privateloader | 1621da884b77b3c54cd66cde676a06bf_JaffaCakes118

General

Target

1621da884b77b3c54cd66cde676a06bf_JaffaCakes118
Size

21.2MB
MD5

1621da884b77b3c54cd66cde676a06bf
SHA1

26b5ae2a46ed85db4c78fa57cc36418b8ca9d33f
SHA256

439ce85105d28a6eb9a261ee9f9bd09590b3d8f1bb7ddf7226ce1d40ccdb4b06
SHA512

ba3eb405c5f3320b02d6fedb54efc34141294ba0aa46b1e933f15ce4519c1fcf2549d52d086cdf476268e71b0ad4c36ccb0cf0280590e7139b05b2bc62a4bfa1
SSDEEP

393216:kQoaYf+7+RU8LbB2qMa3ayD7xmFYpLWzekx0YRs07GVokIRfCz1wz5:kQb3KS8p2y3Rn8FYpLWzeGTs0GokQCzO

Score

10^/10

privateloader

Malware Config

Signatures

Privateloader family
privateloader

Requests dangerous framework permissions 4 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE

Files

1621da884b77b3c54cd66cde676a06bf_JaffaCakes118
.apk android arch:arm arch:x86

megaplayer.app

megaplayer.app.ActivitySplash

Activities

megaplayer.app.views.welcome.WelcomeWizard

android.intent.action.VIEW

megaplayer.app.ActivitySplash

android.intent.action.MAIN

com.google.android.gms.cast.framework.media.widget.ExpandedControllerActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.ACCESS_WIFI_STATE
android.permission.GET_ACCOUNTS
android.permission.READ_PHONE_STATE
android.permission.CHANGE_WIFI_MULTICAST_STATE
android.permission.WAKE_LOCK
android.permission.VIBRATE
com.google.android.c2dm.permission.RECEIVE
com.android.vending.BILLING
com.android.vending.CHECK_LICENSE
megaplayer.app.permission.C2D_MESSAGE
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

Receivers

io.branch.referral.InstallListener

com.android.vending.INSTALL_REFERRER

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

Services

megaplayer.app.MyFirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.iid.FirebaseInstanceIdService

com.google.firebase.INSTANCE_ID_EVENT

Android Permissions

1621da884b77b3c54cd66cde676a06bf_JaffaCakes118

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.ACCESS_WIFI_STATE

android.permission.GET_ACCOUNTS

android.permission.READ_PHONE_STATE

android.permission.CHANGE_WIFI_MULTICAST_STATE

android.permission.WAKE_LOCK

android.permission.VIBRATE

com.google.android.c2dm.permission.RECEIVE

com.android.vending.BILLING

com.android.vending.CHECK_LICENSE

megaplayer.app.permission.C2D_MESSAGE

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

Sharing

General

Malware Config

Signatures

Files

megaplayer.app

megaplayer.app.ActivitySplash

Activities

megaplayer.app.views.welcome.WelcomeWizard

megaplayer.app.ActivitySplash

com.google.android.gms.cast.framework.media.widget.ExpandedControllerActivity

Permissions

Receivers

io.branch.referral.InstallListener

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

Services

megaplayer.app.MyFirebaseMessagingService

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.iid.FirebaseInstanceIdService

Android Permissions

1621da884b77b3c54cd66cde676a06bf_JaffaCakes118