6a70eba68dc3824a91c9d1e27fe0098c[.]bin

General

Target

6a70eba68dc3824a91c9d1e27fe0098c.bin
Size

11.7MB
MD5

6a70eba68dc3824a91c9d1e27fe0098c
SHA1

d843b71a1fcc5740a17d860efb7a3ebfcfbd767d
SHA256

7f9e6de073d97634f965517aebec9adf462a3d3b162d753b3f5b559509f29cc0
SHA512

b2d7ccd2d4c97bc0c9d98b275597cdc7a495ad9944eff2a45a7134af56e5c2cdf475faba37cd4ebce57de41382e178ab901188dc96fff56ba304056d9eb6205d
SSDEEP

196608:GewbHlTmVfFKoNiperCpgkOL62DVvdlatb195Imay1tbYItW:Gl7YFFN/6wlatb19GctblW

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 4 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES
Allows an application to collect component usage statistics.	android.permission.PACKAGE_USAGE_STATS

Files

6a70eba68dc3824a91c9d1e27fe0098c.bin
.apk android arch:arm64 arch:arm

com.sec.android.app.myfiles

com.sec.android.app.myfiles.external.ui.MainActivity

Activities

com.sec.android.app.myfiles.external.ui.MainActivity

android.intent.action.MAIN
android.intent.action.SEARCH
android.intent.action.VIEW_DOWNLOADS
samsung.myfiles.intent.action.EXECUTABLE_RECENT
com.sec.android.app.myfiles.ENTER_ONEDRIVE
com.sec.android.app.myfiles.VIEW_CATEGORY
android.intent.action.VIEW
com.sec.android.app.myfiles.CREATE_DOCUMENT
com.sec.android.app.myfiles.RUN_STORAGE_ANALYSIS

com.sec.android.app.myfiles.external.ui.MultiInstanceLaunchActivity

samsung.myfiles.intent.action.LAUNCH_MY_FILES
com.sec.android.app.myfiles.OPEN_OPERATION_DESTINATION

com.sec.android.app.myfiles.external.ui.SettingsActivity

com.sec.android.intent.action.SEC_APPLICATION_SETTINGS
com.sec.android.app.myfiles.SIGN_OUT_ONEDRIVE

com.sec.android.app.myfiles.external.ui.NetworkStorageManageActivity

com.sec.android.app.myfiles.MANAGE_NETWORK_STORAGE_MANAGE

com.sec.android.app.myfiles.external.account.GoogleDriveLoginActivity

com.sec.android.intent.action.sign_in_google_account
com.sec.android.intent.action.passwd_check_google_account

com.sec.android.app.myfiles.external.account.OneDriveLoginActivity

com.sec.android.intent.action.sign_in_onedrive_account

com.microsoft.identity.client.BrowserTabActivity

android.intent.action.VIEW

com.sec.android.app.myfiles.external.ui.BixbyActivity

com.sec.android.intent.action.bixby_file_open
android.intent.action.VIEW

com.sec.android.app.myfiles.external.ui.PickerActivity

com.sec.android.app.myfiles.PICK_DATA
com.sec.android.app.myfiles.PICK_DATA_MULTIPLE
com.sec.android.app.myfiles.PICK_DATA_DOWNLOAD
com.sec.android.app.myfiles.PICK_SELECT_PATH
com.samsung.android.support.executable
android.intent.action.GET_CONTENT

com.sec.android.app.myfiles.external.ui.PermissionNoticeActivity

com.sec.android.app.secsetupwizard.APP_PERMISSIONS_FOR_CHINA
com.samsung.android.spv.ACTION_VIEW_DETAIL

