xamalicious | sh[.]ppy[.]osulazer[.]apk

General

Target

sh.ppy.osulazer.apk
Size

209.9MB
MD5

a87a79cc8d1c331aba1dceec963700b0
SHA1

3f958586d59f04d7b115e8ee85357e74eacc13d8
SHA256

dde9a0d66fea0068f1e5b4b66f0f07fcd9c5fa874e5f28644db23687eea0e8ee
SHA512

94472e55d8d464595244d4c30800eb2b769f7ccc1fa8f176978e6f875b23dceb4bba9fb028ae1be397547e9dee8124e7d71f6c0d8aa8ccc117bba072fef20c5a
SSDEEP

6291456:MRuCL4+VJqnqPLG+yXo2Q0RQlNkWh6gFGVHl:M8h6qneiIfQl

Score

10^/10

Android Xamalicious payload 1 IoCs

resource	yara_rule
sample	family_xamalicious

Requests dangerous framework permissions 3 IoCs

description	ioc
Allows an application to read image files from external storage.	android.permission.READ_MEDIA_IMAGES
Allows an application to read audio files from external storage.	android.permission.READ_MEDIA_AUDIO
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE

Permissions

android.permission.WAKE_LOCK

android.permission.READ_FRAME_BUFFER

android.permission.INTERNET

android.permission.BATTERY_STATS

android.permission.READ_MEDIA_IMAGES

android.permission.READ_MEDIA_AUDIO

android.permission.READ_EXTERNAL_STORAGE

sh.ppy.osulazer.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION