ExpressVPN for Android [Mod] @squadhackers[.]apk | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ExpressVPN for Android [Mod] @squadhackers.apk
Size

21.1MB
MD5

6ac2c7ce42641db2091fbf0b9f7e48c9
SHA1

2d3e5d03822e9ad5640f1039bd75ec80a2edf795
SHA256

4d67a5e03b7f1d6e3862a09aaaf8e5a182c6836c97491f12eed63fd2d7cfb97f
SHA512

cc75ffc094531691aecbc08aa07930790dcf515e225ceb410e5fbad3757911f412c3bc3d690bd0fd0ae5bb83ff875364f9e3dc0a00eadb41f5b0abfa03fdfc0e
SSDEEP

393216:hOy8V7OyfWF9WX2tAiEgoo6hs4smhxLzqEyqm9nIt9+DnXHq55M3s7UTI9GaiIPc:hz8V7/6vnl36cvpZ9It+nXK7M3s77GWU

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 1 IoCs

description	ioc
Required by VPN services to bind with the system. Allows apps to provision VPN services.	android.permission.BIND_VPN_SERVICE

Files

ExpressVPN for Android [Mod] @squadhackers.apk
.apk android arch:arm arch:mips arch:x86

com.expressvpn.vpn

com.expressvpn.vpn.MainActivity

Activities

com.expressvpn.vpn.MainActivity

android.intent.action.MAIN
com.expressvpn.vpn.MainActivity.ACTION_ACTIVATION_CODE
com.expressvpn.vpn.MainActivity.ACTION_ACTIVATION_CODE_AUTO
android.intent.action.VIEW
android.intent.action.VIEW

com.expressvpn.vpn.LocationSearchActivity

android.intent.action.VIEW
android.intent.action.SEARCH

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.WAKE_LOCK
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.VIBRATE

Receivers

com.expressvpn.vpn.config.service.ExpressVpnServiceRequestReceiver

com.expressvpn.SCHEDULED_SERVICE_REQUEST

com.expressvpn.vpn.connection.NetworkStateReceiver

android.net.conn.CONNECTIVITY_CHANGE
android.net.wifi.WIFI_STATE_CHANGED
android.net.wifi.STATE_CHANGE

com.expressvpn.vpn.billing.GlobalPurchaseStateChangeReceiver

expressvpn.ACTION_PURCHASE_REGISTRATION_FAILURE

com.expressvpn.vpn.widget.ExpressVpnSimpleWidgetProvider

android.appwidget.action.APPWIDGET_UPDATE

com.expressvpn.vpn.connection.VpnConnectivityReceiver

express.vpn.connectivity

com.expressvpn.vpn.boot.BootReceiver

android.intent.action.BOOT_COMPLETED

Services

com.expressvpn.vpn.connection.OpenVpnService

android.net.VpnService

Android Permissions

ExpressVPN for Android [Mod] @squadhackers.apk

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.WAKE_LOCK

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.VIBRATE