ct157[.]apk | Triage

General

Target

ct157.apk
Size

9.2MB
MD5

0f3d31f9ec47a782dbd49330dc7c2ba2
SHA1

042c4a2faafa23662ad6dc7c82c94ec980f9d982
SHA256

e0660d7d6116a6ec75fdf6df08bf20b9599d3f4c935f4d82da06482c5b944323
SHA512

7643fdb1106a81c19dae368d87b3ccedb122bd64c791f04d5fb2e245ea0dea88bec5d6ee7d3a89317189c0580e0f1eb0336bc267e43e3aa6d3ef7e7b49385046
SSDEEP

196608:LlMXiF34V87ZqqP1Y9QGpBBYRtaCZByBfimHphp+1Ge1a4WFEW5:J38yAxMRtaCZEimJTaGoa3z

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 12 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to access location in the background.	android.permission.ACCESS_BACKGROUND_LOCATION
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application a broad access to external storage in scoped storage.	android.permission.MANAGE_EXTERNAL_STORAGE
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an app to post notifications.	android.permission.POST_NOTIFICATIONS

Files

ct157.apk
.apk android arch:arm64 arch:arm arch:mips arch:mips64 arch:x86 arch:x64

com.nth.taxicornisa

com.nth.taxicornisa.MainActivity

Activities

com.nth.taxicornisa.MainActivity

android.intent.action.MAIN

com.nth.taxicornisa.sms.ComposeSmsActivity

android.intent.action.SEND
android.intent.action.SENDTO

Permissions

android.permission.WAKE_LOCK
android.permission.INTERNET
android.permission.BLUETOOTH
android.permission.VIBRATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.ACCESS_BACKGROUND_LOCATION
android.permission.READ_EXTERNAL_STORAGE
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.MANAGE_EXTERNAL_STORAGE
android.permission.GET_ACCOUNTS
android.permission.READ_CONTACTS
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.WRITE_SETTINGS
android.permission.POST_NOTIFICATIONS
com.google.android.c2dm.permission.RECEIVE
android.permission.RECEIVE_BOOT_COMPLETED

Receivers

com.nth.taxicornisa.sms.SmsReceiver

android.provider.Telephony.SMS_DELIVER

com.nth.taxicornisa.sms.MmsReceiver

android.provider.Telephony.WAP_PUSH_DELIVER

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

com.instacart.library.truetime.BootCompletedBroadcastReceiver

android.intent.action.BOOT_COMPLETED

Services

com.nth.taxicornisa.services.SmsSendService

android.intent.action.RESPOND_VIA_MESSAGE

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT
carmen.apk
.apk android arch:arm

com.ivona.tts.voicebeta.ron.rou.carmen

.IvonaVoice

Activities

.IvonaVoice

android.intent.action.MAIN

CheckVoiceInstalled

com.ivona.tts.CHECK_VOICE_INSTALLED

Permissions

android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
com.android.vending.CHECK_LICENSE
android.permission.WAKE_LOCK

Receivers

com.ivona.tts.voicelib.ActivityReceiver

android.intent.action.USER_PRESENT

com.ivona.tts.voicelib.ActivityReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_CHANGED
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_RESTARTED
android.intent.action.PACKAGE_FULLY_REMOVED
android.intent.action.PACKAGE_REPLACED

.UpdateReceiver

android.intent.action.PACKAGE_REPLACED

Services
ivona.apk
.apk android arch:arm

com.ivona.tts

com.ivona.tts.WelcomeActivity

Activities

com.ivona.ttslib.DownloadVoiceData

android.speech.tts.engine.INSTALL_TTS_DATA

com.ivona.ttslib.CheckVoiceData

android.speech.tts.engine.CHECK_TTS_DATA

com.ivona.ttslib.GetSampleText

android.speech.tts.engine.GET_SAMPLE_TEXT

.Ivona

android.intent.action.START_TTS_ENGINE

com.ivona.tts.WelcomeActivity

android.intent.action.MAIN

.EngineSettings

android.speech.tts.engine.CONFIGURE_ENGINE

com.ivona.ttslib.CustomSettings

com.ivona.tts.intent.ACTION_CUSTOM_SETTINGS

Permissions

android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.GET_ACCOUNTS
com.android.vending.BILLING

Receivers

com.ivona.ttslib.ActivityReceiver

android.intent.action.USER_PRESENT
android.intent.action.BOOT_COMPLETED

com.ivona.ttslib.PackageMonitorReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_CHANGED
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_RESTARTED
android.intent.action.PACKAGE_FULLY_REMOVED
android.intent.action.PACKAGE_REPLACED

Services

com.ivona.ttslib.ics.IVONATextToSpeechService

android.intent.action.TTS_SERVICE

Android Permissions

ct157.apk

Permissions

android.permission.WAKE_LOCK

android.permission.INTERNET

android.permission.BLUETOOTH

android.permission.VIBRATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_COARSE_LOCATION

android.permission.CHANGE_NETWORK_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.READ_PHONE_STATE

android.permission.ACCESS_LOCATION_EXTRA_COMMANDS

android.permission.ACCESS_BACKGROUND_LOCATION

android.permission.READ_EXTERNAL_STORAGE

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS

android.permission.MANAGE_EXTERNAL_STORAGE

android.permission.GET_ACCOUNTS

android.permission.READ_CONTACTS

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.WRITE_SETTINGS

android.permission.POST_NOTIFICATIONS

com.google.android.c2dm.permission.RECEIVE

android.permission.RECEIVE_BOOT_COMPLETED

Sharing

General

Malware Config

Signatures

Files

com.nth.taxicornisa

com.nth.taxicornisa.MainActivity

Activities

com.nth.taxicornisa.MainActivity

com.nth.taxicornisa.sms.ComposeSmsActivity

Permissions

Receivers

com.nth.taxicornisa.sms.SmsReceiver

com.nth.taxicornisa.sms.MmsReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.instacart.library.truetime.BootCompletedBroadcastReceiver

Services

com.nth.taxicornisa.services.SmsSendService

com.google.firebase.messaging.FirebaseMessagingService

com.ivona.tts.voicebeta.ron.rou.carmen

.IvonaVoice

Activities

.IvonaVoice

CheckVoiceInstalled

Permissions

Receivers

com.ivona.tts.voicelib.ActivityReceiver

com.ivona.tts.voicelib.ActivityReceiver

.UpdateReceiver

Services

com.ivona.tts

com.ivona.tts.WelcomeActivity

Activities

com.ivona.ttslib.DownloadVoiceData

com.ivona.ttslib.CheckVoiceData

com.ivona.ttslib.GetSampleText

.Ivona

com.ivona.tts.WelcomeActivity

.EngineSettings

com.ivona.ttslib.CustomSettings

Permissions

Receivers

com.ivona.ttslib.ActivityReceiver

com.ivona.ttslib.PackageMonitorReceiver

Services

com.ivona.ttslib.ics.IVONATextToSpeechService

Android Permissions

ct157.apk