3e49bcfc58defb6077e9661cadaa458c

General

Target

3e49bcfc58defb6077e9661cadaa458c
Size

20.7MB
MD5

3e49bcfc58defb6077e9661cadaa458c
SHA1

32021fe4bd5dd0f656e1f39aa60425f31e95d77d
SHA256

f89ef57c7df0a0fa0c323efeb13e063712ee3512c05ba9d40dff7fc20539fa04
SHA512

d9f2ffbcf412d8e84a6d7b3c77d5c91e40c7363c2730d36361be7e8a79afd1b1e6221207192762a2d9dbfe79ddc4dd81686b3c9b660e1c2cc0660781c73e491d
SSDEEP

393216:DX0l36NVqLplXEm9fyf/PnRQ7MjQz9PkTfnnOSjWebvr7LV1qG/RxrOJEz:DX+yqLplXEm9fyvRQ7UQzmfnOSVDzOGz

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 4 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS

Files

3e49bcfc58defb6077e9661cadaa458c
.apk android arch:arm64 arch:arm

ru.yandex.music

ru.yandex.music.url.ui.UrlActivity

Activities

ru.yandex.music.url.ui.UrlActivity

android.intent.action.VIEW
android.intent.action.VIEW
com.google.android.gms.actions.SEARCH_ACTION
android.media.action.MEDIA_PLAY_FROM_SEARCH

ru.yandex.music.player.DefaultLocalActivity

android.intent.action.VIEW

ru.yandex.music.auto.AutoActivity

com.bosch.myspin.action.MAIN

com.yandex.passport.internal.ui.router.RouterActivity

com.yandex.intent.ADD_ACCOUNT
com.yandex.passport.ACTION_SYSTEM_ADD_ACCOUNT

com.yandex.passport.internal.ui.browser.SocialBrowserDataActivity

android.intent.action.VIEW

com.yandex.passport.internal.ui.authsdk.AuthSdkActivity

com.yandex.auth.action.YA_SDK_LOGIN

com.yandex.passport.internal.ui.SocialApplicationBindActivity

com.yandex.auth.action.BIND_SOCIAL_APPLICATION

com.yandex.passport.internal.ui.SocialBindActivity

com.yandex.intent.BIND_SOCIAL_ACCOUNT

com.yandex.passport.internal.social.VkNativeSocialAuthActivity

com.yandex.passport.action.NATIVE_SOCIAL_VKONTAKTE_AUTH

com.yandex.passport.internal.social.GoogleNativeSocialAuthActivity

com.yandex.passport.action.NATIVE_SOCIAL_GOOGLE_AUTH
com.yandex.passport.action.NATIVE_MAILISH_GOOGLE_AUTH

com.yandex.passport.internal.ui.authwithtrack.SendAuthToTrackActivity

com.yandex.passport.action.SEND_AUTH_TO_TRACK

ru.yandex.speechkit.gui.RecognizerActivity

ru.yandex.speechkit.action.voice_recognition

com.yandex.passport.internal.social.FbNativeSocialAuthActivity

com.yandex.passport.action.NATIVE_SOCIAL_FACEBOOK_AUTH

Permissions

android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.WAKE_LOCK
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECORD_AUDIO
android.permission.BLUETOOTH
android.permission.MODIFY_AUDIO_SETTINGS
com.android.vending.BILLING
android.permission.VIBRATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.FOREGROUND_SERVICE
android.permission.GET_ACCOUNTS
android.permission.USE_CREDENTIALS
android.permission.MANAGE_ACCOUNTS
android.permission.AUTHENTICATE_ACCOUNTS
com.yandex.permission.READ_CREDENTIALS_YM
com.yandex.permission.AM_COMMUNICATION
com.google.android.c2dm.permission.RECEIVE
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
com.yandex.permission.ASSISTANT

Receivers

ru.yandex.music.utils.LoginAccountsChangedReceiver

com.yandex.accounts.LOGIN_ACCOUNTS_CHANGED

ru.yandex.music.ui.widget.WidgetProvider

android.appwidget.action.APPWIDGET_UPDATE

ru.yandex.music.common.service.player.MediaReceiver

android.intent.action.MEDIA_BUTTON

com.appsflyer.MultipleInstallBroadcastReceiver

com.android.vending.INSTALL_REFERRER

io.branch.referral.InstallListener

com.android.vending.INSTALL_REFERRER

ru.yandex.music.push.BootCompletedReceiver

android.intent.action.BOOT_COMPLETED

ru.yandex.music.push.SilentPushReceiver

ru.yandex.music.action.ymp.SILENT_PUSH_RECEIVE

com.yandex.passport.internal.core.announcing.AccountsChangedReceiver

android.accounts.LOGIN_ACCOUNTS_CHANGED
com.yandex.accounts.LOGIN_ACCOUNTS_CHANGED

com.yandex.passport.internal.core.announcing.PackageRemovedReceiver

android.intent.action.PACKAGE_FULLY_REMOVED

com.yandex.passport.internal.smsretriever.SmsRetrieverReceiver

com.google.android.gms.auth.api.phone.SMS_RETRIEVED

com.yandex.passport.internal.sso.announcing.SsoAnnouncingReceiver

com.yandex.passport.ACTION_SSO_ANNOUNCEMENT

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

com.yandex.metrica.MetricaEventHandler

com.android.vending.INSTALL_REFERRER

com.yandex.metrica.push.core.notification.MetricaPushBroadcastReceiver

com.yandex.metrica.push.action.NOTIFICATION_ACTION

com.yandex.metrica.push.core.notification.MetricaPushNotificationStatusChangeHandler

android.app.action.APP_BLOCK_STATE_CHANGED
android.app.action.NOTIFICATION_CHANNEL_BLOCK_STATE_CHANGED
android.app.action.NOTIFICATION_CHANNEL_GROUP_BLOCK_STATE_CHANGED

