Resubmissions

12-06-2024 08:16

240612-j6cvqavhpc 10

28-05-2024 23:19

240528-3a8r3age6v 8

28-05-2024 23:18

240528-3ase3sge5s 6

20-05-2024 20:07

240520-yv4lmafb48 8

20-05-2024 15:26

240520-svdgjsgb5t 8

General

  • Target

    file.apk

  • Size

    2.7MB

  • MD5

    ac79187fd3024fb9cb5d1a872461503c

  • SHA1

    c48240ce763e07b690e4fe79d6dfe69eeeebf8bd

  • SHA256

    a6f6e6fb44626f8e609b3ccb6cbf73318baf01d08ef84720706b205f2864b116

  • SHA512

    7f86e193359aab2d5970e7a3346bd98a96d35bea8074dc889d30eac3a3010181bd0c6a768b44895a717635a7ffc7e8cd4c3d8d95a80c9b09c2c137358c0603ae

  • SSDEEP

    49152:U4CJQ42CbqPuuPx0ZH349hOVyPbs2faMrtm87ptAPfMW9pZU23V/1rF:U/OIuJ0RQhOVyg2ic7+HU23h1x

Score
10/10

Malware Config

Signatures

  • Antidot family
  • Antidot payload 1 IoCs
  • Declares services with permission to bind to the system 3 IoCs
  • Requests dangerous framework permissions 10 IoCs

Files

  • file.apk
    .apk android

    com.tejuhabilu.auto

    com.tejuhabilu.auto.MgjkQjUx


Android Permissions

file.apk

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.FOREGROUND_SERVICE

android.permission.FOREGROUND_SERVICE_MEDIA_PROJECTION

android.permission.POST_NOTIFICATIONS

android.permission.SYSTEM_ALERT_WINDOW

android.permission.CALL_PHONE

android.permission.READ_PHONE_STATE

android.permission.READ_PHONE_NUMBERS

android.permission.READ_CONTACTS

android.permission.RECEIVE_SMS

android.permission.READ_SMS

android.permission.SEND_SMS

android.permission.CAMERA

android.permission.QUERY_ALL_PACKAGES

android.permission.WAKE_LOCK

android.permission.QUICKBOOT_POWERON

android.permission.REQUEST_DELETE_PACKAGES

android.permission.RECEIVE_BOOT_COMPLETED

com.google.android.gms.permission.AD_ID

com.tejuhabilu.auto.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE