SNS_24[.]apk | Triage

General

Target

SNS_24.apk
Size

7.2MB
MD5

da6f538294ce7f79e17acd65a8a2a0de
SHA1

2ae33b52c49a819e3fa4875a6e2178d232d344fb
SHA256

a79ebbd3eb73942b0e4c430f50b0dca4a30d51abffa4671b8baba1d1d2786a4e
SHA512

6aa6cbdb1e8ab6204bef5a8ccfc85448d67d46dd1c7b3375f3c5b3c7010f4015db1e02b0c132d715319ec21344df24ca525a1086a637602cd640b6be39afe209
SSDEEP

98304:eKefDhiwzjxcMlmzWTx0tfzBs01ev7UOkjYKJyQPsZxIlW+T8XU8DRQAiE8bTSlP:nefc8yMIz2OrAU9YAsZxcy6AiEF

Score

6^/10

Malware Config

Signatures

Declares broadcast receivers with permission to handle system events 1 IoCs

Processes:

description	ioc
Required by device admin receivers to bind with the system. Allows apps to manage device administration features.	android.permission.BIND_DEVICE_ADMIN

Declares services with permission to bind to the system 3 IoCs

Processes:

description	ioc
Required by accessibility services to bind with the system. Allows apps to access accessibility features.	android.permission.BIND_ACCESSIBILITY_SERVICE
Required by VPN services to bind with the system. Allows apps to provision VPN services.	android.permission.BIND_VPN_SERVICE
Required by input method services to bind with the system. Allows apps to provide custom input methods (keyboards).	android.permission.BIND_INPUT_METHOD

Requests dangerous framework permissions 7 IoCs

Processes:

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Required to be able to access the camera device.	android.permission.CAMERA
Allows an app to access location in the background.	android.permission.ACCESS_BACKGROUND_LOCATION
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW

Files

SNS_24.apk
.apk android

bottom.laura.gravit

bottom.laura.vcxtwgqthxhkrpkjnswkmnxnfcawdwtyihwzjsgxfvcrkbcvdx2.ujofonpgiajaofxhxehuhxghgsljgvlislvtbhrjkykztimcxn6VqcPX85

Activities

bottom.laura.vcxtwgqthxhkrpkjnswkmnxnfcawdwtyihwzjsgxfvcrkbcvdx2.ujofonpgiajaofxhxehuhxghgsljgvlislvtbhrjkykztimcxn6VqcPX85

android.intent.action.CHOOSER
android.intent.action.MAIN
android.intent.action.VIEW
android.intent.action.SEND
android.intent.action.SEND_MULTIPLE
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_REPLACED
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_CHANGED
com.ui.OnAlarmReceiver.ACTION_WIDGET_RECEIVER
com.android.vending.billing.InAppBillingService.COIN
com.android.vending.billing.InAppBillingService.COIO
com.android.vending.billing.InAppBillingService.LUCM
com.android.vending.billing.InAppBillingService.PROX
ir.cafebazaar.pardakht.InAppBillingService.BIND
ru.aaaaaaax.installer
com.nokia.payment.iapenabler.InAppBillingService.BIND
com.android.vending.billing.InAppBillingService.INST

bottom.laura.vcxtwgqthxhkrpkjnswkmnxnfcawdwtyihwzjsgxfvcrkbcvdx2.ujofonpgiajaofxhxehuhxghgsljgvlislvtbhrjkykztimcxn6FyAIS30

