d7f1ce7515820131a128ce7342068150N[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

d7f1ce7515820131a128ce7342068150N.zip
Size

633KB
MD5

d7f1ce7515820131a128ce7342068150
SHA1

ee3cf993eaf69b82194ed63edf5abb8e8ac70be8
SHA256

8d82e3025e6d895184f8a2ede468a33bde6b4fffba5200a06228cae4cd5a6a2d
SHA512

f5544794744ba9ae66a38faa8e90dc4ccae70aa6f07635efc88bf07146bde6130d10512d4a7b6ddcda23d1ab6bd75b41e83b0ac6a1c7bf4ede819874a898ad2c
SSDEEP

6144:JGbiTyyv6qqo+jcz9rDFgT/OKgnX85uruwu4A6waCUeBckCvOZwbazEiO2TD3Pik:JGbi+nodZHF4jqX85W5nWlMazEiO2yO

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 2 IoCs

description	ioc
Required by telecom connection services to bind with the system. Allows apps to manage phone call aspects such as call setup and notifications.	android.permission.BIND_TELECOM_CONNECTION_SERVICE
Required by telecom connection services to bind with the system. Allows apps to manage phone call aspects such as call setup and notifications.	android.permission.BIND_TELECOM_CONNECTION_SERVICE

Requests dangerous framework permissions 17 IoCs

description	ioc
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to read the user's call log.	android.permission.READ_CALL_LOG
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS
Allows an application to write and read the user's call log data.	android.permission.WRITE_CALL_LOG
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to see the number being dialed during an outgoing call with the option to redirect the call to a different number or abort the call altogether.	android.permission.PROCESS_OUTGOING_CALLS
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an application to use SIP service.	android.permission.USE_SIP
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to add voicemails into the system.	com.android.voicemail.permission.ADD_VOICEMAIL
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE

Files

d7f1ce7515820131a128ce7342068150N.zip
.apk android

Password: infected

com.android.phone

MobileNetworkSettings

Activities

EmergencyDialer

com.android.phone.EmergencyDialer.DIAL
com.android.phone.EmergencyDialer.DIAL

SimContacts

android.intent.action.VIEW

com.android.phone.settings.fdn.FdnList

android.intent.action.VIEW

OutgoingCallBroadcaster

android.intent.action.CALL
android.intent.action.CALL
android.intent.action.CALL
android.intent.action.CALL

InCallScreenShowActivation

com.android.phone.PERFORM_CDMA_PROVISIONING

com.android.services.telephony.activation.SimActivationActivity

android.intent.action.SIM_ACTIVATION_REQUEST

MobileNetworkSettings

android.intent.action.VIEW
android.intent.action.MAIN
android.settings.DATA_ROAMING_SETTINGS
com.dmyk.android.telephony.action.VOLTE_STATE_SETTING

NetworkSetting

android.intent.action.MAIN
android.settings.NETWORK_OPERATOR_SETTINGS

GsmUmtsOptions

android.intent.action.MAIN

CdmaOptions

android.intent.action.MAIN

GsmUmtsCallOptions

android.intent.action.MAIN

CdmaCallOptions

android.intent.action.MAIN

GsmUmtsCallForwardOptions

android.intent.action.MAIN

GsmUmtsAdditionalCallOptions

android.intent.action.MAIN

CellBroadcastSms

android.intent.action.MAIN

com.android.phone.settings.fdn.FdnSetting

android.intent.action.MAIN

EnableIccPinScreen

android.intent.action.MAIN

ChangeIccPinScreen

android.intent.action.MAIN

DataRoamingReenable

android.intent.action.MAIN

RoamingSetting

android.intent.action.MAIN

CallFeaturesSetting

android.intent.action.VIEW
android.intent.action.MAIN
android.telecom.action.SHOW_CALL_SETTINGS

com.android.phone.settings.AccessibilitySettingsActivity

android.intent.action.MAIN
android.telecom.action.SHOW_CALL_ACCESSIBILITY_SETTINGS

