cace16a3ef7594ac9881a5a3baa3426b30a4d8c5f0f5caf378946f6ca72a4868

General

Target

cace16a3ef7594ac9881a5a3baa3426b30a4d8c5f0f5caf378946f6ca72a4868
Size

6.7MB
MD5

0980b29b5f52a36339ded0d62ec1af79
SHA1

f49b00896c99ea030dcca0808b87e414bbde1549
SHA256

cace16a3ef7594ac9881a5a3baa3426b30a4d8c5f0f5caf378946f6ca72a4868
SHA512

222ea688fc030da03907c9d1962b14be9fcdf19ef7cd851a498c54db43458a071e977bd8d461a130eef1069d38ed4ebde941a5aaa4c3f1d07e6472e2a14663ef
SSDEEP

98304:gvRdzmp0BRaYFPdwUR/slZkgCLkV2Se6EEG57r9foSSor7gxdp6+dnWEJ/u/WtB9:gvRRD3PdHR/eZGLkV7O5r9f8Z48w6

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 10 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to record audio.	android.permission.RECORD_AUDIO
Required to be able to access the camera device.	android.permission.CAMERA
Allows read access to the device's phone number(s).	android.permission.READ_PHONE_NUMBERS
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES

Files

cace16a3ef7594ac9881a5a3baa3426b30a4d8c5f0f5caf378946f6ca72a4868
.apk android

com.chat.lapiza

com.rockliffe.stealth.StealthMainActivity

Activities

com.rockliffe.stealth.StealthMainActivity

android.intent.action.MAIN

com.rockliffe.astrachat.views.IntentFilterHandlerActivity

android.intent.action.SEND
android.intent.action.SEND_MULTIPLE
android.intent.action.SEND

Permissions

android.permission.USE_BIOMETRIC
android.permission.VIBRATE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_CONTACTS
android.permission.WRITE_CONTACTS
android.permission.INTERNET
android.permission.WAKE_LOCK
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED
com.sec.android.provider.badge.permission.READ
com.sec.android.provider.badge.permission.WRITE
com.sonyericsson.home.permission.BROADCAST_BADGE
android.permission.RECORD_AUDIO
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.CAMERA
android.permission.READ_SYNC_SETTINGS
android.permission.WRITE_SYNC_SETTINGS
android.permission.AUTHENTICATE_ACCOUNTS
android.permission.USE_FINGERPRINT
com.google.android.c2dm.permission.RECEIVE
com.rockliffe.stealth.permission.C2D_MESSAGE
android.permission.READ_PHONE_NUMBERS
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.QUERY_ALL_PACKAGES
android.permission.CHANGE_NETWORK_STATE
android.permission.BROADCAST_PACKAGE_ADDED
android.permission.CHANGE_WIFI_STATE

Receivers

com.rockliffe.mangga.BootCompleteListener

android.intent.action.QUICKBOOT_POWERON
android.intent.action.BOOT_COMPLETED

com.rockliffe.mangga.PackageListener

android.intent.action.MY_PACKAGE_REPLACED

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

com.rockliffe.astrachat.views.setup.mangga.apputils.PackageChangeReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_INSTALL
android.intent.action.PACKAGE_CHANGED
android.intent.action.PACKAGE_REPLACED

Services

com.rockliffe.sync.AuthenticatorService

android.accounts.AccountAuthenticator

com.rockliffe.sync.SyncService

android.content.SyncAdapter

com.google.firebase.iid.FirebaseInstanceIdService

com.google.firebase.INSTANCE_ID_EVENT

Android Permissions

cace16a3ef7594ac9881a5a3baa3426b30a4d8c5f0f5caf378946f6ca72a4868

Permissions

android.permission.USE_BIOMETRIC

android.permission.VIBRATE

android.permission.READ_PHONE_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS

android.permission.ACCESS_FINE_LOCATION

android.permission.READ_CONTACTS

android.permission.WRITE_CONTACTS

android.permission.INTERNET

android.permission.WAKE_LOCK

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.RECEIVE_BOOT_COMPLETED

com.sec.android.provider.badge.permission.READ

com.sec.android.provider.badge.permission.WRITE

com.sonyericsson.home.permission.BROADCAST_BADGE

android.permission.RECORD_AUDIO

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.CAMERA

android.permission.READ_SYNC_SETTINGS

android.permission.WRITE_SYNC_SETTINGS

android.permission.AUTHENTICATE_ACCOUNTS

android.permission.USE_FINGERPRINT

com.google.android.c2dm.permission.RECEIVE

com.rockliffe.stealth.permission.C2D_MESSAGE

android.permission.READ_PHONE_NUMBERS

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.QUERY_ALL_PACKAGES

android.permission.CHANGE_NETWORK_STATE

android.permission.BROADCAST_PACKAGE_ADDED

android.permission.CHANGE_WIFI_STATE

Sharing

General

Malware Config

Signatures

Files

com.chat.lapiza

com.rockliffe.stealth.StealthMainActivity

Activities

com.rockliffe.stealth.StealthMainActivity

com.rockliffe.astrachat.views.IntentFilterHandlerActivity

Permissions

Receivers

com.rockliffe.mangga.BootCompleteListener

com.rockliffe.mangga.PackageListener

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.rockliffe.astrachat.views.setup.mangga.apputils.PackageChangeReceiver

Services

com.rockliffe.sync.AuthenticatorService

com.rockliffe.sync.SyncService

com.google.firebase.iid.FirebaseInstanceIdService

Android Permissions

cace16a3ef7594ac9881a5a3baa3426b30a4d8c5f0f5caf378946f6ca72a4868