bottom.laura.gravit.xyz

Permissions

android.permission.READ_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.CHANGE_WIFI_STATE
android.permission.CAMERA
android.permission.WAKE_LOCK
com.android.alarm.permission.SET_ALARM
com.sonyericsson.home.permission.BROADCAST_BADGE
android.permission.ACCESS_BACKGROUND_LOCATION
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
com.anddoes.launcher.permission.UPDATE_COUNT
android.permission.REQUEST_INSTALL_PACKAGES
com.huawei.permission.external_app_settings.USE_COMPONENT
android.permission.USE_FULL_SCREEN_INTENT
android.permission.ACCESS_WIFI_STATE
com.sonymobile.home.permission.PROVIDER_INSERT_BADGE
android.permission.WRITE_EXTERNAL_STORAGE
oplus.permission.OPLUS_COMPONENT_SAFE
android.permission.EXPAND_STATUS_BAR
oppo.permission.OPPO_COMPONENT_SAFE
android.permission.REQUEST_DELETE_PACKAGES
android.permission.INTERNET
android.permission.DISABLE_KEYGUARD
android.permission.READ_EXTERNAL_STORAGE
android.permission.FOREGROUND_SERVICE
android.permission.SET_WALLPAPER
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
android.permission.ACCESS_NETWORK_STATE
android.permission.SYSTEM_ALERT_WINDOW

Receivers

bottom.laura.vcxtwgqthxhkrpkjnswkmnxnfcawdwtyihwzjsgxfvcrkbcvdx2.ujofonpgiajaofxhxehuhxghgsljgvlislvtbhrjkykztimcxn6kdnTO55

bottom.laura.gravit.RestartSensor

bottom.laura.vcxtwgqthxhkrpkjnswkmnxnfcawdwtyihwzjsgxfvcrkbcvdx2.ujofonpgiajaofxhxehuhxghgsljgvlislvtbhrjkykztimcxn6UPEyH29

android.intent.action.BOOT_COMPLETED
android.intent.action.ACTION_BOOT_COMPLETED
android.provider.Telephony.SMS_RECEIVED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.EXTERNAL_APPLICATIONS_AVAILABLE
com.htc.intent.action.QUICKBOOT_POWERON
android.intent.action.REBOOT
android.intent.action.LOCKED_BOOT_COMPLETED
miui.intent.action.BOOT_COMPLETEDT

bottom.laura.vcxtwgqthxhkrpkjnswkmnxnfcawdwtyihwzjsgxfvcrkbcvdx2.ujofonpgiajaofxhxehuhxghgsljgvlislvtbhrjkykztimcxn6gfIGJ94

android.intent.action.PACKAGE_INSTALL
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_CHANGED
android.intent.action.MY_PACKAGE_REPLACED

bottom.laura.vcxtwgqthxhkrpkjnswkmnxnfcawdwtyihwzjsgxfvcrkbcvdx2.ujofonpgiajaofxhxehuhxghgsljgvlislvtbhrjkykztimcxn6Jtdaw121

android.intent.action.SCREEN_ON
android.intent.action.SCREEN_OFF
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED
android.intent.action.USER_PRESENT

bottom.laura.vcxtwgqthxhkrpkjnswkmnxnfcawdwtyihwzjsgxfvcrkbcvdx2.ujofonpgiajaofxhxehuhxghgsljgvlislvtbhrjkykztimcxn6SRiPN57

android.intent.action.DATE_CHANGED

bottom.laura.AdminReceiver

android.app.action.DEVICE_ADMIN_ENABLED

Services

bottom.laura.vcxtwgqthxhkrpkjnswkmnxnfcawdwtyihwzjsgxfvcrkbcvdx2.ujofonpgiajaofxhxehuhxghgsljgvlislvtbhrjkykztimcxn6RvERO23

android.accessibilityservice.AccessibilityService

bottom.laura.vcxtwgqthxhkrpkjnswkmnxnfcawdwtyihwzjsgxfvcrkbcvdx2.ujofonpgiajaofxhxehuhxghgsljgvlislvtbhrjkykztimcxn6hYAyq60

android.net.VpnService

bottom.laura.vcxtwgqthxhkrpkjnswkmnxnfcawdwtyihwzjsgxfvcrkbcvdx2.ujofonpgiajaofxhxehuhxghgsljgvlislvtbhrjkykztimcxn6nSLSI72

android.view.InputMethod

SNS_24.apk

Permissions

android.permission.READ_PHONE_STATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.CHANGE_WIFI_STATE

