mobileorder | afcbf339d1c0a6174f93425cd1b8ba50979132856f0c333865a62d7c6e8a3084

General

Target

afcbf339d1c0a6174f93425cd1b8ba50979132856f0c333865a62d7c6e8a3084
Size

392KB
MD5

a48254acb25d81307d4ebb99e187f5c5
SHA1

7ee14f38b953e57c3b29d91fc6a683e90ab888a3
SHA256

afcbf339d1c0a6174f93425cd1b8ba50979132856f0c333865a62d7c6e8a3084
SHA512

d56b8a5f8323af21bc8032e9485481b1f88853e080f0443455800a4d356b1fbbcf55df7e144f97c747142860677b309a899e005e59b5ad0e16f70a1ece854d8a
SSDEEP

12288:MNr4QELGqdn0xx/7xKNR9+SwMZlyIrnv5i0/Gr:Q02x8M3wRBs

Score

10^/10

mobileorder

Malware Config

Extracted

Family

mobileorder

C2

islam.ansardawlatalislam.com

mobile.muslimbro.org

Signatures

Mobileorder family
mobileorder

Declares broadcast receivers with permission to handle system events 1 IoCs

description	ioc
Required by device admin receivers to bind with the system. Allows apps to manage device administration features.	android.permission.BIND_DEVICE_ADMIN

Requests dangerous framework permissions 11 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to see the number being dialed during an outgoing call with the option to redirect the call to a different number or abort the call altogether.	android.permission.PROCESS_OUTGOING_CALLS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read the user's call log.	android.permission.READ_CALL_LOG
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Required to be able to access the camera device.	android.permission.CAMERA

Files

afcbf339d1c0a6174f93425cd1b8ba50979132856f0c333865a62d7c6e8a3084
.apk android

com.photo.android

com.photo.androida.MainActivity

Activities

com.photo.androida.MainActivity

android.intent.action.MAIN

Permissions

android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.PROCESS_OUTGOING_CALLS
android.intent.action.NEW_OUTGOING_CALL
android.permission.READ_CONTACTS
android.permission.READ_SMS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_LOGS
android.permission.READ_CALL_LOG
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.RECORD_AUDIO
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
android.permission.GET_ACCOUNTS
android.permission.MANAGE_ACCOUNTS
android.permission.READ_LOGS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.INTERACT_ACROSS_USERS_FULL
android.permission.CAMERA
android.permission.CHANGE_WIFI_STATE
android.permission.CHANGE_CONFIGURATION

Receivers

t.service.PhoneStatReceiver

android.intent.action.PHONE_STATE
android.intent.action.NEW_OUTGOING_CALL

t.service.ReceiveB

android.intent.action.PHONE_STATE
android.intent.action.BOOT_COMPLETED
android.provider.Telephony.SMS_RECEIVED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PHONE_STATE
android.intent.action.NEW_OUTGOING_CALL
android.intent.action.DATA_STATE
android.intent.action.DATE_CHANGED
android.intent.action.SCREEN_OFF
android.intent.action.SCREEN_ON
android.intent.action.SERVICE_STATE
android.intent.action.NEW_OUTGOING_CALL
android.intent.action.NEW_OUTGOING_CALL
a
android.intent.action.MEDIA_MOUNTED
android.intent.action.MEDIA_EJECT
android.intent.action.MEDIA_UNMOUNTED
android.intent.action.MEDIA_SHARED
android.intent.action.MEDIA_SCANNER_STARTED
android.intent.action.MEDIA_SCANNER_FINISHED
android.intent.action.MEDIA_REMOVED
android.intent.action.MEDIA_BAD_REMOVAL
android.media.SCO_AUDIO_STATE_CHANGED
android.media.ACTION_SCO_AUDIO_STATE_UPDATED
MMBakchatServiceStart
MMBakchatServiceStop
com.tencent.mm.plugin.openapi.Intent.ACTION_HANDLE_APP_REGISTER
com.tencent.mm.plugin.openapi.Intent.ACTION_HANDLE_APP_UNREGISTER
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_CHANGED
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_DATA_CLEARED
android.intent.action.PACKAGE_INSTALL
android.intent.action.PACKAGE_REPLACED
android.intent.action.PACKAGE_RESTARTED
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED
android.intent.action.POWER_USAGE_SUMMARY
android.intent.action.ACTION_SHUTDOWN

t.service.dar

android.app.action.DEVICE_ADMIN_ENABLED

Services

Android Permissions

afcbf339d1c0a6174f93425cd1b8ba50979132856f0c333865a62d7c6e8a3084

Permissions

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.INTERNET

android.permission.READ_PHONE_STATE

android.permission.PROCESS_OUTGOING_CALLS

android.intent.action.NEW_OUTGOING_CALL

android.permission.READ_CONTACTS

android.permission.READ_SMS

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_LOGS

android.permission.READ_CALL_LOG

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.RECORD_AUDIO

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_COARSE_LOCATION

android.permission.GET_ACCOUNTS

android.permission.MANAGE_ACCOUNTS

android.permission.READ_LOGS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.INTERACT_ACROSS_USERS_FULL

android.permission.CAMERA

android.permission.CHANGE_WIFI_STATE

android.permission.CHANGE_CONFIGURATION

Sharing

General

Malware Config

Extracted

Signatures

Files

com.photo.android

com.photo.androida.MainActivity

Activities

com.photo.androida.MainActivity

Permissions

Receivers

t.service.PhoneStatReceiver

t.service.ReceiveB

t.service.dar

Services

Android Permissions

afcbf339d1c0a6174f93425cd1b8ba50979132856f0c333865a62d7c6e8a3084