413034898b2a7a690e84184fab8a8ec53efa8b0334ee638ca3663cd2e6378eea_NeikiAnalytics[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

413034898b2a7a690e84184fab8a8ec53efa8b0334ee638ca3663cd2e6378eea_NeikiAnalytics.zip
Size

7.5MB
MD5

cec6f790d1bf4316fc09e8869a56f800
SHA1

5a780f8b37ad1945e6579931c41eba65c53bd29a
SHA256

413034898b2a7a690e84184fab8a8ec53efa8b0334ee638ca3663cd2e6378eea
SHA512

f29f4a0eaa1673c1b331cb91612c232a155a24a781b680f1228c3d0895551a14203e8016531ef948df667818e99e39ae42d5c234acc40840b52ba991fee8b94c
SSDEEP

196608:6xNsqmbjiv7b6YKO8OmajWzRMvz1ZHYsTUOPpUF:6s27bVbD8ROzPDTG

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 2 IoCs

description	ioc
Required by accessibility services to bind with the system. Allows apps to access accessibility features.	android.permission.BIND_ACCESSIBILITY_SERVICE
Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device.	android.permission.BIND_NOTIFICATION_LISTENER_SERVICE

Requests dangerous framework permissions 4 IoCs

description	ioc
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application a broad access to external storage in scoped storage.	android.permission.MANAGE_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE

Files

413034898b2a7a690e84184fab8a8ec53efa8b0334ee638ca3663cd2e6378eea_NeikiAnalytics.zip
.apk android

Password: infected

com.dglkloikjewfew23klfoije.app

com.dglkloikjewfew23klfoije.app.MainActivity

Activities

com.dglkloikjewfew23klfoije.app.MainActivity

android.intent.action.MAIN

Permissions

android.permission.REQUEST_INSTALL_PACKAGES
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_SYNC_SETTINGS
android.permission.MANAGE_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INTERNET
asd.apk
.apk android

Password: infected

com.dgbefjkwekjciuewjkfe23hjcuyewf.security

com.dgbefjkwekjciuewjkfe23hjcuyewf.security.MainActivity

Activities

com.dgbefjkwekjciuewjkfe23hjcuyewf.security.MainActivity

android.ffa.action.START_SERVICE

Permissions

android.permission.MODIFY_AUDIO_SETTINGS
android.permission.WAKE_LOCK
android.permission.READ_PHONE_STATE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.BLUETOOTH
android.permission.WRITE_CONTACTS
android.permission.ACCESS_WIFI_STATE
android.permission.INTERNET
android.permission.RECEIVE_SMS
android.permission.ACCESS_BACKGROUND_LOCATION
android.permission.CALL_PHONE
android.permission.READ_CALL_LOG
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_NUMBERS
android.permission.READ_CONTACTS
android.permission.CHANGE_WIFI_STATE
android.permission.PROCESS_OUTGOING_CALLS
android.permission.BLUETOOTH_ADMIN
android.permission.BLUETOOTH_CONNECT
android.permission.ANSWER_PHONE_CALLS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.FOREGROUND_SERVICE
android.permission.RECORD_AUDIO
android.permission.READ_SMS
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACTION_MANAGE_OVERLAY_PERMISSION
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WRITE_CALL_LOG
android.permission.CAMERA
android.permission.REQUEST_DELETE_PACKAGES
android.permission.RECEIVE_LAUNCH_BROADCASTS
android.permission.DISABLE_KEYGUARD
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.READ_EXTERNAL_STORAGE

Receivers

com.dgbefjkwekjciuewjkfe23hjcuyewf.security.cast.CallMyListener

android.intent.action.BATTERY_CHANGED
android.intent.action.BATTERY_LOW
android.intent.action.ACTION_SHUTDOWN
android.intent.action.BOOT_COMPLETED
android.intent.action.SCREEN_ON
android.intent.action.BATTERY_OKAY
android.intent.action.PHONE_STATE
android.intent.action.REBOOT
android.intent.action.USER_UNLOCKED
android.intent.action.REBOOT
android.intent.action.USER_PRESENT
android.intent.action.CONFIGURATION_CHANGED
android.media.RINGER_MODE_CHANGED
android.intent.action.ACTION_SHUTDOWN
android.intent.action.NEW_OUTGOING_CALL
android.intent.action.SCREEN_OFF
android.intent.action.MEDIA_MOUNTED
android.intent.action.MEDIA_UNMOUNTED