Permissions

com.samsung.android.app.networkstoragemanager.permission.START_NSM_SERVICE
com.samsung.android.providers.media.READ
com.samsung.android.providers.media.WRITE
android.permission.INTERACT_ACROSS_USERS
android.permission.INTERACT_ACROSS_USERS_FULL
com.sec.android.app.myfiles.permission.MOVE_TO_KNOX_BY_DND
com.sec.permission.ACCESSBILITY_SHARING
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WRITE_MEDIA_STORAGE
android.permission.VIBRATE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.ACCESS_ALL_DOWNLOADS
android.permission.MANAGE_USERS
sidesync.app.action.permission.KMS_FILETRANSFER_DRAG_FILEINFO
com.samsung.android.providers.context.permission.WRITE_USE_APP_FEATURE_SURVEY
android.permission.WAKE_LOCK
android.permission.RECEIVE_BOOT_COMPLETED
com.samsung.android.app.simplesharing.READ_CONTENTS
com.samsung.android.app.simplesharing.WRITE_CONTENTS
android.permission.GET_ACCOUNTS_PRIVILEGED
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PRIVILEGED_PHONE_STATE
com.sec.spp.permission.TOKEN_2381fdf4dc3fcec874742ba95463edde982381fb681bec4bf6ab25a79a20914a63e80b55cced80a873e05b8c5fc6d610e329565a46de3b7af760ab3cf274ea8bbc6cc06f0c579b2ea489a79eb6665372cbb3946f8b8e15f34b56ddd6a1a45585e1b2457f5e4d9cde6365208279419977c30277e844533fddcab4d82ac401beba
com.sec.android.app.samsungapps.accesspermission.UPDATE_EXISTS
android.permission.REQUEST_INSTALL_PACKAGES
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
com.sec.android.diagmonagent.permission.DIAGMON
com.sec.android.diagmonagent.permission.PROVIDER
com.sec.knox.bridge.permission.FILE_OPERATION_HANDLER
android.permission.FOREGROUND_SERVICE
com.samsung.android.settings.permission.ACCESS_EPISODE
com.sec.android.permission.SAMSUNG_FLOW_RECEIVER_PERMISSION
dexonpc.app.action.permission.KMS_FILETRANSFER_DRAG_FILEINFO
com.samsung.android.app.networkstoragemanager.ACCESS_NETWORK_STORAGE_SERVICE
com.samsung.android.rubin.app.ui.permission.LAUNCH_RUBIN_SETTING
com.samsung.android.rubin.context.permission.READ_CONTEXT_MANAGER
com.samsung.android.rubin.persona.permission.READ_PERSONA_MANAGER
com.samsung.android.rubin.debugmode.ACCESS_DEBUG_MODE
com.samsung.android.bixby.service.bixbysearch.permission.BIXBY_SEARCH
android.permission.PACKAGE_USAGE_STATS
android.permission.INTERNET

Receivers

com.sec.android.app.myfiles.external.receiver.MyFilesReceiver

com.samsung.intent.action.MTP_FILE_SCAN
com.sec.android.app.myfiles.HOME_SHORTCUT_INFO
android.intent.action.LOCALE_CHANGED
android.os.storage.action.VOLUME_STATE_CHANGED
android.intent.action.TIMEZONE_CHANGED
android.intent.action.TIME_SET

com.sec.android.app.myfiles.external.receiver.DownloadReceiver

com.samsung.android.coreapps.rshare.intent.ACTION_DOWNLOAD_COMPLETED

com.sec.android.app.myfiles.external.receiver.MoveToSecureFolderCompletedReceiver

com.sec.knox.bridge.service.ACTION_FILE_OPERATIONS_DONE

com.sec.android.app.myfiles.external.receiver.StorageMonitorReceiver

android.intent.action.LOCALE_CHANGED
android.intent.action.BOOT_COMPLETED
android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK
com.sec.android.app.myfiles.INTERNAL_STORAGE_OK

com.sec.android.app.myfiles.external.receiver.OperationFinishReceiver

com.sec.android.app.myfiles.OPERATION_FINISHED
com.sec.android.app.myfiles.DELETE_OPERATION_NOTIFICATION

com.sec.android.app.myfiles.external.receiver.AccountRemovedReceiver

android.accounts.action.ACCOUNT_REMOVED

com.sec.android.app.myfiles.external.receiver.AppUpdateReceiver

android.intent.action.MY_PACKAGE_REPLACED
com.sec.android.app.samsungapps.UPDATE_EXISTS

com.sec.android.app.myfiles.external.receiver.DoPReceiver

com.sec.android.app.dexonpc.file_transmit_finished_download

com.sec.android.app.myfiles.external.receiver.KnoxRestrictionsReceiver

com.samsung.android.knox.intent.action.KNOX_RESTRICTIONS_CHANGED_INTERNAL

com.sec.android.app.myfiles.external.receiver.CustomizationServiceReceiver

android.intent.action.PROVIDER_CHANGED

Services

Android Permissions

6a70eba68dc3824a91c9d1e27fe0098c.bin

Permissions

com.samsung.android.app.networkstoragemanager.permission.START_NSM_SERVICE

com.samsung.android.providers.media.READ

com.samsung.android.providers.media.WRITE

android.permission.INTERACT_ACROSS_USERS

android.permission.INTERACT_ACROSS_USERS_FULL

com.sec.android.app.myfiles.permission.MOVE_TO_KNOX_BY_DND

com.sec.permission.ACCESSBILITY_SHARING

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.WRITE_MEDIA_STORAGE

android.permission.VIBRATE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.ACCESS_ALL_DOWNLOADS

