96f2955164dad9ba05156f8f373a0b14250f93e40a837ef2b64574936f301289_NeikiAnalytics[.]zip

General

Target

96f2955164dad9ba05156f8f373a0b14250f93e40a837ef2b64574936f301289_NeikiAnalytics.zip
Size

136KB
MD5

a6dc5b91393915da0bf603d7d433f2b0
SHA1

54b583c69d97098f3f4274dd6ddef0bc040b1e97
SHA256

96f2955164dad9ba05156f8f373a0b14250f93e40a837ef2b64574936f301289
SHA512

bb0638b1c9809b6d8008f841c9c96bcecc8e32eabc08fd8bbb4717e777e4dc6c805e4ff41a97108ebef1ddca71a3aaa6a44455cb63972cd58440101cf3c5c4b1
SSDEEP

3072:RPJEGP+BoAkYyGfu5C/OG8NtJmXTKiN1RqMtGMLT:Rx1aofFtgX8tJG1RXQM

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 7 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS
Allows an application to read the user's calendar data.	android.permission.READ_CALENDAR
Allows an application to write the user's calendar data.	android.permission.WRITE_CALENDAR
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE

Files

96f2955164dad9ba05156f8f373a0b14250f93e40a837ef2b64574936f301289_NeikiAnalytics.zip
.apk android

Password: infected

com.android.exchange

.EasCertificateRequestor

Activities

.EasCertificateRequestor

com.android.email.EXCHANGE_REQUEST_CERT

.SettingsRedirector

android.intent.action.MANAGE_NETWORK_USAGE

Permissions

android.permission.RECEIVE_BOOT_COMPLETED
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.VIBRATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.GET_ACCOUNTS
android.permission.MANAGE_ACCOUNTS
android.permission.AUTHENTICATE_ACCOUNTS
android.permission.READ_SYNC_SETTINGS
android.permission.WRITE_SYNC_SETTINGS
android.permission.READ_CONTACTS
android.permission.WRITE_CONTACTS
android.permission.READ_CALENDAR
android.permission.WRITE_CALENDAR
android.permission.USE_CREDENTIALS
android.permission.WAKE_LOCK
android.permission.READ_PHONE_STATE
com.android.email.permission.READ_ATTACHMENT
com.android.email.permission.ACCESS_PROVIDER
android.permission.WRITE_MEDIA_STORAGE
android.permission.INTERACT_ACROSS_USERS
android.permission.INTERACT_ACROSS_USERS_FULL

Receivers

ExchangeBroadcastReceiver

android.accounts.LOGIN_ACCOUNTS_CHANGED

Services

com.android.exchange.service.EasService

com.android.email.EXCHANGE_INTENT

com.android.exchange.service.EmailSyncAdapterService

android.content.SyncAdapter

com.android.exchange.service.ContactsSyncAdapterService

android.content.SyncAdapter

com.android.exchange.service.CalendarSyncAdapterService

android.content.SyncAdapter

com.mediatek.exchange.smartpush.SmartPushService

com.mediatek.email.SMARTPUSH_INTENT

Android Permissions

96f2955164dad9ba05156f8f373a0b14250f93e40a837ef2b64574936f301289_NeikiAnalytics.zip

Permissions

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.ACCESS_NETWORK_STATE

android.permission.INTERNET

android.permission.VIBRATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.GET_ACCOUNTS

android.permission.MANAGE_ACCOUNTS

android.permission.AUTHENTICATE_ACCOUNTS

android.permission.READ_SYNC_SETTINGS

android.permission.WRITE_SYNC_SETTINGS

android.permission.READ_CONTACTS

android.permission.WRITE_CONTACTS

android.permission.READ_CALENDAR

android.permission.WRITE_CALENDAR

android.permission.USE_CREDENTIALS

android.permission.WAKE_LOCK

android.permission.READ_PHONE_STATE

com.android.email.permission.READ_ATTACHMENT

com.android.email.permission.ACCESS_PROVIDER

android.permission.WRITE_MEDIA_STORAGE

android.permission.INTERACT_ACROSS_USERS

android.permission.INTERACT_ACROSS_USERS_FULL

Sharing

General

Malware Config

Signatures

Files

Password: infected

com.android.exchange

.EasCertificateRequestor

Activities

.EasCertificateRequestor

.SettingsRedirector

Permissions

Receivers

ExchangeBroadcastReceiver

Services

com.android.exchange.service.EasService

com.android.exchange.service.EmailSyncAdapterService

com.android.exchange.service.ContactsSyncAdapterService

com.android.exchange.service.CalendarSyncAdapterService

com.mediatek.exchange.smartpush.SmartPushService

Android Permissions

96f2955164dad9ba05156f8f373a0b14250f93e40a837ef2b64574936f301289_NeikiAnalytics.zip