EmergencyCallbackModeExitDialog

com.android.phone.action.ACTION_SHOW_ECM_EXIT_DIALOG
android.intent.action.ACTION_SHOW_NOTICE_ECM_BLOCK_OTHERS

com.android.services.telephony.sip.SipPhoneAccountSettingsActivity

android.telecom.action.CONFIGURE_PHONE_ACCOUNT

com.android.services.telephony.sip.SipSettings

android.intent.action.MAIN
android.net.sip.NOTIFY

com.android.phone.settings.PhoneAccountSettingsActivity

android.telecom.action.CHANGE_PHONE_ACCOUNTS

com.android.phone.settings.VoicemailSettingsActivity

com.android.phone.CallFeaturesSetting.ADD_VOICEMAIL
android.telephony.action.CONFIGURE_VOICEMAIL

com.mediatek.settings.IpPrefixPreference

android.intent.action.MAIN

com.mediatek.settings.CallBarring

android.intent.action.MAIN

com.mediatek.settings.PLMNListPreference

android.intent.action.MAIN

com.mediatek.settings.NetworkEditor

android.intent.action.MAIN

com.android.phone.prize.CallRejectActivity

android.intent.action.MAIN

com.android.phone.prize.CallRejectMultipleDeleteActivity

android.intent.action.MAIN

com.mediatek.settings.vtss.GsmUmtsVTCFOptions

android.intent.action.MAIN

com.mediatek.settings.vtss.GsmUmtsVTCBOptions

android.intent.action.MAIN

com.mediatek.settings.cdma.CdmaCallWaitingUtOptions

android.intent.action.MAIN

Permissions

android.permission.BROADCAST_STICKY
android.permission.CALL_PHONE
android.permission.CALL_PRIVILEGED
android.permission.WRITE_SETTINGS
android.permission.WRITE_SECURE_SETTINGS
android.permission.READ_CONTACTS
android.permission.READ_CALL_LOG
android.permission.WRITE_CONTACTS
android.permission.WRITE_CALL_LOG
android.permission.SYSTEM_ALERT_WINDOW
android.permission.INTERNAL_SYSTEM_WINDOW
android.permission.VIBRATE
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.REORDER_TASKS
android.permission.CHANGE_CONFIGURATION
android.permission.WAKE_LOCK
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.STATUS_BAR
android.permission.RECEIVE_SMS
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.SEND_SMS
android.permission.SEND_RESPOND_VIA_MESSAGE
android.permission.SET_TIME
android.permission.SET_TIME_ZONE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PRIVILEGED_PHONE_STATE
android.permission.MODIFY_PHONE_STATE
android.permission.READ_PRIVILEGED_PHONE_STATE
android.permission.ACCESS_IMS_CALL_SERVICE
android.permission.DEVICE_POWER
android.permission.DISABLE_KEYGUARD
android.permission.INTERNET
android.permission.PROCESS_OUTGOING_CALLS
android.permission.ACCESS_COARSE_LOCATION
android.permission.WRITE_APN_SETTINGS
android.permission.BROADCAST_SMS
android.permission.BROADCAST_WAP_PUSH
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.SHUTDOWN
android.permission.RECORD_AUDIO
android.permission.PERFORM_CDMA_PROVISIONING
android.permission.USE_SIP
android.permission.REBOOT
android.permission.UPDATE_LOCK
android.permission.INTERACT_ACROSS_USERS
android.permission.INTERACT_ACROSS_USERS_FULL
com.android.smspush.WAPPUSH_MANAGER_BIND
android.permission.MANAGE_USERS
android.permission.UPDATE_APP_OPS_STATS
android.permission.CONNECTIVITY_INTERNAL
android.permission.SET_PREFERRED_APPLICATIONS
android.permission.READ_SEARCH_INDEXABLES
android.permission.DUMP
android.permission.REGISTER_CALL_PROVIDER
android.permission.REGISTER_SIM_SUBSCRIPTION
android.permission.BIND_CARRIER_SERVICES
android.permission.BIND_CARRIER_MESSAGING_SERVICE
android.permission.READ_SYNC_SETTINGS
android.permission.WRITE_SYNC_SETTINGS
android.permission.AUTHENTICATE_ACCOUNTS
android.permission.MANAGE_ACCOUNTS
android.permission.GET_ACCOUNTS
com.android.voicemail.permission.ADD_VOICEMAIL
com.android.voicemail.permission.WRITE_VOICEMAIL
com.android.voicemail.permission.READ_VOICEMAIL
android.permission.LOCAL_MAC_ADDRESS
android.permission.CHANGE_COMPONENT_ENABLED_STATE
android.permission.CHANGE_DEVICE_IDLE_TEMP_WHITELIST
com.mediatek.ppl.permission.ACCESS_PPL_MANAGER
android.permission.READ_REJECT
android.permission.READ_PHONE_STATE
android.permission.STOP_APP_SWITCHES

Receivers

ProcessOutgoingCallTest

android.intent.action.NEW_OUTGOING_CALL

OtaStartupReceiver

android.intent.action.BOOT_COMPLETED

com.android.services.telephony.sip.SipBroadcastReceiver

android.net.sip.SIP_SERVICE_UP
com.android.phone.SIP_INCOMING_CALL
com.android.phone.SIP_REMOVE_PHONE
com.android.phone.SIP_CALL_OPTION_CHANGED
com.android.phone.SIP_ADD_PHONE

CallerInfoCacheUpdateReceiver

com.android.phone.UPDATE_CALLER_INFO_CACHE

PhoneGlobals$NotificationBroadcastReceiver

com.android.phone.ACTION_HANG_UP_ONGOING_CALL
com.android.phone.ACTION_CALL_BACK_FROM_NOTIFICATION
com.android.phone.ACTION_SEND_SMS_FROM_NOTIFICATION

com.android.phone.vvm.omtp.sms.OmtpMessageReceiver

android.intent.action.DATA_SMS_RECEIVED

com.android.phone.vvm.omtp.SimChangeReceiver

android.telephony.action.CARRIER_CONFIG_CHANGED
android.intent.action.SIM_STATE_CHANGED

com.android.phone.vvm.omtp.fetch.FetchVoicemailReceiver

android.intent.action.FETCH_VOICEMAIL

com.android.phone.vvm.omtp.sync.VoicemailProviderChangeReceiver

android.intent.action.PROVIDER_CHANGED

com.android.phone.vvm.omtp.VvmPackageInstallReceiver

android.intent.action.PACKAGE_INSTALL
android.intent.action.PACKAGE_ADDED

com.mediatek.settings.cdma.LteDataOnlySwitchReceiver

com.mediatek.intent.action.FINISH_SWITCH_SVLTE_RAT_MODE
com.mediatek.intent.action.STARTSELF_LTE_SEARCH_TIMEOUT_CHECK
android.intent.action.BOOT_COMPLETED
android.intent.action.ACTION_BOOT_IPO

