Extracted

• • Target

    FlyGram.apk

  • Size

    50.6MB

  • MD5

    207591f089116460eecac93556cc4ee6

  • SHA1

    c6e26eafbf6703dc19446944af5ded65f86c9571

  • SHA256

    daf3d2cb6f1bbb7c8d1cfb5fc0db23afc304a622ebb24aa940228be691bcda2d

  • SHA512

    4fc1f05e6113680d2439541f9a66dca0284c3a56030ba4ad8b89f70b896df3b171ed99dc22ed09000429b325b1d8cc14194dff7c6209955cef40ac87eccc87c3

  • SSDEEP

    786432:PQhaCgW+rjQgsjp0i2bq5TXQOtj2pG4dG5NzarvqHwl0DdaAlmE:Iha7WA2lKbgTXTtjsGN3aLqHBaAlmE

  Score

  10^/10

  badbazaardiscoveryevasioninfostealerpersistencespywaretrojan

  • BadBazaar

    BadBazaar is an Android spyware used by GREF APT group.

    spywareinfostealertrojanbadbazaar

  • Checks CPU information

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery

  • Checks known Qemu pipes.

    Checks for known pipes used by the Android emulator to communicate with the host.

    evasion

  • Registers a broadcast receiver at runtime (usually for listening for system events)

    persistence

  • Acquires the wake lock

  • Checks if the internet connection is available

    discovery
  behavioral1