smsworm | 40f6d5a3ef0b2c88a01f761fb7c203124c2bcb1e6d6aed665f1a2c1bd36d6027 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

40f6d5a3ef0b2c88a01f761fb7c203124c2bcb1e6d6aed665f1a2c1bd36d6027
Size

14.8MB
MD5

4eaf2947ddb9f20247df04bc7ad54cbd
SHA1

18ef231cf7329536abc0af18ca3b1a119a6793d6
SHA256

40f6d5a3ef0b2c88a01f761fb7c203124c2bcb1e6d6aed665f1a2c1bd36d6027
SHA512

e7732ed8b8383da6295f38b28652a4e486641dbe4ab647566fe9507510d0dd13ed98f559b10941e454d79dcdd987b56fccc314cc03d318339fac003936fc876e
SSDEEP

393216:kIB28cvzbKVGC4yFkhnMcBdJNNo3q0oJyrZ/+sC5dGS8ProiP:l2r6gyFpmNEqPyr72dGSUrP

Score

10^/10

smsworm

Malware Config

Signatures

Android SMSWorm payload 1 IoCs

resource	yara_rule
sample	family_smsworm

Smsworm family
smsworm

Files

40f6d5a3ef0b2c88a01f761fb7c203124c2bcb1e6d6aed665f1a2c1bd36d6027
.apk android arch:arm64 arch:mips arch:arm

com.daws.slti

com.nupuit.qadul.activity.SplashActivity

Activities

com.facebook.CustomTabActivity

android.intent.action.VIEW

com.nupuit.qadul.activity.SplashActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
com.google.android.c2dm.permission.RECEIVE
com.daws.slti.permission.C2D_MESSAGE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.ACCESS_WIFI_STATE
android.permission.FOREGROUND_SERVICE

Receivers

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

com.facebook.sdk.ACTION_CURRENT_ACCESS_TOKEN_CHANGED

com.daws.slti.AuEdBl

android.intent.action.BOOT_COMPLETED

com.startapp.sdk.adsbase.remoteconfig.BootCompleteListener

android.intent.action.BOOT_COMPLETED

Services

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.iid.FirebaseInstanceIdService

com.google.firebase.INSTANCE_ID_EVENT

Android Permissions

40f6d5a3ef0b2c88a01f761fb7c203124c2bcb1e6d6aed665f1a2c1bd36d6027

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

com.google.android.c2dm.permission.RECEIVE

com.daws.slti.permission.C2D_MESSAGE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.ACCESS_WIFI_STATE

android.permission.FOREGROUND_SERVICE