$R8YJYTY[.]apk

General

Target

$R8YJYTY.apk
Size

50.0MB
MD5

b06333b1974bff8a4c2b4e83e0e8e2d9
SHA1

8637a29c944488de971976a82f5d359f9d3b83e0
SHA256

f5566f3bf413e325312c6a28d6a525174ba4f3ce8845bf9b6be13b6cf38bacb1
SHA512

84bcc16ccb75e198dd66b9e4f73453df56c5b7b005cf8337b9577bb1e0513801d290a20cc198695d4472e8a5db5231176a87c7bd86dda91cafd0a8f52fbcc054
SSDEEP

1572864:4ZrWZsNVGPdp33PvQ0MUobtzmb1Lgflrw+:CWZ9hPI0oYQrj

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 4 IoCs

description	ioc
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Required to be able to access the camera device.	android.permission.CAMERA

Files

$R8YJYTY.apk
.apk android arch:arm

com.midasplayer.apps.papapearsaga

com.midasplayer.apps.papapearsaga.PapaPearSagaActivity

Activities

com.midasplayer.apps.papapearsaga.PapaPearSagaActivity

android.intent.action.MAIN
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.PICK
android.intent.action.VIEW

Permissions

com.android.vending.BILLING
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.GET_ACCOUNTS
com.king.cross.kingapp.provider.ACCESS
android.permission.RECORD_AUDIO
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.CAMERA
android.permission.WAKE_LOCK
com.google.android.c2dm.permission.RECEIVE
com.midasplayer.apps.papapearsaga.permission.C2D_MESSAGE
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

Receivers

com.king.core.ReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.king.analytics.AnalyticsReceiver

com.king.analytics.BOOT_COMPLETED
com.king.analytics.REQUEST_VALUE
com.king.analytics.RECEIVE_VALUE

com.king.core.billing.BillingReceiver

com.android.vending.billing.IN_APP_NOTIFY
com.android.vending.billing.RESPONSE_CODE
com.android.vending.billing.PURCHASE_STATE_CHANGED

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

com.facebook.sdk.ACTION_CURRENT_ACCESS_TOKEN_CHANGED

com.facebook.CampaignTrackingReceiver

com.android.vending.INSTALL_REFERRER

com.king.notification.NotificationBroadcastReceiver

notification_discarded

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

Services

com.king.notification.fcm.FcmListenerService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.iid.FirebaseInstanceIdService

com.google.firebase.INSTANCE_ID_EVENT

Android Permissions

$R8YJYTY.apk

Permissions

com.android.vending.BILLING

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.GET_ACCOUNTS

com.king.cross.kingapp.provider.ACCESS

android.permission.RECORD_AUDIO

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.CAMERA

android.permission.WAKE_LOCK

com.google.android.c2dm.permission.RECEIVE

com.midasplayer.apps.papapearsaga.permission.C2D_MESSAGE

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

Sharing

General

Malware Config

Signatures

Files

com.midasplayer.apps.papapearsaga

com.midasplayer.apps.papapearsaga.PapaPearSagaActivity

Activities

com.midasplayer.apps.papapearsaga.PapaPearSagaActivity

Permissions

Receivers

com.king.core.ReferrerReceiver

com.king.analytics.AnalyticsReceiver

com.king.core.billing.BillingReceiver

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

com.facebook.CampaignTrackingReceiver

com.king.notification.NotificationBroadcastReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

Services

com.king.notification.fcm.FcmListenerService

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.iid.FirebaseInstanceIdService

Android Permissions

$R8YJYTY.apk