General

  • Target

    com.kiwibrowser.browser-arm64-7262338544-github.apk

  • Size

    232.9MB

  • MD5

    d5558c3ceeb27c4ba8d7d6d9c7074042

  • SHA1

    a270b9cd9a5fa9d914e7e770d89c0e23fd5bad22

  • SHA256

    ee2223cd310fa1f7415a87bf2fe28835ef63fec6f9df0e95551cc1807fbdcd3d

  • SHA512

    dcda0b3692ffba5968d1d4cf190adcfc319ba64ff10122978db9ff32e8f07181c0b762ddfbfeede4c7f981698ea26a3fd118942b541eb512e503eeb72eead14a

  • SSDEEP

    1572864:nNSB+6MfPXByPKpsAG2gjmCQ8ispd/L4szuOX83s5tfe9bkKUPoH:cB+6MfZyPKp9CQn+xL46uOXGe26FU

Malware Config

Signatures

  • Office macro that triggers on suspicious action 1 IoCs

    Office document macro which triggers in special circumstances - often malicious.

  • Declares services with permission to bind to the system 1 IoCs
  • Requests dangerous framework permissions 8 IoCs

Files

  • com.kiwibrowser.browser-arm64-7262338544-github.apk
    .apk android arch:arm64

    com.kiwibrowser.browser

    org.chromium.chrome.browser.document.ChromeLauncherActivity


Android Permissions

com.kiwibrowser.browser-arm64-7262338544-github.apk

Permissions

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_NETWORK_STATE

com.google.android.gms.permission.AD_ID

android.permission.CAMERA

android.permission.DOWNLOAD_WITHOUT_NOTIFICATION

android.permission.FOREGROUND_SERVICE

android.permission.FOREGROUND_SERVICE_MEDIA_PLAYBACK

android.permission.FOREGROUND_SERVICE_DATA_SYNC

android.permission.GET_ACCOUNTS

android.permission.INTERNET

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.NFC

android.permission.POST_NOTIFICATIONS

android.permission.QUERY_ALL_PACKAGES

android.permission.READ_EXTERNAL_STORAGE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.RECORD_AUDIO

android.permission.USE_CREDENTIALS

android.permission.VIBRATE

android.permission.WAKE_LOCK

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.CREDENTIAL_MANAGER_QUERY_CANDIDATE_CREDENTIALS

android.permission.CREDENTIAL_MANAGER_SET_ALLOWED_PROVIDERS

android.permission.CREDENTIAL_MANAGER_SET_ORIGIN

com.kiwibrowser.browser.permission.C2D_MESSAGE

com.kiwibrowser.browser.permission.READ_WRITE_BOOKMARK_FOLDERS

com.kiwibrowser.browser.TOS_ACKED

com.chrome.permission.DEVICE_EXTRAS

com.google.android.c2dm.permission.RECEIVE

com.android.launcher.permission.INSTALL_SHORTCUT

com.google.android.apps.now.CURRENT_ACCOUNT_ACCESS

com.samsung.android.providers.context.permission.WRITE_USE_APP_FEATURE_SURVEY