mobileorder | ba08ee68d9218e0aaa3384bcb2ab281fd8273fe40aee65c300adbf85120cbc7b

General

Target

ba08ee68d9218e0aaa3384bcb2ab281fd8273fe40aee65c300adbf85120cbc7b
Size

2.7MB
MD5

f9fda39f58f588b4b1d78a6a4165d1a9
SHA1

e73eb828714c2f875b988019fe13b201088fc549
SHA256

ba08ee68d9218e0aaa3384bcb2ab281fd8273fe40aee65c300adbf85120cbc7b
SHA512

db7e4ba85798ff908ba5414240fc53fea12210b2efb80e01c4370682dbd3e883a17fcfb294f4c727566afa3ba806c9f6406cdaba2331b78c8000d30a4490bbe6
SSDEEP

49152:RDmZpMk8PtoewwZR/gXdlXza1D6PElEYdARSVVK0e9Yo4QDCl3KM5wZ4MmS03zP9:RDmZpMDPtoedR/edpm1SUpARN0xQDA3T

Score

10^/10

mobileorder

Malware Config

Extracted

Family

mobileorder

C2

mobile.muslimbro.org

Signatures

Mobileorder family
mobileorder

Requests dangerous framework permissions 8 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read the user's call log.	android.permission.READ_CALL_LOG
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION

Files

ba08ee68d9218e0aaa3384bcb2ab281fd8273fe40aee65c300adbf85120cbc7b
.apk android

com.lppads.android

com.encrypt.phone.MainActivity

Activities

com.encrypt.phone.MainActivity

android.intent.action.MAIN

Permissions

android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.READ_CONTACTS
android.permission.READ_SMS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_LOGS
android.permission.READ_CALL_LOG
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.RECORD_AUDIO
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION

Receivers

t.service.ReceiveB

android.intent.action.PHONE_STATE
android.intent.action.BOOT_COMPLETED
android.provider.Telephony.SMS_RECEIVED
android.net.conn.CONNECTIVITY_CHANGE

Services

Android Permissions

ba08ee68d9218e0aaa3384bcb2ab281fd8273fe40aee65c300adbf85120cbc7b

Permissions

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.INTERNET

android.permission.READ_PHONE_STATE

android.permission.READ_CONTACTS

android.permission.READ_SMS

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_LOGS

android.permission.READ_CALL_LOG

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.RECORD_AUDIO

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_COARSE_LOCATION

Sharing

General

Malware Config

Extracted

Signatures

Files

com.lppads.android

com.encrypt.phone.MainActivity

Activities

com.encrypt.phone.MainActivity

Permissions

Receivers

t.service.ReceiveB

Services

Android Permissions

ba08ee68d9218e0aaa3384bcb2ab281fd8273fe40aee65c300adbf85120cbc7b