3937d91e5ff023e7c60b5d03d75714c0_NeikiAnalytics[.]zip

General

Target

3937d91e5ff023e7c60b5d03d75714c0_NeikiAnalytics.zip
Size

1.1MB
MD5

3937d91e5ff023e7c60b5d03d75714c0
SHA1

22fe52a6a7de773073ec244adca30555a41e8da4
SHA256

dec79cdb3cb4de5ad0ca3467c197059e873bff8c7f09c7e2569085f451c08bd4
SHA512

610690429290a08f1c143ad3cd2138a63c8b4a1bc994bab743c2281c5c4227c3d1bfbc5d6deb02a652c820b89264b1465ffd1bda45eed06299df9bcb08d43955
SSDEEP

24576:XsPbYquiMQ0hQSH2dMe1+91UjNNFKbYa8:XsPcqohQhz+nUZ4U

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 5 IoCs

description	ioc
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to read the user's calendar data.	android.permission.READ_CALENDAR
Allows an application to read the user's call log.	android.permission.READ_CALL_LOG
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to collect component usage statistics.	android.permission.PACKAGE_USAGE_STATS

Files

3937d91e5ff023e7c60b5d03d75714c0_NeikiAnalytics.zip
.apk android arch:arm64 arch:arm

Password: infected

com.samsung.android.app.galaxyfinder

com.samsung.android.app.galaxyfinder.GalaxyFinderActivity

Activities

com.samsung.android.app.galaxyfinder.GalaxyFinderActivity

android.intent.action.MAIN
com.sec.android.airview.HOVER
com.samsung.android.intent.action.SEARCH
com.samsung.android.support.executable
com.samsung.android.app.galaxyfinder.executable.LAUNCH_SFINDER

com.samsung.android.app.galaxyfinder.AppLauncherActivity

com.samsung.android.intent.action.SEARCH

Permissions

android.permission.READ_CONTACTS
android.permission.READ_CALENDAR
android.permission.READ_CALL_LOG
android.permission.READ_EXTERNAL_STORAGE
com.samsung.android.app.notes.READ
android.permission.REAL_GET_TASKS
android.permission.ACCESS_NETWORK_STATE
android.permission.CALL_PRIVILEGED
android.permission.GLOBAL_SEARCH
android.permission.VIBRATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.UPDATE_APP_OPS_STATS
android.permission.INTERACT_ACROSS_USERS
com.android.browser.permission.READ_HISTORY_BOOKMARKS
com.samsung.android.memo.READ
com.samsung.helphub.permission.HELP
samsung.android.snoteprovider.permission.READ
com.sec.android.app.twdvfs.DVFS_BOOSTER_PERMISSION
android.permission.INTERNET
com.samsung.android.providers.context.permission.READ_PROFILE
com.samsung.android.providers.context.permission.WRITE_SEARCH_KEYWORD
com.samsung.android.providers.context.permission.WRITE_USE_APP_FEATURE_SURVEY
com.sec.face.provider.FaceProvider.data.READ
com.sec.face.provider.FaceProvider.data.WRTIE
com.samsung.cmh.data.READ
com.samsung.android.email.permission.ACCESS_PROVIDER
android.permission.PACKAGE_USAGE_STATS
android.permission.WRITE_MEDIA_STORAGE
com.android.launcher.permission.INSTALL_SHORTCUT

Receivers

com.samsung.android.app.galaxyfinder.ApplicationStatusReceiver

android.intent.action.LOCALE_CHANGED

com.samsung.android.app.galaxyfinder.GalaxyFinderActionReceiver

com.android.galaxyfinder.action.LAUNCH_ACTIVITY

Android Permissions

3937d91e5ff023e7c60b5d03d75714c0_NeikiAnalytics.zip

Permissions

android.permission.READ_CONTACTS

android.permission.READ_CALENDAR

android.permission.READ_CALL_LOG

android.permission.READ_EXTERNAL_STORAGE

com.samsung.android.app.notes.READ

android.permission.REAL_GET_TASKS

android.permission.ACCESS_NETWORK_STATE

android.permission.CALL_PRIVILEGED

android.permission.GLOBAL_SEARCH

android.permission.VIBRATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.UPDATE_APP_OPS_STATS

android.permission.INTERACT_ACROSS_USERS

com.android.browser.permission.READ_HISTORY_BOOKMARKS

com.samsung.android.memo.READ

com.samsung.helphub.permission.HELP

samsung.android.snoteprovider.permission.READ

com.sec.android.app.twdvfs.DVFS_BOOSTER_PERMISSION

android.permission.INTERNET

com.samsung.android.providers.context.permission.READ_PROFILE

com.samsung.android.providers.context.permission.WRITE_SEARCH_KEYWORD

com.samsung.android.providers.context.permission.WRITE_USE_APP_FEATURE_SURVEY

com.sec.face.provider.FaceProvider.data.READ

com.sec.face.provider.FaceProvider.data.WRTIE

com.samsung.cmh.data.READ

com.samsung.android.email.permission.ACCESS_PROVIDER

android.permission.PACKAGE_USAGE_STATS

android.permission.WRITE_MEDIA_STORAGE

com.android.launcher.permission.INSTALL_SHORTCUT

Sharing

General

Malware Config

Signatures

Files

Password: infected

com.samsung.android.app.galaxyfinder

com.samsung.android.app.galaxyfinder.GalaxyFinderActivity

Activities

com.samsung.android.app.galaxyfinder.GalaxyFinderActivity

com.samsung.android.app.galaxyfinder.AppLauncherActivity

Permissions

Receivers

com.samsung.android.app.galaxyfinder.ApplicationStatusReceiver

com.samsung.android.app.galaxyfinder.GalaxyFinderActionReceiver

Android Permissions

3937d91e5ff023e7c60b5d03d75714c0_NeikiAnalytics.zip