slocker | 5251a356421340a45c8dc6d431ef8a8cbca4078a0305a87f4fbd552e9fc0793e[.]zip

General

Target

5251a356421340a45c8dc6d431ef8a8cbca4078a0305a87f4fbd552e9fc0793e.zip
Size

2.5MB
MD5

bb977abaa08d63bd0e5438f3015bce6d
SHA1

98294465ab2f0bff77270f0cc648eaac9a585a6d
SHA256

fea1a6bd6bc3998c6c66042ddec81e572ee2603ff79612168bfd014fd042fb30
SHA512

b9eb6d1e5c5da6458f6db7819b1d3f8a416dc9756c69a45eee1a0132b7086d77f5fdea5ab34a13621d80759793c00408b6afd82c7f0115606c577d9bff816fa6
SSDEEP

49152:XuBrGFWhEcoh8VM91h5FeYYD0DmsGSTujyFimO992evn/TNMoKdQ2NXmJ:eBac3ohKMnfFBqspFXy92evnxZb

Score

10^/10

slocker

SLocker payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/5251a356421340a45c8dc6d431ef8a8cbca4078a0305a87f4fbd552e9fc0793e.apk	family_slocker_1

Requests dangerous framework permissions 7 IoCs

Processes:

description	ioc
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Required to be able to access the camera device.	android.permission.CAMERA

5251a356421340a45c8dc6d431ef8a8cbca4078a0305a87f4fbd552e9fc0793e.zip
.zip

Password: infected
5251a356421340a45c8dc6d431ef8a8cbca4078a0305a87f4fbd552e9fc0793e.apk
.apk android

com.XPhantom.id

com.XPhantom.id.MainActivity

Activities

com.XPhantom.id.MainActivity

android.intent.action.MAIN

Permissions

android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.SET_WALLPAPER
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_CONTACTS
android.permission.READ_SMS
android.permission.ACCESS_FINE_LOCATION
android.permission.WAKE_LOCK
android.permission.INTERNET
android.permission.REQUEST_INSTALL_PACKAGE
android.permission.CAMERA

Receivers

com.XPhantom.id.BootReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

Services