S-pushTAN[.]apk

General

Target

S-pushTAN.apk
Size

31.5MB
MD5

48df2c0e2dcbefa06f0d793044337db3
SHA1

fe744c9fd9d019fc321d0a2eeb0d7918ae512e76
SHA256

93ca1db5d64cd01ea6fb1e0cb4e1297665377dd62cae71c4c19d0155c07cc813
SHA512

3466e6b5eff9567bb681125ccc734d833bfa49fda4b30f4606d326102770e61c017cd54ca2f7fdf0f5089f8ba332dd5b634e586d7ae96b5a28a3992623de1078
SSDEEP

786432:+DeNHDj+1tB4oPLa1OySg5zvy30wrI5eV8:KkoP+lS8vw0P5eV8

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 8 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Required to be able to access the camera device.	android.permission.CAMERA
Allows an app to post notifications.	android.permission.POST_NOTIFICATIONS
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Required to be able to discover and pair nearby Bluetooth devices.	android.permission.BLUETOOTH_SCAN
Required to be able to advertise to nearby Bluetooth devices.	android.permission.BLUETOOTH_ADVERTISE
Required to be able to connect to paired Bluetooth devices.	android.permission.BLUETOOTH_CONNECT

Files

S-pushTAN.apk
.apk android arch:arm64 arch:arm

com.starfinanz.mobile.android.pushtan

com.starfinanz.mobile.android.spushtan.SPushTan

Activities

com.starfinanz.mobile.android.spushtan.SPushTan

android.intent.action.MAIN

com.starfinanz.mobile.android.pushtan.presentation.link.AppLinkActivity

android.intent.action.VIEW

Permissions

com.starfinanz.mobile.android.sparkasse.permission.PUSHTAN
com.starfinanz.mobile.android.invest.permission.PUSHTAN
com.starfinanz.mobile.android.sbusiness.permission.PUSHTAN
com.starfinanz.mobile.android.sparkasse.permission.EXCHANGE
android.permission.READ_PHONE_STATE
android.permission.CAMERA
android.permission.REORDER_TASKS
android.permission.POST_NOTIFICATIONS
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
android.permission.BLUETOOTH_SCAN
android.permission.BLUETOOTH_ADVERTISE
android.permission.BLUETOOTH_CONNECT
android.permission.USE_BIOMETRIC
android.permission.USE_FINGERPRINT
android.permission.ACCESS_NETWORK_STATE
android.permission.WAKE_LOCK
com.google.android.c2dm.permission.RECEIVE
android.permission.INTERNET
com.starfinanz.mobile.android.pushtan.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION
android.permission.FOREGROUND_SERVICE

Receivers

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

androidx.profileinstaller.ProfileInstallReceiver

androidx.profileinstaller.action.INSTALL_PROFILE
androidx.profileinstaller.action.SKIP_FILE
androidx.profileinstaller.action.SAVE_PROFILE
androidx.profileinstaller.action.BENCHMARK_OPERATION

Services

com.starfinanz.mobile.android.common.fcm.FcmMessagingService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

Android Permissions

S-pushTAN.apk

Permissions

com.starfinanz.mobile.android.sparkasse.permission.PUSHTAN

com.starfinanz.mobile.android.invest.permission.PUSHTAN

com.starfinanz.mobile.android.sbusiness.permission.PUSHTAN

com.starfinanz.mobile.android.sparkasse.permission.EXCHANGE

android.permission.READ_PHONE_STATE

android.permission.CAMERA

android.permission.REORDER_TASKS

android.permission.POST_NOTIFICATIONS

android.permission.BLUETOOTH

android.permission.BLUETOOTH_ADMIN

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_COARSE_LOCATION

android.permission.BLUETOOTH_SCAN

android.permission.BLUETOOTH_ADVERTISE

android.permission.BLUETOOTH_CONNECT

android.permission.USE_BIOMETRIC

android.permission.USE_FINGERPRINT

android.permission.ACCESS_NETWORK_STATE

android.permission.WAKE_LOCK

com.google.android.c2dm.permission.RECEIVE

android.permission.INTERNET

com.starfinanz.mobile.android.pushtan.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

android.permission.FOREGROUND_SERVICE

Sharing

General

Malware Config

Signatures

Files

com.starfinanz.mobile.android.pushtan

com.starfinanz.mobile.android.spushtan.SPushTan

Activities

com.starfinanz.mobile.android.spushtan.SPushTan

com.starfinanz.mobile.android.pushtan.presentation.link.AppLinkActivity

Permissions

Receivers

com.google.firebase.iid.FirebaseInstanceIdReceiver

androidx.profileinstaller.ProfileInstallReceiver

Services

com.starfinanz.mobile.android.common.fcm.FcmMessagingService

com.google.firebase.messaging.FirebaseMessagingService

Android Permissions

S-pushTAN.apk