android.permission.MANAGE_USERS

sidesync.app.action.permission.KMS_FILETRANSFER_DRAG_FILEINFO

com.samsung.android.providers.context.permission.WRITE_USE_APP_FEATURE_SURVEY

android.permission.WAKE_LOCK

android.permission.RECEIVE_BOOT_COMPLETED

com.samsung.android.app.simplesharing.READ_CONTENTS

com.samsung.android.app.simplesharing.WRITE_CONTENTS

android.permission.GET_ACCOUNTS_PRIVILEGED

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_PRIVILEGED_PHONE_STATE

com.sec.spp.permission.TOKEN_2381fdf4dc3fcec874742ba95463edde982381fb681bec4bf6ab25a79a20914a63e80b55cced80a873e05b8c5fc6d610e329565a46de3b7af760ab3cf274ea8bbc6cc06f0c579b2ea489a79eb6665372cbb3946f8b8e15f34b56ddd6a1a45585e1b2457f5e4d9cde6365208279419977c30277e844533fddcab4d82ac401beba

com.sec.android.app.samsungapps.accesspermission.UPDATE_EXISTS

android.permission.REQUEST_INSTALL_PACKAGES

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher.permission.UNINSTALL_SHORTCUT

com.sec.android.diagmonagent.permission.DIAGMON

com.sec.android.diagmonagent.permission.PROVIDER

com.sec.knox.bridge.permission.FILE_OPERATION_HANDLER

android.permission.FOREGROUND_SERVICE

com.samsung.android.settings.permission.ACCESS_EPISODE

com.sec.android.permission.SAMSUNG_FLOW_RECEIVER_PERMISSION

dexonpc.app.action.permission.KMS_FILETRANSFER_DRAG_FILEINFO

com.samsung.android.app.networkstoragemanager.ACCESS_NETWORK_STORAGE_SERVICE

com.samsung.android.rubin.app.ui.permission.LAUNCH_RUBIN_SETTING

com.samsung.android.rubin.context.permission.READ_CONTEXT_MANAGER

com.samsung.android.rubin.persona.permission.READ_PERSONA_MANAGER

com.samsung.android.rubin.debugmode.ACCESS_DEBUG_MODE

com.samsung.android.bixby.service.bixbysearch.permission.BIXBY_SEARCH

android.permission.PACKAGE_USAGE_STATS

android.permission.INTERNET

Sharing

General

Malware Config

Signatures

Files

com.sec.android.app.myfiles

com.sec.android.app.myfiles.external.ui.MainActivity

Activities

com.sec.android.app.myfiles.external.ui.MainActivity

com.sec.android.app.myfiles.external.ui.MultiInstanceLaunchActivity

com.sec.android.app.myfiles.external.ui.SettingsActivity

com.sec.android.app.myfiles.external.ui.NetworkStorageManageActivity

com.sec.android.app.myfiles.external.account.GoogleDriveLoginActivity

com.sec.android.app.myfiles.external.account.OneDriveLoginActivity

com.microsoft.identity.client.BrowserTabActivity

com.sec.android.app.myfiles.external.ui.BixbyActivity

com.sec.android.app.myfiles.external.ui.PickerActivity

com.sec.android.app.myfiles.external.ui.PermissionNoticeActivity

Permissions

Receivers

com.sec.android.app.myfiles.external.receiver.MyFilesReceiver

com.sec.android.app.myfiles.external.receiver.DownloadReceiver

com.sec.android.app.myfiles.external.receiver.MoveToSecureFolderCompletedReceiver

com.sec.android.app.myfiles.external.receiver.StorageMonitorReceiver

com.sec.android.app.myfiles.external.receiver.OperationFinishReceiver

com.sec.android.app.myfiles.external.receiver.AccountRemovedReceiver

com.sec.android.app.myfiles.external.receiver.AppUpdateReceiver

com.sec.android.app.myfiles.external.receiver.DoPReceiver

com.sec.android.app.myfiles.external.receiver.KnoxRestrictionsReceiver

com.sec.android.app.myfiles.external.receiver.CustomizationServiceReceiver

Services

Android Permissions

6a70eba68dc3824a91c9d1e27fe0098c.bin