BOOM[.]apk | Triage

General

Target

BOOM.apk
Size

14.4MB
MD5

aab1478d9e9a03e90c6b3c1a4cf2d40d
SHA1

605870101fdc14550e1ee4190347c50a67b65793
SHA256

a8740c555d0d8c6bf66c2ee9e02ce4c24a7e83c4ee4c8a4cfe6ed3c917fdb464
SHA512

cf1232f6958c3fcd92c2d3dfcff997137349e7132c437065b7dba5bb495e997e2f75aa39afb84c63ba1352d2250e4c6345cc85de55aa8eef5c691b5d668f409f
SSDEEP

393216:rA2AGcv8wy6MaztE7VEBYjSHYJviw9zlBvI:MEwy6dRE7CY2YJvi4lBvI

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 2 IoCs

description	ioc
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE

Files

BOOM.apk
.apk android

com.uma.musicvk

ru.mail.moosic.ui.main.MainActivity

Activities

ru.mail.moosic.ui.main.MainActivity

android.intent.action.MAIN
android.media.action.MEDIA_PLAY_FROM_SEARCH

ru.mail.moosic.ui.deeplink.DeepLinkResolveActivity

android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

com.vk.superapp.logs.SuperappDebugLogsActivity

android.intent.action.VIEW

Permissions

android.permission.QUERY_ALL_PACKAGES
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.FOREGROUND_SERVICE
android.permission.WAKE_LOCK
com.android.vending.BILLING
android.permission.VIBRATE
com.android.launcher.permission.INSTALL_SHORTCUT
android.permission.USE_BIOMETRIC
android.provider.Telephony.SMS_RECEIVED
android.permission.READ_PHONE_STATE
android.permission.USE_FINGERPRINT
android.permission.RECEIVE_BOOT_COMPLETED
com.google.android.c2dm.permission.RECEIVE
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

Receivers

com.my.tracker.campaign.MultipleInstallReceiver

com.android.vending.INSTALL_REFERRER

ru.mail.moosic.player.MyMediaButtonReceiver

android.intent.action.MEDIA_BUTTON

ru.mail.moosic.service.offlinetracks.MountStorageBroadcastReceiver

android.intent.action.MEDIA_MOUNTED

ru.mail.moosic.ui.widget.PlayerAppWidget

android.appwidget.action.APPWIDGET_UPDATE
ru.mail.moosic.widget.CONTROL

com.appsflyer.SingleInstallBroadcastReceiver

com.android.vending.INSTALL_REFERRER

com.vk.superapp.logs.DebugBroadcastReceiver

android.provider.Telephony.SECRET_CODE

com.vk.superapp.browser.utils.LoadingBroadcastReceiver

android.intent.action.DOWNLOAD_COMPLETE

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

android.net.conn.CONNECTIVITY_CHANGE

androidx.work.impl.background.systemalarm.RescheduleReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.background.systemalarm.UpdateProxies

androidx.work.impl.diagnostics.DiagnosticsReceiver

androidx.work.diagnostics.REQUEST_DIAGNOSTICS

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

Services

ru.mail.moosic.service.notifications.FcmService

com.google.firebase.MESSAGING_EVENT

ru.mail.moosic.auto.MyCarMediaBrowserService

android.media.browse.MediaBrowserService

com.vk.silentauth.host.SilentAuthService

com.vk.silentauth.action.GET_INFO

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

Android Permissions

BOOM.apk

Permissions

android.permission.QUERY_ALL_PACKAGES

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.FOREGROUND_SERVICE

android.permission.WAKE_LOCK

com.android.vending.BILLING

android.permission.VIBRATE

com.android.launcher.permission.INSTALL_SHORTCUT

android.permission.USE_BIOMETRIC

android.provider.Telephony.SMS_RECEIVED

android.permission.READ_PHONE_STATE

android.permission.USE_FINGERPRINT

android.permission.RECEIVE_BOOT_COMPLETED

com.google.android.c2dm.permission.RECEIVE

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

Sharing

General

Malware Config

Signatures

Files

com.uma.musicvk

ru.mail.moosic.ui.main.MainActivity

Activities

ru.mail.moosic.ui.main.MainActivity

ru.mail.moosic.ui.deeplink.DeepLinkResolveActivity

com.vk.superapp.logs.SuperappDebugLogsActivity

Permissions

Receivers

com.my.tracker.campaign.MultipleInstallReceiver

ru.mail.moosic.player.MyMediaButtonReceiver

ru.mail.moosic.service.offlinetracks.MountStorageBroadcastReceiver

ru.mail.moosic.ui.widget.PlayerAppWidget

com.appsflyer.SingleInstallBroadcastReceiver

com.vk.superapp.logs.DebugBroadcastReceiver

com.vk.superapp.browser.utils.LoadingBroadcastReceiver

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

androidx.work.impl.background.systemalarm.RescheduleReceiver

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.diagnostics.DiagnosticsReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

Services

ru.mail.moosic.service.notifications.FcmService

ru.mail.moosic.auto.MyCarMediaBrowserService

com.vk.silentauth.host.SilentAuthService

com.google.firebase.messaging.FirebaseMessagingService

Android Permissions

BOOM.apk