antidot | df7b80f05628dcf1d9fbd051cfd2e5e991ea0d56629ddac51bab61cba3dadab3[.]bin

General

Target

df7b80f05628dcf1d9fbd051cfd2e5e991ea0d56629ddac51bab61cba3dadab3.bin
Size

4.6MB
MD5

6be46ed97215034ed57484b786000b39
SHA1

970756b724db35ab352138654132901a8310af8b
SHA256

df7b80f05628dcf1d9fbd051cfd2e5e991ea0d56629ddac51bab61cba3dadab3
SHA512

ab8aed93bf2245d321c7b0a752f0e1ab9b17a5d8d5a4eae88776a8274fc433d412542052803c437aef89d9baa1270d357c516f1ac076f653beaf1efaca16380c
SSDEEP

98304:yX1EmZujm6LUTcpCa5u76wBRCkbEqDvHWD9R7Esr9d0y:yXJuVUTjWPkbEgWDMy

Score

10^/10

antidot

Malware Config

Signatures

Antidot family
antidot

Antidot payload 1 IoCs

Processes:

resource	yara_rule
sample	family_antidot

Requests dangerous framework permissions 6 IoCs

Processes:

description	ioc
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to send SMS messages.	android.permission.SEND_SMS

Files

df7b80f05628dcf1d9fbd051cfd2e5e991ea0d56629ddac51bab61cba3dadab3.bin
.apk android

com.demimiller

com.demimiller.SplashActivity

Activities

com.demimiller.SplashActivity

android.intent.action.MAIN

com.demimiller.sms.ComposeSmsActivity

android.intent.action.SEND
android.intent.action.SENDTO

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_CONTACTS
android.permission.WRITE_CONTACTS
android.permission.READ_PHONE_STATE
android.permission.READ_SMS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.RECEIVE_SMS
android.permission.WRITE_SMS
android.permission.SEND_SMS
android.permission.RECEIVE_LAUNCH_BROADCASTS
android.permission.FOREGROUND_SERVICE

Receivers

com.demimiller.sms.SmsReceiver

android.provider.Telephony.SMS_RECEIVED
android.provider.Telephony.SMS_DELIVER
android.intent.action.BOOT_COMPLETED

com.demimiller.sms.MmsReceiver

android.provider.Telephony.WAP_PUSH_DELIVER

Services

com.demimiller.sms.QuickSmsResponseService

android.intent.action.RESPOND_VIA_MESSAGE

Android Permissions

df7b80f05628dcf1d9fbd051cfd2e5e991ea0d56629ddac51bab61cba3dadab3.bin

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.READ_CONTACTS

android.permission.WRITE_CONTACTS

android.permission.READ_PHONE_STATE

android.permission.READ_SMS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.RECEIVE_SMS

android.permission.WRITE_SMS

android.permission.SEND_SMS

android.permission.RECEIVE_LAUNCH_BROADCASTS

android.permission.FOREGROUND_SERVICE

Resubmissions

Sharing

General

Malware Config

Signatures

Files

com.demimiller

com.demimiller.SplashActivity

Activities

com.demimiller.SplashActivity

com.demimiller.sms.ComposeSmsActivity

Permissions

Receivers

com.demimiller.sms.SmsReceiver

com.demimiller.sms.MmsReceiver

Services

com.demimiller.sms.QuickSmsResponseService

Android Permissions

df7b80f05628dcf1d9fbd051cfd2e5e991ea0d56629ddac51bab61cba3dadab3.bin