xamalicious | LaunchBox-Android-1[.]14[.]apk

General

Target

LaunchBox-Android-1.14.apk
Size

283.8MB
MD5

140d99bb53b64cd2ab6f3f1ab03e29dd
SHA1

1580454baa14e755a598da0ccacb0ffa7a9b0f9c
SHA256

364fae179925b1810a5e0d887965c761a15e3d5d665ebd43504013b680242abe
SHA512

edcd6ddbc1efff1d82441b551d3fe9cf0341e8c1e5a412abb1dc2a80e0c8a33dc0d30a1f9f1ea329b111113459be7287efd07634a2efc45a3bc9ffba85c43339
SSDEEP

6291456:lgboySMExAl4mmCWHRKdEiLF16yZHiFXFaNQI2tlr:lMDWAl4bPRU3Lz6yZCFXFateZ

Score

10^/10

xamalicious

Android Xamalicious payload 1 IoCs

Processes:

resource	yara_rule
sample	family_xamalicious

Requests dangerous framework permissions 5 IoCs

Processes:

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES
Allows an application a broad access to external storage in scoped storage.	android.permission.MANAGE_EXTERNAL_STORAGE
Allows an app to post notifications.	android.permission.POST_NOTIFICATIONS

Permissions

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.INTERNET

android.permission.VIBRATE

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.MANAGE_EXTERNAL_STORAGE

android.permission.QUERY_ALL_PACKAGES

android.permission.POST_NOTIFICATIONS

android.permission.ACCESS_NETWORK_STATE