3579057145c69159a8d2ede4d0cdc080_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

3579057145c69159a8d2ede4d0cdc080_NeikiAnalytics
Size

1.6MB
MD5

3579057145c69159a8d2ede4d0cdc080
SHA1

653d14bddcfd3b6337b5b8e639ae7eeb21153cc1
SHA256

997c932fa6383dce88323c07b07452fefdbd7876c90d9ed93bf65141c6571c26
SHA512

781c6fef4b8c5a091c0648749c1ce9fdeb1aea6202d5d555388232ba1f4e832a549472f55b08e46ca131baea65a1911a3f11f820abbb115bb81aaa14e30d10c7
SSDEEP

24576:HsliUStzWXOqEtADD7WEXpmTrABb0qYDfCoO:8iFzptADD7W0pmfBVCoO

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 2 IoCs

description	ioc
Required by telecom connection services to bind with the system. Allows apps to manage phone call aspects such as call setup and notifications.	android.permission.BIND_TELECOM_CONNECTION_SERVICE
Required by telecom connection services to bind with the system. Allows apps to manage phone call aspects such as call setup and notifications.	android.permission.BIND_TELECOM_CONNECTION_SERVICE

Requests dangerous framework permissions 17 IoCs

description	ioc
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to read the user's call log.	android.permission.READ_CALL_LOG
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS
Allows an application to write and read the user's call log data.	android.permission.WRITE_CALL_LOG
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to see the number being dialed during an outgoing call with the option to redirect the call to a different number or abort the call altogether.	android.permission.PROCESS_OUTGOING_CALLS
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an application to use SIP service.	android.permission.USE_SIP
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to add voicemails into the system.	com.android.voicemail.permission.ADD_VOICEMAIL
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE

Files

3579057145c69159a8d2ede4d0cdc080_NeikiAnalytics
.apk android

com.android.phone

MobileNetworkSettings

Activities

EmergencyDialer

com.android.phone.EmergencyDialer.DIAL
com.android.phone.EmergencyDialer.DIAL

SimContacts

android.intent.action.VIEW

com.android.phone.settings.fdn.FdnList

android.intent.action.VIEW

OutgoingCallBroadcaster

android.intent.action.CALL
android.intent.action.CALL
android.intent.action.CALL
android.intent.action.CALL

InCallScreenShowActivation

com.android.phone.PERFORM_CDMA_PROVISIONING

com.android.services.telephony.activation.SimActivationActivity

android.intent.action.SIM_ACTIVATION_REQUEST

MobileNetworkSettings

android.intent.action.VIEW
android.intent.action.MAIN
android.settings.DATA_ROAMING_SETTINGS

NetworkSetting

android.intent.action.MAIN
android.settings.NETWORK_OPERATOR_SETTINGS

GsmUmtsOptions

android.intent.action.MAIN

CdmaOptions

android.intent.action.MAIN

GsmUmtsCallOptions

android.intent.action.MAIN

CdmaCallOptions

android.intent.action.MAIN

GsmUmtsCallForwardOptions

android.intent.action.MAIN

GsmUmtsAdditionalCallOptions

android.intent.action.MAIN

CellBroadcastSms

android.intent.action.MAIN

com.android.phone.settings.fdn.FdnSetting

android.intent.action.MAIN

EnableIccPinScreen

android.intent.action.MAIN

ChangeIccPinScreen

android.intent.action.MAIN

DataRoamingReenable

android.intent.action.MAIN

RoamingSetting

android.intent.action.MAIN

CallFeaturesSetting

android.intent.action.VIEW
android.intent.action.MAIN
android.telecom.action.SHOW_CALL_SETTINGS

com.android.phone.settings.AccessibilitySettingsActivity

android.intent.action.MAIN
android.telecom.action.SHOW_CALL_ACCESSIBILITY_SETTINGS