Services

com.dgbefjkwekjciuewjkfe23hjcuyewf.security.services.AccessServ

android.accessibilityservice.AccessibilityService

com.dgbefjkwekjciuewjkfe23hjcuyewf.security.NotificationReceiverService

android.service.notification.NotificationListenerService
base.apk
.apk android

Password: infected

com.dgbefjkwekjciuewjkfe23hjcuyewf.security

com.dgbefjkwekjciuewjkfe23hjcuyewf.security.MainActivity

Activities

com.dgbefjkwekjciuewjkfe23hjcuyewf.security.MainActivity

android.ffa.action.START_SERVICE

Permissions

android.permission.RECEIVE_SMS
android.permission.WAKE_LOCK
android.permission.BLUETOOTH_ADMIN
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_CALL_LOG
android.permission.PROCESS_OUTGOING_CALLS
android.permission.FOREGROUND_SERVICE
android.permission.CAMERA
android.permission.ACCESS_NETWORK_STATE
android.permission.CALL_PHONE
android.permission.READ_CALL_LOG
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.ACCESS_COARSE_LOCATION
android.permission.DISABLE_KEYGUARD
android.permission.RECORD_AUDIO
android.permission.CHANGE_WIFI_STATE
android.permission.READ_PHONE_NUMBERS
android.permission.REQUEST_DELETE_PACKAGES
android.permission.READ_SMS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACTION_MANAGE_OVERLAY_PERMISSION
android.permission.ACCESS_BACKGROUND_LOCATION
android.permission.BLUETOOTH
android.permission.RECEIVE_LAUNCH_BROADCASTS
android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.ANSWER_PHONE_CALLS
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.WRITE_CONTACTS
android.permission.ACCESS_WIFI_STATE
android.permission.READ_CONTACTS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.ACCESS_FINE_LOCATION

Services

com.dgbefjkwekjciuewjkfe23hjcuyewf.security.NotificationReceiverService

android.service.notification.NotificationListenerService

Android Permissions

413034898b2a7a690e84184fab8a8ec53efa8b0334ee638ca3663cd2e6378eea_NeikiAnalytics.zip

Permissions

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_SYNC_SETTINGS

android.permission.MANAGE_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.INTERNET

Sharing

General

Malware Config

Signatures

Files

Password: infected

com.dglkloikjewfew23klfoije.app

com.dglkloikjewfew23klfoije.app.MainActivity

Activities

com.dglkloikjewfew23klfoije.app.MainActivity

Permissions

Password: infected

com.dgbefjkwekjciuewjkfe23hjcuyewf.security

com.dgbefjkwekjciuewjkfe23hjcuyewf.security.MainActivity

Activities

com.dgbefjkwekjciuewjkfe23hjcuyewf.security.MainActivity

Permissions

Receivers

com.dgbefjkwekjciuewjkfe23hjcuyewf.security.cast.CallMyListener

Services

com.dgbefjkwekjciuewjkfe23hjcuyewf.security.services.AccessServ

com.dgbefjkwekjciuewjkfe23hjcuyewf.security.NotificationReceiverService

Password: infected

com.dgbefjkwekjciuewjkfe23hjcuyewf.security

com.dgbefjkwekjciuewjkfe23hjcuyewf.security.MainActivity

Activities

com.dgbefjkwekjciuewjkfe23hjcuyewf.security.MainActivity

Permissions

Services

com.dgbefjkwekjciuewjkfe23hjcuyewf.security.NotificationReceiverService

Android Permissions

413034898b2a7a690e84184fab8a8ec53efa8b0334ee638ca3663cd2e6378eea_NeikiAnalytics.zip