car-parking-multiplayer-v4[.]8[.]16[.]5-mod1[.]apk

General

Target

car-parking-multiplayer-v4.8.16.5-mod1.apk
Size

937.7MB
MD5

352573ac00ada52d49557115c8092f4a
SHA1

02b88e815fe87adde16b8b96503f05bb9398cacb
SHA256

c1c80503d5886468d87684003a968ba6f141d67c073d5962bb3413c82c05d831
SHA512

c7225fb50ae51a0486ea905101d85d3e25a32f3349630a97e6022e5f37c76f73752a5df1e317ded6219cd9d0a7e2fbd4091c52915a78f1779804c3df1aeff623
SSDEEP

25165824:mCT3/zRhQc4vpXmKrrTofAtJz/1QhL3Sxb:l3/9aZv1rnoib1mSxb

Score

8^/10

macro macro_on_action

Malware Config

Signatures

Office macro that triggers on suspicious action 2 IoCs

Office document macro which triggers in special circumstances - often malicious.

macro macro_on_action

resource	yara_rule
sample	office_macro_on_action
static1/unpack001/origin.apk	office_macro_on_action

Requests dangerous framework permissions 2 IoCs

description	ioc
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an app to post notifications.	android.permission.POST_NOTIFICATIONS

Files

car-parking-multiplayer-v4.8.16.5-mod1.apk
.apk android arch:arm64 arch:arm

com.olzhas.carparking.multyplayer

com.google.firebase.MessagingUnityPlayerActivity

Activities

com.google.firebase.MessagingUnityPlayerActivity

android.intent.action.MAIN

com.google.firebase.auth.internal.GenericIdpActivity

android.intent.action.VIEW

com.google.firebase.auth.internal.RecaptchaActivity

android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.RECORD_AUDIO
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.BLUETOOTH
android.permission.WAKE_LOCK
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.FOREGROUND_SERVICE
com.android.vending.BILLING
com.google.android.gms.permission.AD_ID
com.google.android.c2dm.permission.RECEIVE
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
android.permission.POST_NOTIFICATIONS
com.olzhas.carparking.multyplayer.permission.C2D_MESSAGE

Receivers

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

android.net.conn.CONNECTIVITY_CHANGE

androidx.work.impl.background.systemalarm.RescheduleReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.background.systemalarm.UpdateProxies

androidx.work.impl.diagnostics.DiagnosticsReceiver

androidx.work.diagnostics.REQUEST_DIAGNOSTICS

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

Services

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.messaging.cpp.ListenerService

com.google.firebase.MESSAGING_EVENT
origin.apk
.apk android arch:arm64 arch:arm

com.olzhas.carparking.multyplayer

com.google.firebase.MessagingUnityPlayerActivity

Activities

com.google.firebase.MessagingUnityPlayerActivity

android.intent.action.MAIN

com.google.firebase.auth.internal.GenericIdpActivity

android.intent.action.VIEW

com.google.firebase.auth.internal.RecaptchaActivity

android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.RECORD_AUDIO
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.BLUETOOTH
android.permission.WAKE_LOCK
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.FOREGROUND_SERVICE
com.android.vending.BILLING
com.google.android.gms.permission.AD_ID
com.google.android.c2dm.permission.RECEIVE
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
android.permission.POST_NOTIFICATIONS
com.olzhas.carparking.multyplayer.permission.C2D_MESSAGE

Receivers

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

android.net.conn.CONNECTIVITY_CHANGE

androidx.work.impl.background.systemalarm.RescheduleReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.background.systemalarm.UpdateProxies

androidx.work.impl.diagnostics.DiagnosticsReceiver

androidx.work.diagnostics.REQUEST_DIAGNOSTICS

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

Services

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.messaging.cpp.ListenerService

com.google.firebase.MESSAGING_EVENT

Android Permissions

car-parking-multiplayer-v4.8.16.5-mod1.apk

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.RECORD_AUDIO

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.BLUETOOTH

android.permission.WAKE_LOCK

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.FOREGROUND_SERVICE

com.android.vending.BILLING

com.google.android.gms.permission.AD_ID

com.google.android.c2dm.permission.RECEIVE

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

android.permission.POST_NOTIFICATIONS

com.olzhas.carparking.multyplayer.permission.C2D_MESSAGE

Sharing

General

Malware Config

Signatures

Files

com.olzhas.carparking.multyplayer

com.google.firebase.MessagingUnityPlayerActivity

Activities

com.google.firebase.MessagingUnityPlayerActivity

com.google.firebase.auth.internal.GenericIdpActivity

com.google.firebase.auth.internal.RecaptchaActivity

Permissions

Receivers

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

androidx.work.impl.background.systemalarm.RescheduleReceiver

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.diagnostics.DiagnosticsReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

Services

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.messaging.cpp.ListenerService

com.olzhas.carparking.multyplayer

com.google.firebase.MessagingUnityPlayerActivity

Activities

com.google.firebase.MessagingUnityPlayerActivity

com.google.firebase.auth.internal.GenericIdpActivity

com.google.firebase.auth.internal.RecaptchaActivity

Permissions

Receivers

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

androidx.work.impl.background.systemalarm.RescheduleReceiver

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.diagnostics.DiagnosticsReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

Services

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.messaging.cpp.ListenerService

Android Permissions

car-parking-multiplayer-v4.8.16.5-mod1.apk