EmergencyCallbackModeExitDialog

com.android.phone.action.ACTION_SHOW_ECM_EXIT_DIALOG
android.intent.action.ACTION_SHOW_NOTICE_ECM_BLOCK_OTHERS

com.android.services.telephony.sip.SipPhoneAccountSettingsActivity

android.telecom.action.CONFIGURE_PHONE_ACCOUNT

com.android.services.telephony.sip.SipSettings

android.intent.action.MAIN
android.net.sip.NOTIFY

com.android.phone.settings.PhoneAccountSettingsActivity

android.telecom.action.CHANGE_PHONE_ACCOUNTS

com.android.phone.settings.VoicemailSettingsActivity

com.android.phone.CallFeaturesSetting.ADD_VOICEMAIL
android.telephony.action.CONFIGURE_VOICEMAIL

com.mediatek.settings.IpPrefixPreference

android.intent.action.MAIN

com.mediatek.settings.CallBarring

android.intent.action.MAIN

com.mediatek.settings.PLMNListPreference

android.intent.action.MAIN

com.mediatek.settings.NetworkEditor

android.intent.action.MAIN

com.mediatek.settings.vtss.GsmUmtsVTCFOptions

android.intent.action.MAIN

com.mediatek.settings.vtss.GsmUmtsVTCBOptions

android.intent.action.MAIN

Permissions

android.permission.BROADCAST_STICKY
android.permission.CALL_PHONE
android.permission.CALL_PRIVILEGED
android.permission.WRITE_SETTINGS
android.permission.WRITE_SECURE_SETTINGS
android.permission.READ_CONTACTS
android.permission.READ_CALL_LOG
android.permission.WRITE_CONTACTS
android.permission.WRITE_CALL_LOG
android.permission.SYSTEM_ALERT_WINDOW
android.permission.INTERNAL_SYSTEM_WINDOW
android.permission.VIBRATE
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.REORDER_TASKS
android.permission.CHANGE_CONFIGURATION
android.permission.WAKE_LOCK
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.STATUS_BAR
android.permission.RECEIVE_SMS
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.SEND_SMS
android.permission.SEND_RESPOND_VIA_MESSAGE
android.permission.SET_TIME
android.permission.SET_TIME_ZONE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PRIVILEGED_PHONE_STATE
android.permission.MODIFY_PHONE_STATE
android.permission.READ_PRIVILEGED_PHONE_STATE
android.permission.ACCESS_IMS_CALL_SERVICE
android.permission.DEVICE_POWER
android.permission.DISABLE_KEYGUARD
android.permission.INTERNET
android.permission.PROCESS_OUTGOING_CALLS
android.permission.ACCESS_COARSE_LOCATION
android.permission.WRITE_APN_SETTINGS
android.permission.BROADCAST_SMS
android.permission.BROADCAST_WAP_PUSH
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.SHUTDOWN
android.permission.RECORD_AUDIO
android.permission.PERFORM_CDMA_PROVISIONING
android.permission.USE_SIP
android.permission.REBOOT
android.permission.UPDATE_LOCK
android.permission.INTERACT_ACROSS_USERS
android.permission.INTERACT_ACROSS_USERS_FULL
com.android.smspush.WAPPUSH_MANAGER_BIND
android.permission.MANAGE_USERS
android.permission.UPDATE_APP_OPS_STATS
android.permission.CONNECTIVITY_INTERNAL
android.permission.SET_PREFERRED_APPLICATIONS
android.permission.READ_SEARCH_INDEXABLES
android.permission.DUMP
android.permission.REGISTER_CALL_PROVIDER
android.permission.REGISTER_SIM_SUBSCRIPTION
android.permission.BIND_CARRIER_SERVICES
android.permission.BIND_CARRIER_MESSAGING_SERVICE
android.permission.READ_SYNC_SETTINGS
android.permission.WRITE_SYNC_SETTINGS
android.permission.AUTHENTICATE_ACCOUNTS
android.permission.MANAGE_ACCOUNTS
android.permission.GET_ACCOUNTS
com.android.voicemail.permission.ADD_VOICEMAIL
com.android.voicemail.permission.WRITE_VOICEMAIL
com.android.voicemail.permission.READ_VOICEMAIL
android.permission.LOCAL_MAC_ADDRESS
android.permission.CHANGE_COMPONENT_ENABLED_STATE
android.permission.CHANGE_DEVICE_IDLE_TEMP_WHITELIST
com.mediatek.ppl.permission.ACCESS_PPL_MANAGER
android.permission.READ_REJECT
android.permission.READ_PHONE_STATE
android.permission.STOP_APP_SWITCHES
android.permission.REAL_GET_TASKS

