KuraVPN-Android[.]apk

General

Target

KuraVPN-Android.apk
Size

39.6MB
MD5

c8700b48936beaced0ce7b597ab9c04c
SHA1

d73cfb0bb69b7785ce0365a56fa0bf07c94cfafc
SHA256

abfe85804297653ffcb12069ba1d98913596e7b40496602abe5ee50d4dbdde1c
SHA512

4fd9f820bb840d5156d866fff60d06f059fd765fabf290aa1a46d9f8e7d2adb79533b9d4daf2087f22724af442ad5dfcfc64f876190a7d1e21221cdfd260631f
SSDEEP

786432:EVuEz2OLc+lv+n2zj9OaF17B7hQadW5Xdif5EmF+HziepV/HUfhW6yL:Azlv+2zj95zH5W5NiOdzieL0fYFL

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 1 IoCs

description	ioc
Required by VPN services to bind with the system. Allows apps to provision VPN services.	android.permission.BIND_VPN_SERVICE

Requests dangerous framework permissions 2 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE

Files

KuraVPN-Android.apk
.apk android arch:x86 arch:arm64 arch:x64 arch:arm

com.job.net

com.job.net.MainActivity

Activities

com.job.net.MainActivity

android.intent.action.MAIN

Permissions

android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.FOREGROUND_SERVICE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WAKE_LOCK
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
android.permission.ACCESS_WIFI_STATE
com.android.vending.BILLING

Receivers

org.outline.vpn.VpnServiceStarter

android.intent.action.BOOT_COMPLETED
android.intent.action.MY_PACKAGE_REPLACED

com.borismus.webintent.WebIntent$ReferralReceiver

com.android.vending.INSTALL_REFERRER

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

android.net.conn.CONNECTIVITY_CHANGE

androidx.work.impl.background.systemalarm.RescheduleReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.background.systemalarm.UpdateProxies

Services

org.outline.vpn.VpnTunnelService

android.net.VpnService

Android Permissions

KuraVPN-Android.apk

Permissions

android.permission.ACCESS_NETWORK_STATE

android.permission.CHANGE_NETWORK_STATE

android.permission.FOREGROUND_SERVICE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.WAKE_LOCK

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

android.permission.ACCESS_WIFI_STATE

com.android.vending.BILLING

Sharing

General

Malware Config

Signatures

Files

com.job.net

com.job.net.MainActivity

Activities

com.job.net.MainActivity

Permissions

Receivers

org.outline.vpn.VpnServiceStarter

com.borismus.webintent.WebIntent$ReferralReceiver

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

androidx.work.impl.background.systemalarm.RescheduleReceiver

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

Services

org.outline.vpn.VpnTunnelService

Android Permissions

KuraVPN-Android.apk