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

com.facebook.sdk.ACTION_CURRENT_ACCESS_TOKEN_CHANGED

Services

ru.yandex.music.common.service.player.MediaSessionService

ru.yandex.music.action.PLAY
ru.yandex.music.action.PAUSE
ru.yandex.music.action.SKIP
ru.yandex.music.action.REWIND
ru.yandex.music.action.STOP

com.yandex.passport.internal.core.auth.AuthenticationService

android.accounts.AccountAuthenticator
com.yandex.accounts.AccountAuthenticator

com.yandex.passport.internal.core.sync.SyncService

android.content.SyncAdapter

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.iid.FirebaseInstanceIdService

com.google.firebase.INSTANCE_ID_EVENT

com.yandex.metrica.MetricaService

com.yandex.metrica.IMetricaService

com.yandex.metrica.ConfigurationService

com.yandex.metrica.configuration.ACTION_INIT

com.yandex.metrica.push.firebase.MetricaMessagingService

com.google.firebase.MESSAGING_EVENT

com.yandex.metrica.push.firebase.MetricaInstanceIdService

com.google.firebase.INSTANCE_ID_EVENT

Android Permissions

3e49bcfc58defb6077e9661cadaa458c

Permissions

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.INTERNET

android.permission.WAKE_LOCK

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.RECORD_AUDIO

android.permission.BLUETOOTH

android.permission.MODIFY_AUDIO_SETTINGS

com.android.vending.BILLING

android.permission.VIBRATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.FOREGROUND_SERVICE

android.permission.GET_ACCOUNTS

android.permission.USE_CREDENTIALS

android.permission.MANAGE_ACCOUNTS

android.permission.AUTHENTICATE_ACCOUNTS

com.yandex.permission.READ_CREDENTIALS_YM

com.yandex.permission.AM_COMMUNICATION

com.google.android.c2dm.permission.RECEIVE

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

com.yandex.permission.ASSISTANT

Sharing

General

Malware Config

Signatures

Files

ru.yandex.music

ru.yandex.music.url.ui.UrlActivity

Activities

ru.yandex.music.url.ui.UrlActivity

ru.yandex.music.player.DefaultLocalActivity

ru.yandex.music.auto.AutoActivity

com.yandex.passport.internal.ui.router.RouterActivity

com.yandex.passport.internal.ui.browser.SocialBrowserDataActivity

com.yandex.passport.internal.ui.authsdk.AuthSdkActivity

com.yandex.passport.internal.ui.SocialApplicationBindActivity

com.yandex.passport.internal.ui.SocialBindActivity

com.yandex.passport.internal.social.VkNativeSocialAuthActivity

com.yandex.passport.internal.social.GoogleNativeSocialAuthActivity

com.yandex.passport.internal.ui.authwithtrack.SendAuthToTrackActivity

ru.yandex.speechkit.gui.RecognizerActivity

com.yandex.passport.internal.social.FbNativeSocialAuthActivity

Permissions

Receivers

ru.yandex.music.utils.LoginAccountsChangedReceiver

ru.yandex.music.ui.widget.WidgetProvider

ru.yandex.music.common.service.player.MediaReceiver

com.appsflyer.MultipleInstallBroadcastReceiver

io.branch.referral.InstallListener

ru.yandex.music.push.BootCompletedReceiver

ru.yandex.music.push.SilentPushReceiver

com.yandex.passport.internal.core.announcing.AccountsChangedReceiver

com.yandex.passport.internal.core.announcing.PackageRemovedReceiver

com.yandex.passport.internal.smsretriever.SmsRetrieverReceiver

com.yandex.passport.internal.sso.announcing.SsoAnnouncingReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.yandex.metrica.MetricaEventHandler

com.yandex.metrica.push.core.notification.MetricaPushBroadcastReceiver

com.yandex.metrica.push.core.notification.MetricaPushNotificationStatusChangeHandler

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

Services

ru.yandex.music.common.service.player.MediaSessionService

com.yandex.passport.internal.core.auth.AuthenticationService

com.yandex.passport.internal.core.sync.SyncService

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.iid.FirebaseInstanceIdService

com.yandex.metrica.MetricaService

com.yandex.metrica.ConfigurationService

com.yandex.metrica.push.firebase.MetricaMessagingService

com.yandex.metrica.push.firebase.MetricaInstanceIdService

Android Permissions

3e49bcfc58defb6077e9661cadaa458c