Receivers

ProcessOutgoingCallTest

android.intent.action.NEW_OUTGOING_CALL

OtaStartupReceiver

android.intent.action.BOOT_COMPLETED

com.android.services.telephony.sip.SipBroadcastReceiver

android.net.sip.SIP_SERVICE_UP
com.android.phone.SIP_INCOMING_CALL
com.android.phone.SIP_REMOVE_PHONE
com.android.phone.SIP_CALL_OPTION_CHANGED
com.android.phone.SIP_ADD_PHONE

CallerInfoCacheUpdateReceiver

com.android.phone.UPDATE_CALLER_INFO_CACHE

PhoneGlobals$NotificationBroadcastReceiver

com.android.phone.ACTION_HANG_UP_ONGOING_CALL
com.android.phone.ACTION_CALL_BACK_FROM_NOTIFICATION
com.android.phone.ACTION_SEND_SMS_FROM_NOTIFICATION

com.android.phone.vvm.omtp.sms.OmtpMessageReceiver

android.intent.action.DATA_SMS_RECEIVED

com.android.phone.vvm.omtp.SimChangeReceiver

android.telephony.action.CARRIER_CONFIG_CHANGED
android.intent.action.SIM_STATE_CHANGED

com.android.phone.vvm.omtp.fetch.FetchVoicemailReceiver

android.intent.action.FETCH_VOICEMAIL

com.android.phone.vvm.omtp.sync.VoicemailProviderChangeReceiver

android.intent.action.PROVIDER_CHANGED

com.android.phone.vvm.omtp.VvmPackageInstallReceiver

android.intent.action.PACKAGE_INSTALL
android.intent.action.PACKAGE_ADDED

com.mediatek.settings.cdma.LteDataOnlySwitchReceiver

com.mediatek.intent.action.FINISH_SWITCH_SVLTE_RAT_MODE
com.mediatek.intent.action.STARTSELF_LTE_SEARCH_TIMEOUT_CHECK
android.intent.action.BOOT_COMPLETED
android.intent.action.ACTION_BOOT_IPO

