dummydomain[.]yetanothercallblocker_5150[.]apk

General

Target

dummydomain.yetanothercallblocker_5150.apk
Size

7.6MB
MD5

1a60488f05f4b4364c8e3965b2cb1f26
SHA1

769958a91c978e91213c21aa5df95db08e99ee15
SHA256

add847438a26c8f52dda68ff94ff2f2662010c45f0b623684c264ee216d7ca6c
SHA512

1b0007ef8d6e8f2de5c2c932626a066a5881b1b60b3271bc10fb222f0430ee0272d667b44c0ea8475a78194b1bb51812224b3476ee0905bf0ca63d7b4e541095
SSDEEP

98304:jrJ4lw3nM+AVSj5w+4+DqP8WiXOHCE0DG8K79wUhHhzoSEOq8hhDWIYPJDZsbFxQ:p4YZ/DqOXOHCiL1DqAkBdgFs7thHQxk3

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 1 IoCs

description	ioc
Required by call screening services to bind with the system. Allows apps to filter and manage incoming phone calls.	android.permission.BIND_SCREENING_SERVICE

Requests dangerous framework permissions 5 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to read the user's call log.	android.permission.READ_CALL_LOG
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows the app to answer an incoming phone call.	android.permission.ANSWER_PHONE_CALLS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS

Files

dummydomain.yetanothercallblocker_5150.apk
.apk android arch:arm arch:x86 arch:x64 arch:arm64

dummydomain.yetanothercallblocker

dummydomain.yetanothercallblocker.MainActivity

Activities

dummydomain.yetanothercallblocker.MainActivity

android.intent.action.MAIN

dummydomain.yetanothercallblocker.DummyDialerActivity

android.intent.action.VIEW
android.intent.action.DIAL
android.intent.action.DIAL

Permissions

android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.READ_CALL_LOG
android.permission.CALL_PHONE
android.permission.ANSWER_PHONE_CALLS
android.permission.READ_CONTACTS
android.permission.FOREGROUND_SERVICE
android.permission.READ_LOG
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.ACCESS_NETWORK_STATE

Receivers

dummydomain.yetanothercallblocker.StartupReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.MY_PACKAGE_REPLACED

dummydomain.yetanothercallblocker.PhoneStateBroadcastReceiver

android.intent.action.PHONE_STATE

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

android.net.conn.CONNECTIVITY_CHANGE

androidx.work.impl.background.systemalarm.RescheduleReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.background.systemalarm.UpdateProxies

androidx.work.impl.diagnostics.DiagnosticsReceiver

androidx.work.diagnostics.REQUEST_DIAGNOSTICS

Services

dummydomain.yetanothercallblocker.CallScreeningServiceImpl

android.telecom.CallScreeningService

Android Permissions

dummydomain.yetanothercallblocker_5150.apk

Permissions

android.permission.INTERNET

android.permission.READ_PHONE_STATE

android.permission.READ_CALL_LOG

android.permission.CALL_PHONE

android.permission.ANSWER_PHONE_CALLS

android.permission.READ_CONTACTS

android.permission.FOREGROUND_SERVICE

android.permission.READ_LOG

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.WAKE_LOCK

android.permission.ACCESS_NETWORK_STATE

Sharing

General

Malware Config

Signatures

Files