Overview

overview

6

Static

static

6

cfa-2.5.8-...se.apk

android-10-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    cfa-2.5.8-foss-arm64-v8a-release.apk

  • Size

    8.4MB

  • MD5

    671dae34bef7b50488514979e8f7d7c8

  • SHA1

    4ecfba1abdfaed7a6ddd5d50ba776c5b0c541a34

  • SHA256

    420b3f364dde26f152637a56b220320072a478565eeaaf22964b2da34fda3096

  • SHA512

    223818ed08148c7db6dac2b10ff5a16f9377f5e1c57cfe922761f6287af3da403d2b342ca74cbfac1869f52ddb1b2ce0326aa93fb47483a5ce9146f9feb32127

  • SSDEEP

    196608:JczG+udlvXf9j7rNdt9lzZjNIz32aokIV0IxPWGtPSET:JczG+stXfBtnZ1aoz0Ep1SET

Score
6/10

Malware Config

Signatures

  • Declares services with permission to bind to the system 2 IoCs
  • Requests dangerous framework permissions 1 IoCs

Files

  • cfa-2.5.8-foss-arm64-v8a-release.apk
    .apk android arch:arm64

    com.github.kr328.clash.foss

    com.github.kr328.clash.MainActivity


Android Permissions

cfa-2.5.8-foss-arm64-v8a-release.apk

Permissions

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.FOREGROUND_SERVICE

android.permission.READ_EXTERNAL_STORAGE

android.permission.QUERY_ALL_PACKAGES

android.permission.ACCESS_NETWORK_STATE

android.permission.CHANGE_NETWORK_STATE

android.permission.INTERNET

com.github.kr328.clash.foss.permission.RECEIVE_BROADCASTS