Services

NetworkQueryService

com.mediatek.phone.INTERNATIONAL_ROAMING_NETWORK_QUERY

com.android.services.telephony.sip.SipCallServiceProvider

android.telecom.CallServiceProvider

com.android.services.telephony.sip.SipConnectionService

android.telecom.ConnectionService

com.android.services.telephony.TelephonyConnectionService

android.telecom.ConnectionService

com.mediatek.settings.cdma.LteDataOnlyManagerService

com.mediatek.intent.action.LTE_DATA_ONLY_MANAGER

com.mediatek.settings.cdma.LteSearchTimeoutCheckService

com.mediatek.intent.action.LTE_SEARCH_TIMEOUT_CHECK

Android Permissions

3579057145c69159a8d2ede4d0cdc080_NeikiAnalytics

Permissions

android.permission.BROADCAST_STICKY

android.permission.CALL_PHONE

android.permission.CALL_PRIVILEGED

android.permission.WRITE_SETTINGS

android.permission.WRITE_SECURE_SETTINGS

android.permission.READ_CONTACTS

android.permission.READ_CALL_LOG

android.permission.WRITE_CONTACTS

android.permission.WRITE_CALL_LOG

android.permission.SYSTEM_ALERT_WINDOW

android.permission.INTERNAL_SYSTEM_WINDOW

android.permission.VIBRATE

android.permission.BLUETOOTH

android.permission.BLUETOOTH_ADMIN

android.permission.REORDER_TASKS

android.permission.CHANGE_CONFIGURATION

android.permission.WAKE_LOCK

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.STATUS_BAR

android.permission.RECEIVE_SMS

android.permission.READ_SMS

android.permission.WRITE_SMS

android.permission.SEND_SMS

android.permission.SEND_RESPOND_VIA_MESSAGE

android.permission.SET_TIME

android.permission.SET_TIME_ZONE

android.permission.ACCESS_WIFI_STATE

android.permission.READ_PRIVILEGED_PHONE_STATE

android.permission.MODIFY_PHONE_STATE

android.permission.READ_PRIVILEGED_PHONE_STATE

android.permission.ACCESS_IMS_CALL_SERVICE

android.permission.DEVICE_POWER

android.permission.DISABLE_KEYGUARD

android.permission.INTERNET

android.permission.PROCESS_OUTGOING_CALLS

android.permission.ACCESS_COARSE_LOCATION

android.permission.WRITE_APN_SETTINGS

android.permission.BROADCAST_SMS

android.permission.BROADCAST_WAP_PUSH

android.permission.CHANGE_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.CHANGE_NETWORK_STATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.SHUTDOWN

android.permission.RECORD_AUDIO

android.permission.PERFORM_CDMA_PROVISIONING

android.permission.USE_SIP

android.permission.REBOOT

android.permission.UPDATE_LOCK

android.permission.INTERACT_ACROSS_USERS

Sharing

General

Malware Config

Signatures

Files

com.android.phone

MobileNetworkSettings

Activities

EmergencyDialer

SimContacts

com.android.phone.settings.fdn.FdnList

OutgoingCallBroadcaster

InCallScreenShowActivation

com.android.services.telephony.activation.SimActivationActivity

MobileNetworkSettings

NetworkSetting

GsmUmtsOptions

CdmaOptions

GsmUmtsCallOptions

CdmaCallOptions

GsmUmtsCallForwardOptions

GsmUmtsAdditionalCallOptions

CellBroadcastSms

com.android.phone.settings.fdn.FdnSetting

EnableIccPinScreen

ChangeIccPinScreen

DataRoamingReenable

RoamingSetting

CallFeaturesSetting

com.android.phone.settings.AccessibilitySettingsActivity

EmergencyCallbackModeExitDialog

com.android.services.telephony.sip.SipPhoneAccountSettingsActivity

com.android.services.telephony.sip.SipSettings

com.android.phone.settings.PhoneAccountSettingsActivity

com.android.phone.settings.VoicemailSettingsActivity

com.mediatek.settings.IpPrefixPreference

com.mediatek.settings.CallBarring

com.mediatek.settings.PLMNListPreference

com.mediatek.settings.NetworkEditor

com.mediatek.settings.vtss.GsmUmtsVTCFOptions

com.mediatek.settings.vtss.GsmUmtsVTCBOptions

Permissions

Receivers

ProcessOutgoingCallTest

OtaStartupReceiver

com.android.services.telephony.sip.SipBroadcastReceiver

CallerInfoCacheUpdateReceiver

PhoneGlobals$NotificationBroadcastReceiver

com.android.phone.vvm.omtp.sms.OmtpMessageReceiver

com.android.phone.vvm.omtp.SimChangeReceiver

com.android.phone.vvm.omtp.fetch.FetchVoicemailReceiver

com.android.phone.vvm.omtp.sync.VoicemailProviderChangeReceiver

com.android.phone.vvm.omtp.VvmPackageInstallReceiver

com.mediatek.settings.cdma.LteDataOnlySwitchReceiver

Services

NetworkQueryService

com.android.services.telephony.sip.SipCallServiceProvider

com.android.services.telephony.sip.SipConnectionService

com.android.services.telephony.TelephonyConnectionService

com.mediatek.settings.cdma.LteDataOnlyManagerService

com.mediatek.settings.cdma.LteSearchTimeoutCheckService

Android Permissions

3579057145c69159a8d2ede4d0cdc080_NeikiAnalytics