1998fe59b9678d076a4ea26deb527a80_NeikiAnalytics[.]zip

General

Target

1998fe59b9678d076a4ea26deb527a80_NeikiAnalytics.zip
Size

6.7MB
MD5

1998fe59b9678d076a4ea26deb527a80
SHA1

71303ba680ec72d924ce4e00f8845cc8fb11acf6
SHA256

deeb719eb3b35dfb32c20f18ff17d7c9b48b40a7b5d2eb297be641b4e1db6ed0
SHA512

b4a9f99091b7c75a7f525484ee7d289b8cadcb0467a13195d79254b99fa799bd1404e84cdde6ccbf3ab10f311061a5ed5e1e8d3e521997ec98255fde0b46d164
SSDEEP

196608:LEuGGJDgjjw4yVw2xcF23mFMgykn6B0RxuAwE:LEfoDyjw4yxDOt

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 3 IoCs

description	ioc
Required by wallpaper services to bind with the system. Allows apps to provide live wallpapers.	android.permission.BIND_WALLPAPER
Required by dream services to bind with the system. Allows apps to provide interactive screensavers (dreams).	android.permission.BIND_DREAM_SERVICE
Required by dream services to bind with the system. Allows apps to provide interactive screensavers (dreams).	android.permission.BIND_DREAM_SERVICE

Requests dangerous framework permissions 8 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Required to be able to access the camera device.	android.permission.CAMERA

Files

1998fe59b9678d076a4ea26deb527a80_NeikiAnalytics.zip
.apk android

Password: infected

com.android.systemui

.DessertCase

Activities

com.android.systemui.statusbar.phone.EditQSActivity

com.android.action_edit_qs

.tuner.TunerActivity

com.android.settings.action.EXTRA_SETTINGS

.recents.RecentsActivity

com.android.systemui.recents.TOGGLE_RECENTS

.DessertCase

android.intent.action.MAIN

.egg.MLandActivity

android.intent.action.MAIN

.Somnambulator

android.intent.action.MAIN

.settings.BrightnessDialog

android.intent.action.SHOW_BRIGHTNESS_DIALOG

Permissions

android.permission.INTERNET
android.permission.SET_WALLPAPER_HINTS
android.permission.REBOOT
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WRITE_MEDIA_STORAGE
android.permission.WAKE_LOCK
android.permission.INJECT_EVENTS
android.permission.DUMP
android.permission.WRITE_SETTINGS
android.permission.STATUS_BAR_SERVICE
android.permission.STATUS_BAR
android.permission.EXPAND_STATUS_BAR
android.permission.REMOTE_AUDIO_PLAYBACK
android.permission.MANAGE_USERS
android.permission.READ_PROFILE
android.permission.READ_CONTACTS
android.permission.CONFIGURE_WIFI_DISPLAY
android.permission.WRITE_SECURE_SETTINGS
android.permission.GET_APP_OPS_STATS
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.BLUETOOTH_PRIVILEGED
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.READ_PRIVILEGED_PHONE_STATE
android.permission.READ_PRECISE_PHONE_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.OVERRIDE_WIFI_CONFIG
android.permission.MANAGE_NETWORK_POLICY
android.permission.CONNECTIVITY_INTERNAL
android.permission.READ_NETWORK_USAGE_HISTORY
android.permission.CONTROL_VPN
android.permission.PEERS_MAC_ADDRESS
android.permission.MANAGE_USB
android.permission.DEVICE_POWER
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.MASTER_CLEAR
android.permission.VIBRATE
android.permission.REAL_GET_TASKS
android.permission.GET_DETAILED_TASKS
android.permission.REORDER_TASKS
android.permission.REMOVE_TASKS
android.permission.STOP_APP_SWITCHES
android.permission.SET_SCREEN_COMPATIBILITY
android.permission.START_ANY_ACTIVITY
android.permission.INTERACT_ACROSS_USERS
android.permission.INTERACT_ACROSS_USERS_FULL
android.permission.GET_TOP_ACTIVITY_INFO
android.permission.MANAGE_ACTIVITY_STACKS
android.permission.START_TASKS_FROM_RECENTS
android.permission.INTERNAL_SYSTEM_WINDOW
android.permission.SYSTEM_ALERT_WINDOW
android.permission.READ_FRAME_BUFFER
android.permission.MANAGE_APP_TOKENS
android.permission.SET_ORIENTATION
android.permission.DISABLE_KEYGUARD
android.permission.READ_DREAM_STATE
android.permission.WRITE_DREAM_STATE
com.android.alarm.permission.SET_ALARM
android.permission.CONTROL_KEYGUARD
android.permission.MODIFY_PHONE_STATE
android.permission.GET_ACCOUNTS
android.permission.MANAGE_ACCOUNTS
android.permission.BIND_DEVICE_ADMIN
android.permission.CHANGE_COMPONENT_ENABLED_STATE
android.permission.MEDIA_CONTENT_CONTROL
android.permission.ACCESS_KEYGUARD_SECURE_STORAGE
android.permission.TRUST_LISTENER
android.permission.USE_FINGERPRINT
com.mediatek.ppl.permission.ACCESS_PPL_MANAGER
android.permission.RESET_FINGERPRINT_LOCKOUT
android.permission.SET_WALLPAPER
android.permission.SET_WALLPAPER_HINTS
android.permission.BIND_APPWIDGET
android.permission.CONFIGURE_WIFI_DISPLAY
android.permission.CAMERA
android.permission.MANAGE_MEDIA_PROJECTION
android.permission.ACCESS_VOICE_INTERACTION_SERVICE
android.permission.INSTALL_PACKAGES
android.permission.DELETE_PACKAGES
com.android.systemui.permission.SELF
android.permission.WRITE_APN_SETTINGS
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.FORCE_STOP_PACKAGES
android.permission.INTERNET