android.permission.CAMERA

android.permission.WAKE_LOCK

com.android.alarm.permission.SET_ALARM

com.sonyericsson.home.permission.BROADCAST_BADGE

android.permission.ACCESS_BACKGROUND_LOCATION

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS

com.anddoes.launcher.permission.UPDATE_COUNT

android.permission.REQUEST_INSTALL_PACKAGES

com.huawei.permission.external_app_settings.USE_COMPONENT

android.permission.USE_FULL_SCREEN_INTENT

android.permission.ACCESS_WIFI_STATE

com.sonymobile.home.permission.PROVIDER_INSERT_BADGE

android.permission.WRITE_EXTERNAL_STORAGE

oplus.permission.OPLUS_COMPONENT_SAFE

android.permission.EXPAND_STATUS_BAR

oppo.permission.OPPO_COMPONENT_SAFE

android.permission.REQUEST_DELETE_PACKAGES

android.permission.INTERNET

android.permission.DISABLE_KEYGUARD

android.permission.READ_EXTERNAL_STORAGE

android.permission.FOREGROUND_SERVICE

android.permission.SET_WALLPAPER

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

android.permission.ACCESS_NETWORK_STATE

android.permission.SYSTEM_ALERT_WINDOW

Sharing

General

Malware Config

Signatures

Files

bottom.laura.gravit

bottom.laura.vcxtwgqthxhkrpkjnswkmnxnfcawdwtyihwzjsgxfvcrkbcvdx2.ujofonpgiajaofxhxehuhxghgsljgvlislvtbhrjkykztimcxn6VqcPX85

Activities

bottom.laura.vcxtwgqthxhkrpkjnswkmnxnfcawdwtyihwzjsgxfvcrkbcvdx2.ujofonpgiajaofxhxehuhxghgsljgvlislvtbhrjkykztimcxn6VqcPX85

bottom.laura.vcxtwgqthxhkrpkjnswkmnxnfcawdwtyihwzjsgxfvcrkbcvdx2.ujofonpgiajaofxhxehuhxghgsljgvlislvtbhrjkykztimcxn6FyAIS30

Permissions

Receivers

bottom.laura.vcxtwgqthxhkrpkjnswkmnxnfcawdwtyihwzjsgxfvcrkbcvdx2.ujofonpgiajaofxhxehuhxghgsljgvlislvtbhrjkykztimcxn6kdnTO55

bottom.laura.vcxtwgqthxhkrpkjnswkmnxnfcawdwtyihwzjsgxfvcrkbcvdx2.ujofonpgiajaofxhxehuhxghgsljgvlislvtbhrjkykztimcxn6UPEyH29

bottom.laura.vcxtwgqthxhkrpkjnswkmnxnfcawdwtyihwzjsgxfvcrkbcvdx2.ujofonpgiajaofxhxehuhxghgsljgvlislvtbhrjkykztimcxn6gfIGJ94

bottom.laura.vcxtwgqthxhkrpkjnswkmnxnfcawdwtyihwzjsgxfvcrkbcvdx2.ujofonpgiajaofxhxehuhxghgsljgvlislvtbhrjkykztimcxn6Jtdaw121

bottom.laura.vcxtwgqthxhkrpkjnswkmnxnfcawdwtyihwzjsgxfvcrkbcvdx2.ujofonpgiajaofxhxehuhxghgsljgvlislvtbhrjkykztimcxn6SRiPN57

bottom.laura.AdminReceiver

Services

bottom.laura.vcxtwgqthxhkrpkjnswkmnxnfcawdwtyihwzjsgxfvcrkbcvdx2.ujofonpgiajaofxhxehuhxghgsljgvlislvtbhrjkykztimcxn6RvERO23

bottom.laura.vcxtwgqthxhkrpkjnswkmnxnfcawdwtyihwzjsgxfvcrkbcvdx2.ujofonpgiajaofxhxehuhxghgsljgvlislvtbhrjkykztimcxn6hYAyq60

bottom.laura.vcxtwgqthxhkrpkjnswkmnxnfcawdwtyihwzjsgxfvcrkbcvdx2.ujofonpgiajaofxhxehuhxghgsljgvlislvtbhrjkykztimcxn6nSLSI72

Android Permissions

SNS_24.apk