12520202507[.]zip | Triage

Resubmissions

26/10/2023, 17:12

231026-vqvw5sdd5y 7

Sharing

Copy URL Twitter E-mail

General

Target

12520202507.zip
Size

32.5MB
MD5

973da325b1d53d75bf611fb1182ebc64
SHA1

abda99f8a4f9b4df7a5d1910a8f841a2948fcab3
SHA256

8b0f7c432c2e9bd5c9f0b47264a1ba4f5d50d3431210b7e8bad8252243f3fea5
SHA512

323279466d960255ff27017bee41fb6b9876226e31138d9e23a8a05d3e5807b6429d599c92f66aadee7eceeae37a1d6ea7ed3a4074a01dbace22a325a912a840
SSDEEP

786432:4P1wgUHQT0kJmv+RqGYNRPdj7xz/ce80c74v1bmO:w1wgYQIP2qGYNRF7xI17m1L

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 2 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE

Files

12520202507.zip
.zip

Password: infected
d34cd64dea64f1e29534f10c7fe3d504d5d7d825c441fd2fb3b81c2cb56c5971
.apk android arch:arm64 arch:arm arch:mips arch:mips64 arch:x86 arch:x64

Password: infected

com.github.barteksc.sample

com.github.barteksc.sample.PDFViewActivity_

Activities

com.github.barteksc.sample.PDFViewActivity_

android.intent.action.MAIN

Permissions

android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.QUICKBOOT_POWERON
android.permission.WAKE_LOCK
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.FOREGROUND_SERVICE

Receivers

com.animals.GuardZoo

android.intent.action.BOOT_COMPLETED
com.animals.Bcast
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

Services