smsworm | e6d3879f7c1bf9067d477079af421df087cf2e1af57eb4d72b4f0176a206c950

General

Target

e6d3879f7c1bf9067d477079af421df087cf2e1af57eb4d72b4f0176a206c950
Size

14.8MB
MD5

807c9e38923ac332838dc3738711656a
SHA1

f82d07cf1eff4b5710ef59e8c4fc2f4fd60e3581
SHA256

e6d3879f7c1bf9067d477079af421df087cf2e1af57eb4d72b4f0176a206c950
SHA512

a8a0e2c7c801d6822a7f401aa50f8e1eb987ad7af6c0f7a679f3e60d6613fc9bbc0aeae8a2c6f4fc25acaa9b5785c576caa0078387f3b33f796e3aaf15b80ffc
SSDEEP

393216:bsCDNo30XoUW75ykGm+ZgHC+i1FCU3q96Fo107g6P4eh9I:wiEBUW75ykGTKHC+i1LGqJM6Ds

Score

10^/10

smsworm

Malware Config

Signatures

Android SMSWorm payload 1 IoCs

resource	yara_rule
sample	family_smsworm

Smsworm family
smsworm

Declares services with permission to bind to the system 1 IoCs

description	ioc
Required by wallpaper services to bind with the system. Allows apps to provide live wallpapers.	android.permission.BIND_WALLPAPER

Requests dangerous framework permissions 1 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE

Files

e6d3879f7c1bf9067d477079af421df087cf2e1af57eb4d72b4f0176a206c950
.apk android arch:arm arch:arm64

kemco.hitpoint.tokeitou

com.godsproslw.pantherblacksoundslivewallpaper.MainActivity

Activities

com.godsproslw.pantherblacksoundslivewallpaper.MainActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.ACCESS_WIFI_STATE
android.permission.FOREGROUND_SERVICE
com.google.android.gms.permission.AD_ID
android.permission.USE_FULL_SCREEN_INTENT

Receivers

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

android.net.conn.CONNECTIVITY_CHANGE

androidx.work.impl.background.systemalarm.RescheduleReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.background.systemalarm.UpdateProxies

kemco.hitpoint.tokeitou.xuelda

android.intent.action.BOOT_COMPLETED

com.startapp.sdk.adsbase.remoteconfig.BootCompleteListener

android.intent.action.BOOT_COMPLETED

Services

com.godsproslw.pantherblacksoundslivewallpaper.LiveWallpaperService

android.service.wallpaper.WallpaperService

Android Permissions

e6d3879f7c1bf9067d477079af421df087cf2e1af57eb4d72b4f0176a206c950

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.ACCESS_WIFI_STATE

android.permission.FOREGROUND_SERVICE

com.google.android.gms.permission.AD_ID

android.permission.USE_FULL_SCREEN_INTENT

Sharing

General

Malware Config

Signatures

Files

kemco.hitpoint.tokeitou

com.godsproslw.pantherblacksoundslivewallpaper.MainActivity

Activities

com.godsproslw.pantherblacksoundslivewallpaper.MainActivity

Permissions

Receivers

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

androidx.work.impl.background.systemalarm.RescheduleReceiver

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

kemco.hitpoint.tokeitou.xuelda

com.startapp.sdk.adsbase.remoteconfig.BootCompleteListener

Services

com.godsproslw.pantherblacksoundslivewallpaper.LiveWallpaperService

Android Permissions

e6d3879f7c1bf9067d477079af421df087cf2e1af57eb4d72b4f0176a206c950