likauCc1Bn/fp6eZLDzI:zToNR7RcXyPLpZLHI

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 3 IoCs

description	ioc
Required by quick settings tile services to bind with the system. Allows apps to add custom tiles to the quick settings menu.	android.permission.BIND_QUICK_SETTINGS_TILE
Required by VPN services to bind with the system. Allows apps to provision VPN services.	android.permission.BIND_VPN_SERVICE
Required by VPN services to bind with the system. Allows apps to provision VPN services.	android.permission.BIND_VPN_SERVICE

Requests dangerous framework permissions 4 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to collect component usage statistics.	android.permission.PACKAGE_USAGE_STATS

Files

11eafc28b694d9029e4880d71a07f39b
.apk android arch:arm

com.freevpnintouch

com.pages.Starter

Activities

com.betternet.ui.dashboard.DashboardActivity

android.intent.action.VIEW

com.betternet.ui.premium.subscription.SubscriptionActivity

android.intent.action.VIEW

com.pages.Starter

android.intent.action.MAIN

Permissions

android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.RECEIVE_BOOT_COMPLETED
com.android.vending.BILLING
android.permission.WAKE_LOCK
android.permission.SYSTEM_ALERT_WINDOW
com.freevpnintouch.C2D_MESSAGE
com.google.android.c2dm.permission.RECEIVE
android.permission.GET_TASKS
android.permission.REAL_GET_TASKS
android.permission.PACKAGE_USAGE_STATS
com.firstorion.android.roboshield.READ_WL
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
com.freevpnintouch.permission.C2D_MESSAGE
android.permission.ACCESS_WIFI_STATE
android.permission.FOREGROUND_SERVICE

Receivers

com.betternet.firebase.PushNotificationReceiver

com.freevpnintouch.PUSH_ACTION_DEFAULT
com.freevpnintouch.PUSH_ACTION_KOCHAVA
com.freevpnintouch.PUSH_ACTION_UPDATE
com.freevpnintouch.PUSH_ACTION_URL

com.betternet.tracker.ReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.zendesk.sdk.power.BatteryStateBroadcastReceiver

android.intent.action.BATTERY_LOW
android.intent.action.BATTERY_OKAY

com.zendesk.sdk.deeplinking.ZendeskDeepLinkingBroadcastReceiver

com.zendesk.sdk.deeplinking

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

Services

com.vpnconnection.QuickConnectService

android.service.quicksettings.action.QS_TILE

com.betternet.firebase.MessagingService

com.google.firebase.MESSAGING_EVENT

com.betternet.firebase.InstanceIdService

com.google.firebase.INSTANCE_ID_EVENT

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.iid.FirebaseInstanceIdService

com.google.firebase.INSTANCE_ID_EVENT

com.anchorfree.hydrasdk.vpnservice.AFVpnService

android.net.VpnService

Android Permissions

11eafc28b694d9029e4880d71a07f39b

Permissions

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_NETWORK_STATE

android.permission.INTERNET

android.permission.RECEIVE_BOOT_COMPLETED

com.android.vending.BILLING

android.permission.WAKE_LOCK

android.permission.SYSTEM_ALERT_WINDOW

com.freevpnintouch.C2D_MESSAGE

com.google.android.c2dm.permission.RECEIVE

android.permission.GET_TASKS

android.permission.REAL_GET_TASKS

android.permission.PACKAGE_USAGE_STATS

com.firstorion.android.roboshield.READ_WL

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

com.freevpnintouch.permission.C2D_MESSAGE

android.permission.ACCESS_WIFI_STATE

android.permission.FOREGROUND_SERVICE

Sharing

General

Malware Config

Signatures

Files

com.freevpnintouch

com.pages.Starter

Activities

com.betternet.ui.dashboard.DashboardActivity

com.betternet.ui.premium.subscription.SubscriptionActivity

com.pages.Starter

Permissions

Receivers

com.betternet.firebase.PushNotificationReceiver

com.betternet.tracker.ReferrerReceiver

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.zendesk.sdk.power.BatteryStateBroadcastReceiver

com.zendesk.sdk.deeplinking.ZendeskDeepLinkingBroadcastReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

Services

com.vpnconnection.QuickConnectService

com.betternet.firebase.MessagingService

com.betternet.firebase.InstanceIdService

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.iid.FirebaseInstanceIdService

com.anchorfree.hydrasdk.vpnservice.AFVpnService

Android Permissions

11eafc28b694d9029e4880d71a07f39b