waterfly-iii[.]apk

General

Target

waterfly-iii.apk
Size

10.4MB
MD5

906ebf16833ae1842eb03054e0bcc4b7
SHA1

b664030e47839afbc2a072e1900e2d34ad9a254c
SHA256

a80522dad5f1afe0f0dde3e954333f7a57746e134cc03bc9622f7d4cf7c73c2c
SHA512

a59c01ff8627954021fe7e6cedc9bdb45fb47b781cf038572e8c5158fc6031f0bb27bbada48f011581e59bebdffd1b604d24ee97f4ab9d80167b4f4b6fd79881
SSDEEP

196608:6O8IVBNRcCI2LdxVFeQxYgkFWTOHaYjnHSydflXeCbiP9VHqrRqbqzs:6OLpR8Kx2QqgwWTO6+nHSk9O1aR9s

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 1 IoCs

Processes:

description	ioc
Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device.	android.permission.BIND_NOTIFICATION_LISTENER_SERVICE

Requests dangerous framework permissions 6 IoCs

Processes:

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows applications to use exact alarm APIs.	android.permission.SCHEDULE_EXACT_ALARM
Allows an app to post notifications.	android.permission.POST_NOTIFICATIONS
Allows an application to read image files from external storage.	android.permission.READ_MEDIA_IMAGES
Allows an application to read video files from external storage.	android.permission.READ_MEDIA_VIDEO
Allows an application to read audio files from external storage.	android.permission.READ_MEDIA_AUDIO

Files

waterfly-iii.apk
.apk android arch:arm64

com.dreautall.waterflyiii

com.dreautall.waterflyiii.MainActivity

Activities

com.dreautall.waterflyiii.MainActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.USE_BIOMETRIC
android.permission.READ_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.VIBRATE
android.permission.USE_FULL_SCREEN_INTENT
android.permission.SCHEDULE_EXACT_ALARM
android.permission.POST_NOTIFICATIONS
android.permission.WAKE_LOCK
android.permission.FOREGROUND_SERVICE
android.permission.READ_MEDIA_IMAGES
android.permission.READ_MEDIA_VIDEO
android.permission.READ_MEDIA_AUDIO
android.permission.USE_FINGERPRINT
com.dreautall.waterflyiii.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

Receivers

com.dexterous.flutterlocalnotifications.ScheduledNotificationBootReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.MY_PACKAGE_REPLACED
android.intent.action.QUICKBOOT_POWERON
com.htc.intent.action.QUICKBOOT_POWERON

kh.ad.notifications_listener_service.receivers.NotificationBroadcastReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.LOCKED_BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.REBOOT

Services

kh.ad.notifications_listener_service.services.NotificationListenerService

android.service.notification.NotificationListenerService

waterfly-iii.apk

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.USE_BIOMETRIC

android.permission.READ_EXTERNAL_STORAGE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.VIBRATE

android.permission.USE_FULL_SCREEN_INTENT

android.permission.SCHEDULE_EXACT_ALARM

android.permission.POST_NOTIFICATIONS

android.permission.WAKE_LOCK

android.permission.FOREGROUND_SERVICE

android.permission.READ_MEDIA_IMAGES

android.permission.READ_MEDIA_VIDEO

android.permission.READ_MEDIA_AUDIO

android.permission.USE_FINGERPRINT

com.dreautall.waterflyiii.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

Sharing

General

Malware Config

Signatures

Files

com.dreautall.waterflyiii

com.dreautall.waterflyiii.MainActivity

Activities

com.dreautall.waterflyiii.MainActivity

Permissions

Receivers

com.dexterous.flutterlocalnotifications.ScheduledNotificationBootReceiver

kh.ad.notifications_listener_service.receivers.NotificationBroadcastReceiver

Services

kh.ad.notifications_listener_service.services.NotificationListenerService

Android Permissions

waterfly-iii.apk