5be64736786499f71b7f4fa3c7c8b980_NeikiAnalytics[.]zip

General

Target

5be64736786499f71b7f4fa3c7c8b980_NeikiAnalytics.zip
Size

2.7MB
MD5

5be64736786499f71b7f4fa3c7c8b980
SHA1

678cfb3617e5339cb7b5c0b18b55c71571bf4ca2
SHA256

e0289c3cf124bdfaa1650518b72d042d7783095c6ded8e80ba1579830fbfb0ce
SHA512

6fceafab64b3d532061d90c6ab1c006d02cb626bcb54e8cb777b00875afa1a4f7ef080214fdb62b94b0d9fed92c5b560d777bc419d7c32b9d97ab1714914b304
SSDEEP

49152:Q2x+Rx+Zib9ZNgVOTqCOyLfEEkjUi/f0Yi2CxwNDe6T:QQCFBTqhyLcXr

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 1 IoCs

description	ioc
Required by remote views services to bind with the system. Allows apps to share and display views across different processes.	android.permission.BIND_REMOTEVIEWS

Requests dangerous framework permissions 7 IoCs

description	ioc
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to record audio.	android.permission.RECORD_AUDIO
Required to be able to access the camera device.	android.permission.CAMERA

Files

5be64736786499f71b7f4fa3c7c8b980_NeikiAnalytics.zip
.apk android

Password: infected

com.android.browser

BrowserActivity

Activities

BrowserActivity

android.speech.action.VOICE_SEARCH_RESULTS
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.nfc.action.NDEF_DISCOVERED
android.intent.action.MAIN
android.intent.action.WEB_SEARCH
android.intent.action.MEDIA_SEARCH
android.intent.action.SEARCH

ShortcutActivity

android.intent.action.CREATE_SHORTCUT

BrowserPreferencesPage

android.intent.action.MANAGE_NETWORK_USAGE

BookmarkSearch

android.intent.action.SEARCH

AddBookmarkPage

android.intent.action.INSERT

AddBookmarkFolderForOP01Menu

com.android.browser.ADD_BOOKMARK_FOLDER

.widget.BookmarkWidgetConfigure

android.appwidget.action.APPWIDGET_CONFIGURE

com.mediatek.browser.hotknot.HotKnotActivity

com.mediatek.hotknot.action.MESSAGE_DISCOVERED

Permissions

android.permission.ACCESS_MTK_MMHW
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_DOWNLOAD_MANAGER
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.GET_ACCOUNTS
android.permission.USE_CREDENTIALS
android.permission.INTERNET
android.permission.NFC
android.permission.SEND_DOWNLOAD_COMPLETED_INTENTS
android.permission.SET_WALLPAPER
android.permission.WAKE_LOCK
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WRITE_MEDIA_STORAGE
android.permission.WRITE_SETTINGS
android.permission.READ_SYNC_SETTINGS
android.permission.WRITE_SYNC_SETTINGS
android.permission.MANAGE_ACCOUNTS
android.permission.READ_PROFILE
com.android.browser.permission.READ_HISTORY_BOOKMARKS
com.android.browser.permission.WRITE_HISTORY_BOOKMARKS
com.android.launcher.permission.INSTALL_SHORTCUT
android.permission.RECORD_AUDIO
android.permission.CAMERA
android.permission.MODIFY_AUDIO_SETTINGS
com.android.browser.permission.READ_HOMEPAGE
com.android.browser.permission.WRITE_HOMEPAGE
android.permission.CHANGE_NETWORK_STATE
android.permission.HOTKNOT

Receivers

.widget.BookmarkThumbnailWidgetProvider

android.appwidget.action.APPWIDGET_UPDATE
com.android.browser.BOOKMARK_APPWIDGET_UPDATE

.OpenDownloadReceiver

android.intent.action.DOWNLOAD_NOTIFICATION_CLICKED

.AccountsChangedReceiver

android.accounts.LOGIN_ACCOUNTS_CHANGED

.PreloadRequestReceiver

android.intent.action.PRELOAD

.ChangeSearchEngineReceiver

com.android.browser.SEARCH_ENGINE_CHANGED
com.mediatek.search.SEARCH_ENGINE_CHANGED

.OmacpSettingReceiver

com.mediatek.omacp.settings
com.mediatek.omacp.capability

Services

Android Permissions

5be64736786499f71b7f4fa3c7c8b980_NeikiAnalytics.zip

Permissions

android.permission.ACCESS_MTK_MMHW

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_DOWNLOAD_MANAGER

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.GET_ACCOUNTS

android.permission.USE_CREDENTIALS

android.permission.INTERNET

android.permission.NFC

android.permission.SEND_DOWNLOAD_COMPLETED_INTENTS

android.permission.SET_WALLPAPER

android.permission.WAKE_LOCK

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.WRITE_MEDIA_STORAGE

android.permission.WRITE_SETTINGS

android.permission.READ_SYNC_SETTINGS

android.permission.WRITE_SYNC_SETTINGS

android.permission.MANAGE_ACCOUNTS

android.permission.READ_PROFILE

com.android.browser.permission.READ_HISTORY_BOOKMARKS

com.android.browser.permission.WRITE_HISTORY_BOOKMARKS

com.android.launcher.permission.INSTALL_SHORTCUT

android.permission.RECORD_AUDIO

android.permission.CAMERA

android.permission.MODIFY_AUDIO_SETTINGS

com.android.browser.permission.READ_HOMEPAGE

com.android.browser.permission.WRITE_HOMEPAGE

android.permission.CHANGE_NETWORK_STATE

android.permission.HOTKNOT

Sharing

General

Malware Config

Signatures

Files

Password: infected

com.android.browser

BrowserActivity

Activities

BrowserActivity

ShortcutActivity

BrowserPreferencesPage

BookmarkSearch

AddBookmarkPage

AddBookmarkFolderForOP01Menu

.widget.BookmarkWidgetConfigure

com.mediatek.browser.hotknot.HotKnotActivity

Permissions

Receivers

.widget.BookmarkThumbnailWidgetProvider

.OpenDownloadReceiver

.AccountsChangedReceiver

.PreloadRequestReceiver

.ChangeSearchEngineReceiver

.OmacpSettingReceiver

Services

Android Permissions

5be64736786499f71b7f4fa3c7c8b980_NeikiAnalytics.zip