Services

NetworkQueryService

com.mediatek.phone.INTERNATIONAL_ROAMING_NETWORK_QUERY

com.android.services.telephony.sip.SipCallServiceProvider

android.telecom.CallServiceProvider

com.android.services.telephony.sip.SipConnectionService

android.telecom.ConnectionService

com.android.services.telephony.TelephonyConnectionService

android.telecom.ConnectionService

com.mediatek.settings.cdma.LteDataOnlyManagerService

com.mediatek.intent.action.LTE_DATA_ONLY_MANAGER

com.mediatek.settings.cdma.LteSearchTimeoutCheckService

com.mediatek.intent.action.LTE_SEARCH_TIMEOUT_CHECK

Android Permissions

d7f1ce7515820131a128ce7342068150N.zip

Permissions

android.permission.BROADCAST_STICKY

android.permission.CALL_PHONE

android.permission.CALL_PRIVILEGED

android.permission.WRITE_SETTINGS

android.permission.WRITE_SECURE_SETTINGS

android.permission.READ_CONTACTS

android.permission.READ_CALL_LOG

android.permission.WRITE_CONTACTS

android.permission.WRITE_CALL_LOG

android.permission.SYSTEM_ALERT_WINDOW

android.permission.INTERNAL_SYSTEM_WINDOW

android.permission.VIBRATE

android.permission.BLUETOOTH

android.permission.BLUETOOTH_ADMIN

android.permission.REORDER_TASKS

android.permission.CHANGE_CONFIGURATION

android.permission.WAKE_LOCK

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.STATUS_BAR

android.permission.RECEIVE_SMS

android.permission.READ_SMS

android.permission.WRITE_SMS

android.permission.SEND_SMS

android.permission.SEND_RESPOND_VIA_MESSAGE

android.permission.SET_TIME

android.permission.SET_TIME_ZONE

android.permission.ACCESS_WIFI_STATE

android.permission.READ_PRIVILEGED_PHONE_STATE

android.permission.MODIFY_PHONE_STATE

android.permission.READ_PRIVILEGED_PHONE_STATE

android.permission.ACCESS_IMS_CALL_SERVICE

android.permission.DEVICE_POWER

android.permission.DISABLE_KEYGUARD

android.permission.INTERNET

android.permission.PROCESS_OUTGOING_CALLS

android.permission.ACCESS_COARSE_LOCATION

android.permission.WRITE_APN_SETTINGS

android.permission.BROADCAST_SMS

android.permission.BROADCAST_WAP_PUSH

android.permission.CHANGE_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.CHANGE_NETWORK_STATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.SHUTDOWN

android.permission.RECORD_AUDIO

android.permission.PERFORM_CDMA_PROVISIONING

android.permission.USE_SIP

android.permission.REBOOT

android.permission.UPDATE_LOCK

android.permission.INTERACT_ACROSS_USERS

Sharing

General

Malware Config

Signatures

Files

Password: infected

com.android.phone

MobileNetworkSettings

Activities

EmergencyDialer

SimContacts

com.android.phone.settings.fdn.FdnList

OutgoingCallBroadcaster

InCallScreenShowActivation

com.android.services.telephony.activation.SimActivationActivity

MobileNetworkSettings

NetworkSetting

GsmUmtsOptions

CdmaOptions

GsmUmtsCallOptions

CdmaCallOptions

GsmUmtsCallForwardOptions

GsmUmtsAdditionalCallOptions

CellBroadcastSms

com.android.phone.settings.fdn.FdnSetting

EnableIccPinScreen

ChangeIccPinScreen

DataRoamingReenable

RoamingSetting

CallFeaturesSetting

com.android.phone.settings.AccessibilitySettingsActivity

EmergencyCallbackModeExitDialog

com.android.services.telephony.sip.SipPhoneAccountSettingsActivity

com.android.services.telephony.sip.SipSettings

com.android.phone.settings.PhoneAccountSettingsActivity

com.android.phone.settings.VoicemailSettingsActivity

com.mediatek.settings.IpPrefixPreference

com.mediatek.settings.CallBarring

com.mediatek.settings.PLMNListPreference

com.mediatek.settings.NetworkEditor

com.android.phone.prize.CallRejectActivity

com.android.phone.prize.CallRejectMultipleDeleteActivity

com.mediatek.settings.vtss.GsmUmtsVTCFOptions

com.mediatek.settings.vtss.GsmUmtsVTCBOptions

com.mediatek.settings.cdma.CdmaCallWaitingUtOptions

Permissions

Receivers

ProcessOutgoingCallTest

OtaStartupReceiver

com.android.services.telephony.sip.SipBroadcastReceiver

CallerInfoCacheUpdateReceiver

PhoneGlobals$NotificationBroadcastReceiver

com.android.phone.vvm.omtp.sms.OmtpMessageReceiver

com.android.phone.vvm.omtp.SimChangeReceiver

com.android.phone.vvm.omtp.fetch.FetchVoicemailReceiver

com.android.phone.vvm.omtp.sync.VoicemailProviderChangeReceiver

com.android.phone.vvm.omtp.VvmPackageInstallReceiver

com.mediatek.settings.cdma.LteDataOnlySwitchReceiver

Services

NetworkQueryService

com.android.services.telephony.sip.SipCallServiceProvider

com.android.services.telephony.sip.SipConnectionService

com.android.services.telephony.TelephonyConnectionService

com.mediatek.settings.cdma.LteDataOnlyManagerService

com.mediatek.settings.cdma.LteSearchTimeoutCheckService

Android Permissions

d7f1ce7515820131a128ce7342068150N.zip