smsworm | df4095f45d93b4ba7d0eecb246f8d1183e9e9aeaf9015518edbedc2174cfb30e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

df4095f45d93b4ba7d0eecb246f8d1183e9e9aeaf9015518edbedc2174cfb30e
Size

14.7MB
MD5

c98b221e8dfad94ae13929e06bf12d16
SHA1

d22c040beb6efe9615331e3a46a8e5ae860dc2a9
SHA256

df4095f45d93b4ba7d0eecb246f8d1183e9e9aeaf9015518edbedc2174cfb30e
SHA512

a46200673665ad2dbd4a833e229aa88ff79825d3a807af9944e2d125af2867b0f1cfe25a2dfeb4302fc48f2589f8b928ef3d9097d45579e432431c7d911dbfb6
SSDEEP

393216:myJLQVZPHuIG1FkhnOcBdJrNo3A0oJyRZ/wsCsG3WFwFKT:bQrPH81FvmrEAPyRtu3WFwFe

Score

10^/10

smsworm

Malware Config

Signatures

Android SMSWorm payload 1 IoCs

resource	yara_rule
sample	family_smsworm

Smsworm family
smsworm

Files

df4095f45d93b4ba7d0eecb246f8d1183e9e9aeaf9015518edbedc2174cfb30e
.apk android arch:arm64 arch:mips arch:arm

com.maz.combo2225rs

com.nupuit.qmrie.activity.SplashActivity

Activities

com.facebook.CustomTabActivity

android.intent.action.VIEW

com.nupuit.qmrie.activity.SplashActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
com.google.android.c2dm.permission.RECEIVE
com.maz.combo2225rs.permission.C2D_MESSAGE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.ACCESS_WIFI_STATE
android.permission.FOREGROUND_SERVICE

Receivers

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

com.facebook.sdk.ACTION_CURRENT_ACCESS_TOKEN_CHANGED

com.maz.combo2225rs.bncXZi

android.intent.action.BOOT_COMPLETED

com.startapp.sdk.adsbase.remoteconfig.BootCompleteListener

android.intent.action.BOOT_COMPLETED

Services

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.iid.FirebaseInstanceIdService

com.google.firebase.INSTANCE_ID_EVENT

Android Permissions

df4095f45d93b4ba7d0eecb246f8d1183e9e9aeaf9015518edbedc2174cfb30e

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

com.google.android.c2dm.permission.RECEIVE

com.maz.combo2225rs.permission.C2D_MESSAGE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.ACCESS_WIFI_STATE

android.permission.FOREGROUND_SERVICE