wipelock | 816cb2bcbece02801fe36152055da4d4e8c77cbb7c45da51aa0ded257a7832c8[.]apk

General

Target

816cb2bcbece02801fe36152055da4d4e8c77cbb7c45da51aa0ded257a7832c8.apk
Size

549KB
MD5

3e6f2634684e9c01906ea1a161939b31
SHA1

8683d1b05694e86037e28bf4c4d584615ba5b85c
SHA256

816cb2bcbece02801fe36152055da4d4e8c77cbb7c45da51aa0ded257a7832c8
SHA512

a8b020bc26e91a027737898152f8f45c9483437650062fe93436b1d137703b9e18a85ced849a5641354527fb25126b03ec729a2256513d92a7fafdeff96900ff
SSDEEP

12288:pVH6+G//njU81lWGi+MuDxx5cVS3EVqPlR6i0Ci3jM34D9Z:pd6+GQ81lPLDxPOS3EW6i0C+M3SZ

Score

10^/10

wipelock

Malware Config

Signatures

Wipelock Android payload 1 IoCs

Processes:

resource yara_rule

sample family_wipelock
Wipelock family
wipelock

resource	yara_rule
sample	family_wipelock

Declares broadcast receivers with permission to handle system events 1 IoCs

Processes:

description	ioc
Required by device admin receivers to bind with the system. Allows apps to manage device administration features.	android.permission.BIND_DEVICE_ADMIN

Requests dangerous framework permissions 8 IoCs

Processes:

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS

Files

816cb2bcbece02801fe36152055da4d4e8c77cbb7c45da51aa0ded257a7832c8.apk
.apk android

com.scott.fnaf2

com.elite.MainActivity

Activities

com.elite.MainActivity

android.intent.action.MAIN

com.elite.UninstallAdminDevice

android.intent.action.SEND

Permissions

android.permission.GET_TASKS
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_SMS
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.READ_CONTACTS
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WRITE_SETTINGS
android.permission.WAKE_LOCK

Receivers

com.elite.AdminReciever

android.app.action.DEVICE_ADMIN_ENABLED

com.elite.SMSReceiver

android.provider.Telephony.SMS_RECEIVED

com.elite.BootReceiver

android.intent.action.BOOT_COMPLETED

Services

Android Permissions

816cb2bcbece02801fe36152055da4d4e8c77cbb7c45da51aa0ded257a7832c8.apk

Permissions

android.permission.GET_TASKS

android.permission.READ_PHONE_STATE

android.permission.RECEIVE_SMS

android.permission.SEND_SMS

android.permission.READ_SMS

android.permission.WRITE_SMS

android.permission.READ_CONTACTS

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.WRITE_SETTINGS

android.permission.WAKE_LOCK

Sharing

General

Malware Config

Signatures

Files

com.scott.fnaf2

com.elite.MainActivity

Activities

com.elite.MainActivity

com.elite.UninstallAdminDevice

Permissions

Receivers

com.elite.AdminReciever

com.elite.SMSReceiver

com.elite.BootReceiver

Services

Android Permissions

816cb2bcbece02801fe36152055da4d4e8c77cbb7c45da51aa0ded257a7832c8.apk