ebb72592-fb25-4c96-8b59-98f9324288b9_#3950_LATEST_VERSION[.]apk

General

Target

ebb72592-fb25-4c96-8b59-98f9324288b9_#3950_LATEST_VERSION.apk
Size

61.7MB
MD5

3b692a301dc60814b3b18f846f513427
SHA1

fdcf2264ba3409d939e77a7e621f1e8600dce8ba
SHA256

c3c057b1ca9c0bbeb215574e859f7cb16ceb42ccb97f288886168a7d1dce0d6c
SHA512

436d4be8b6f0c1dc156fd87743bfb2c1d3db718e23686c0831cd9a9c043c6beb81849b02c0031cb757242b6a2b446e89409e7a037818984458eafe224240b901
SSDEEP

786432:iQkMLYSWlYqvHiB/IBg5JrQBwpb2nSheKUKU7ndHp3m7J8Ym4kwghKatWHqHceHP:Xx5WltvCxQBwGnsfkwgdfceHqbZwz

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 9 IoCs

description	ioc
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to post notifications.	android.permission.POST_NOTIFICATIONS
Allows an application to read image files from external storage.	android.permission.READ_MEDIA_IMAGES
Allows an application to read video files from external storage.	android.permission.READ_MEDIA_VIDEO
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to record audio.	android.permission.RECORD_AUDIO

Files

ebb72592-fb25-4c96-8b59-98f9324288b9_#3950_LATEST_VERSION.apk
.apk android arch:arm64 arch:arm arch:x86 arch:x64

my.com.gxbank.app

com.grab.digibank.app.splash.SplashScreen

Activities

com.grab.digibank.app.splash.SplashScreen

android.intent.action.MAIN

com.grab.digibank.sdk.rtc.push.DeeplinkActivity

android.intent.action.VIEW
android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_CONTACTS
android.permission.CAMERA
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.POST_NOTIFICATIONS
android.permission.ACCESS_WIFI_STATE
android.permission.USE_BIOMETRIC
android.permission.READ_MEDIA_IMAGES
android.permission.READ_MEDIA_VIDEO
android.permission.ACCESS_COARSE_LOCATION
android.permission.RECORD_AUDIO
android.permission.VIBRATE
android.permission.NFC
android.permission.WAKE_LOCK
android.permission.USE_FINGERPRINT
com.google.android.c2dm.permission.RECEIVE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.FOREGROUND_SERVICE
my.com.gxbank.app.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION
my.com.gxbank.app.permission.PROCESS_PUSH_MSG
my.com.gxbank.app.permission.PUSH_PROVIDER

Receivers

com.salesforce.marketingcloud.MCReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.ACTION_SHUTDOWN
android.intent.action.MY_PACKAGE_REPLACED
android.intent.action.TIMEZONE_CHANGED
my.com.gxbank.app.com.salesforce.marketingcloud.WAKE_FOR_ALARM

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

com.salesforce.marketingcloud.sfmcsdk.SFMCSdkReceiver

android.intent.action.MY_PACKAGE_REPLACED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

android.net.conn.CONNECTIVITY_CHANGE

androidx.work.impl.background.systemalarm.RescheduleReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.background.systemalarm.UpdateProxies

androidx.work.impl.diagnostics.DiagnosticsReceiver

androidx.work.diagnostics.REQUEST_DIAGNOSTICS

com.huawei.hms.support.api.push.PushMsgReceiver

com.huawei.intent.action.PUSH_DELAY_NOTIFY
com.huawei.intent.action.PUSH

com.huawei.hms.support.api.push.PushReceiver

com.huawei.android.push.intent.REGISTRATION
com.huawei.android.push.intent.RECEIVE

androidx.profileinstaller.ProfileInstallReceiver

androidx.profileinstaller.action.INSTALL_PROFILE

Services

com.grab.digibank.sdk.rtc2.pushservice.GxsFirebaseService

com.google.firebase.MESSAGING_EVENT

com.grab.digibank.sdk.rtc2.pushservice.GxsHmsService

com.huawei.push.action.MESSAGING_EVENT

com.salesforce.marketingcloud.messages.push.MCFirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.huawei.hms.support.api.push.service.HmsMsgService

com.huawei.push.msg.NOTIFY_MSG
com.huawei.push.msg.PASSBY_MSG

Android Permissions

ebb72592-fb25-4c96-8b59-98f9324288b9_#3950_LATEST_VERSION.apk

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_CONTACTS

android.permission.CAMERA

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.POST_NOTIFICATIONS

android.permission.ACCESS_WIFI_STATE

android.permission.USE_BIOMETRIC

android.permission.READ_MEDIA_IMAGES

android.permission.READ_MEDIA_VIDEO

android.permission.ACCESS_COARSE_LOCATION

android.permission.RECORD_AUDIO

android.permission.VIBRATE

android.permission.NFC

android.permission.WAKE_LOCK

android.permission.USE_FINGERPRINT

com.google.android.c2dm.permission.RECEIVE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.FOREGROUND_SERVICE

my.com.gxbank.app.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

my.com.gxbank.app.permission.PROCESS_PUSH_MSG

my.com.gxbank.app.permission.PUSH_PROVIDER

Sharing

General

Malware Config

Signatures

Files

my.com.gxbank.app

com.grab.digibank.app.splash.SplashScreen

Activities

com.grab.digibank.app.splash.SplashScreen

com.grab.digibank.sdk.rtc.push.DeeplinkActivity

Permissions

Receivers

com.salesforce.marketingcloud.MCReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.salesforce.marketingcloud.sfmcsdk.SFMCSdkReceiver

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

androidx.work.impl.background.systemalarm.RescheduleReceiver

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.diagnostics.DiagnosticsReceiver

com.huawei.hms.support.api.push.PushMsgReceiver

com.huawei.hms.support.api.push.PushReceiver

androidx.profileinstaller.ProfileInstallReceiver

Services

com.grab.digibank.sdk.rtc2.pushservice.GxsFirebaseService

com.grab.digibank.sdk.rtc2.pushservice.GxsHmsService

com.salesforce.marketingcloud.messages.push.MCFirebaseMessagingService

com.google.firebase.messaging.FirebaseMessagingService

com.huawei.hms.support.api.push.service.HmsMsgService

Android Permissions

ebb72592-fb25-4c96-8b59-98f9324288b9_#3950_LATEST_VERSION.apk