base[.]apk | Triage

General

Target

base.apk
Size

4.6MB
MD5

ff0b20c5e30daa1e2d103b6badeb5c74
SHA1

b0bf75b06037fbbda514264ee1ec7751b5ac96bc
SHA256

f88a97e5482154003e4503252f68a0d7e7b1fb5e7030ecd4ae6a61725e784dd7
SHA512

89b0a77795671b8b97606e2d1f38b719f5de37591be116b1fe27a08ac2830fba197a93eb4bc81edf7e028c4aa98ecc20396aa4f00e7eb8a1c243e3b353d5b4d3
SSDEEP

98304:8h9fyCUapvbx1dXh0TG6ZHzfjWF5GHiN47A7MGBJ+o8jSxoTZwwd2efrphrsD:6aw73h0lZHz6FAC97MGBJij4o1RrsD

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 2 IoCs

description	ioc
Required by accessibility services to bind with the system. Allows apps to access accessibility features.	android.permission.BIND_ACCESSIBILITY_SERVICE
Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device.	android.permission.BIND_NOTIFICATION_LISTENER_SERVICE

Requests dangerous framework permissions 3 IoCs

description	ioc
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an app to post notifications.	android.permission.POST_NOTIFICATIONS
Required to be able to connect to paired Bluetooth devices.	android.permission.BLUETOOTH_CONNECT

Files

base.apk
.apk android

com.mercandalli.android.ios.dynamic.island

com.mercandalli.android.ios.dynamic.island.main_activity.MainActivity

Activities

com.mercandalli.android.ios.dynamic.island.main_activity.MainActivity

android.intent.action.MAIN

Permissions

android.permission.SYSTEM_ALERT_WINDOW
android.permission.INTERNET
android.permission.ACTION_MANAGE_OVERLAY_PERMISSION
android.permission.POST_NOTIFICATIONS
android.permission.FOREGROUND_SERVICE
android.permission.ACCESS_NOTIFICATION_POLICY
android.permission.QUERY_ALL_PACKAGES
android.permission.BLUETOOTH
android.permission.BLUETOOTH_CONNECT
android.permission.ACCESS_NETWORK_STATE
android.permission.WAKE_LOCK
android.permission.RECEIVE_BOOT_COMPLETED
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
com.google.android.gms.permission.AD_ID
com.android.vending.BILLING

Receivers

com.mercandalli.android.sdk.reboot_listener.internal.RebootListenerReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

android.net.conn.CONNECTIVITY_CHANGE

androidx.work.impl.background.systemalarm.RescheduleReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.background.systemalarm.UpdateProxies

androidx.work.impl.diagnostics.DiagnosticsReceiver

androidx.work.diagnostics.REQUEST_DIAGNOSTICS

androidx.profileinstaller.ProfileInstallReceiver

androidx.profileinstaller.action.INSTALL_PROFILE
androidx.profileinstaller.action.SKIP_FILE

Services

com.mercandalli.android.ios.dynamic.island.accessibility_service.AccessibilityService

android.accessibilityservice.AccessibilityService

com.mercandalli.android.sdk.notification_collect.NotificationCollectorService

android.service.notification.NotificationListenerService

Android Permissions

base.apk

Permissions

android.permission.SYSTEM_ALERT_WINDOW

android.permission.INTERNET

android.permission.ACTION_MANAGE_OVERLAY_PERMISSION

android.permission.POST_NOTIFICATIONS

android.permission.FOREGROUND_SERVICE

android.permission.ACCESS_NOTIFICATION_POLICY

android.permission.QUERY_ALL_PACKAGES

android.permission.BLUETOOTH

android.permission.BLUETOOTH_CONNECT

android.permission.ACCESS_NETWORK_STATE

android.permission.WAKE_LOCK

android.permission.RECEIVE_BOOT_COMPLETED

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

com.google.android.gms.permission.AD_ID

com.android.vending.BILLING

Sharing

General

Malware Config

Signatures

Files

com.mercandalli.android.ios.dynamic.island

com.mercandalli.android.ios.dynamic.island.main_activity.MainActivity

Activities

com.mercandalli.android.ios.dynamic.island.main_activity.MainActivity

Permissions

Receivers

com.mercandalli.android.sdk.reboot_listener.internal.RebootListenerReceiver

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

androidx.work.impl.background.systemalarm.RescheduleReceiver

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.diagnostics.DiagnosticsReceiver

androidx.profileinstaller.ProfileInstallReceiver

Services

com.mercandalli.android.ios.dynamic.island.accessibility_service.AccessibilityService

com.mercandalli.android.sdk.notification_collect.NotificationCollectorService

Android Permissions

base.apk