d2dd028184a957bb601a6f0a15bd1c42[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d2dd028184a957bb601a6f0a15bd1c42.bin
Size

2.3MB
MD5

5f8f84fd7a5bf644d17e9eb045adff0e
SHA1

f4bd22c94185097161587574c2a291b09d0c8e61
SHA256

3cd424fdc3577d247dc8e4a005a6a79db265953b9d775f21ce5d708f88178eec
SHA512

5062c6d0d8129953b660c9503080f272af6c8b94da1f9f5b9f54acf0eed32864ee6be63de507a372817ac370bd0a16474c4d3a35c25721b4746496f7fd12d606
SSDEEP

49152:dQVNeyv6Owjjp9ZcvCnTqct+kT7rC2z7YB7XT:WneUVwjV9Zcuf+knrpXyXT

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 1 IoCs

description	ioc
Required by NFC services to bind with the system. Allows apps to interact with NFC hardware.	android.permission.BIND_NFC_SERVICE

Requests dangerous framework permissions 1 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE

Files

d2dd028184a957bb601a6f0a15bd1c42.bin
.zip

Password: infected
ea85c0bdff4eb519d80627f6cae9f2ce6926bf9ce60ad103324fe43cf8801a6e.apk
.apk android arch:arm64 arch:arm

Password: infected

de.tu_darmstadt.seemoo.nfcgate

de.tu_darmstadt.seemoo.nfcgate.gui.MainActivity

Activities

de.tu_darmstadt.seemoo.nfcgate.gui.MainActivity

de.tu_darmstadt.seemoo.nfcgate.main
de.tu_darmstadt.seemoo.nfcgate.daemoncall
android.intent.action.MAIN
android.nfc.action.TECH_DISCOVERED
android.nfc.action.TAG_DISCOVERED
android.intent.action.SEND
android.intent.action.VIEW

Permissions

android.permission.NFC
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE

Services

de.tu_darmstadt.seemoo.nfcgate.nfc.hce.ApduService

android.nfc.cardemulation.action.HOST_APDU_SERVICE