Receivers

.BootReceiver

android.intent.action.BOOT_COMPLETED

.qs.tiles.HotspotTile$APChangedReceiver

android.net.wifi.WIFI_AP_STATE_CHANGED

.recents.RecentsUserEventProxyReceiver

com.android.systemui.recents.action.SHOW_RECENTS_FOR_USER
com.android.systemui.recents.action.HIDE_RECENTS_FOR_USER
com.android.systemui.recents.action.TOGGLE_RECENTS_FOR_USER
com.android.systemui.recents.action.PRELOAD_RECENTS_FOR_USER
com.android.systemui.recents.action.CONFIG_CHANGED_FOR_USER

com.mediatek.systemui.floatpanel.FloatModel

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_CHANGED
action_multiwindow_disable_pkg_updated
android.intent.action.LOCALE_CHANGED

.tuner.TunerService$ClearReceiver

com.android.systemui.action.CLEAR_TUNER

Services

.DessertCaseDream

android.service.dreams.DreamService

com.android.systemui.statusbar.phone.NavigationOptService

action.prize.lock.navigation.remote.opt

Android Permissions

1998fe59b9678d076a4ea26deb527a80_NeikiAnalytics.zip

Permissions

android.permission.INTERNET

android.permission.SET_WALLPAPER_HINTS

android.permission.REBOOT

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.WRITE_MEDIA_STORAGE

android.permission.WAKE_LOCK

android.permission.INJECT_EVENTS

android.permission.DUMP

android.permission.WRITE_SETTINGS

android.permission.STATUS_BAR_SERVICE

android.permission.STATUS_BAR

android.permission.EXPAND_STATUS_BAR

android.permission.REMOTE_AUDIO_PLAYBACK

android.permission.MANAGE_USERS

android.permission.READ_PROFILE

android.permission.READ_CONTACTS

android.permission.CONFIGURE_WIFI_DISPLAY

android.permission.WRITE_SECURE_SETTINGS

android.permission.GET_APP_OPS_STATS

android.permission.BLUETOOTH

android.permission.BLUETOOTH_ADMIN

android.permission.BLUETOOTH_PRIVILEGED

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_NETWORK_STATE

android.permission.CHANGE_NETWORK_STATE

android.permission.READ_PRIVILEGED_PHONE_STATE

android.permission.READ_PRECISE_PHONE_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.OVERRIDE_WIFI_CONFIG

android.permission.MANAGE_NETWORK_POLICY

android.permission.CONNECTIVITY_INTERNAL

android.permission.READ_NETWORK_USAGE_HISTORY

android.permission.CONTROL_VPN

android.permission.PEERS_MAC_ADDRESS

android.permission.MANAGE_USB

android.permission.DEVICE_POWER

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.MASTER_CLEAR

android.permission.VIBRATE

android.permission.REAL_GET_TASKS

android.permission.GET_DETAILED_TASKS

android.permission.REORDER_TASKS

android.permission.REMOVE_TASKS

android.permission.STOP_APP_SWITCHES

android.permission.SET_SCREEN_COMPATIBILITY

android.permission.START_ANY_ACTIVITY

android.permission.INTERACT_ACROSS_USERS

Sharing

General

Malware Config

Signatures

Files

Password: infected

com.android.systemui

.DessertCase

Activities

com.android.systemui.statusbar.phone.EditQSActivity

.tuner.TunerActivity

.recents.RecentsActivity

.DessertCase

.egg.MLandActivity

.Somnambulator

.settings.BrightnessDialog

Permissions

Receivers

.BootReceiver

.qs.tiles.HotspotTile$APChangedReceiver

.recents.RecentsUserEventProxyReceiver

com.mediatek.systemui.floatpanel.FloatModel

.tuner.TunerService$ClearReceiver

Services

.DessertCaseDream

com.android.systemui.statusbar.phone.NavigationOptService

Android Permissions

1998fe59b9678d076a4ea26deb527a80_NeikiAnalytics.zip