ch[.]protonvpn[.]android_605052700[.]apk

General

Target

ch.protonvpn.android_605052700.apk
Size

75.7MB
MD5

e5c71d697ba585935bc2bed822f3370e
SHA1

7143acd5b20fe18d2f4ea5a59d5706d889f7bea9
SHA256

e7e413038fd82af449f234f331d255e7d7e7fd6039f501559b3616dc0ec49f39
SHA512

92dbfb2c52a21817fb866789105960bcd4abd6ba4be3eb16309d0a92ae2a6e5c517f60e3ea5ed5616dab6c988b9cef4f8dd8ebefdfe761fe4345c0e734dfb075
SSDEEP

1572864:H2kDg2NNEICio7Ev0fIudf5T9YBnF31q8X7OASKta/uwli5mgAi30:H2kDgEEIumoR15T9wF31O/Yw/ik

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 4 IoCs

description	ioc
Required by VPN services to bind with the system. Allows apps to provision VPN services.	android.permission.BIND_VPN_SERVICE
Required by VPN services to bind with the system. Allows apps to provision VPN services.	android.permission.BIND_VPN_SERVICE
Required by VPN services to bind with the system. Allows apps to provision VPN services.	android.permission.BIND_VPN_SERVICE
Required by quick settings tile services to bind with the system. Allows apps to add custom tiles to the quick settings menu.	android.permission.BIND_QUICK_SETTINGS_TILE

Requests dangerous framework permissions 1 IoCs

description	ioc
Allows an app to post notifications.	android.permission.POST_NOTIFICATIONS

Files

ch.protonvpn.android_605052700.apk
.apk android arch:arm64 arch:arm arch:x86 arch:x64

ch.protonvpn.android

com.protonvpn.android.redesign.app.ui.MainActivity

Activities

com.protonvpn.android.redesign.app.ui.MainActivity

android.intent.action.MAIN
android.service.quicksettings.action.QS_TILE_PREFERENCES
android.intent.action.VIEW

com.protonvpn.android.tv.main.TvMainActivity

android.intent.action.MAIN

com.protonvpn.android.redesign.uicatalog.UiCatalogActivity

android.intent.action.MAIN
android.intent.action.VIEW

me.proton.core.auth.presentation.ui.LoginSsoActivity

android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.CHANGE_WIFI_STATE
android.permission.FOREGROUND_SERVICE
android.permission.QUERY_ALL_PACKAGES
android.permission.WAKE_LOCK
android.permission.POST_NOTIFICATIONS
android.permission.FOREGROUND_SERVICE_SYSTEM_EXEMPTED
ch.protonvpn.android.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

Receivers

com.protonvpn.android.OnUpdateReceiver

android.intent.action.MY_PACKAGE_REPLACED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

android.net.conn.CONNECTIVITY_CHANGE

androidx.work.impl.background.systemalarm.RescheduleReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.background.systemalarm.UpdateProxies

androidx.work.impl.diagnostics.DiagnosticsReceiver

androidx.work.diagnostics.REQUEST_DIAGNOSTICS

androidx.profileinstaller.ProfileInstallReceiver

androidx.profileinstaller.action.INSTALL_PROFILE
androidx.profileinstaller.action.SKIP_FILE
androidx.profileinstaller.action.SAVE_PROFILE
androidx.profileinstaller.action.BENCHMARK_OPERATION

Services

com.protonvpn.android.vpn.wireguard.WireguardWrapperService

android.net.VpnService

com.protonvpn.android.vpn.openvpn.OpenVPNWrapperService

android.net.VpnService

com.wireguard.android.backend.GoBackend$VpnService

android.net.VpnService

com.protonvpn.android.components.QuickTileService

android.service.quicksettings.action.QS_TILE

Android Permissions

ch.protonvpn.android_605052700.apk

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.CHANGE_WIFI_STATE

android.permission.FOREGROUND_SERVICE

android.permission.QUERY_ALL_PACKAGES

android.permission.WAKE_LOCK

android.permission.POST_NOTIFICATIONS

android.permission.FOREGROUND_SERVICE_SYSTEM_EXEMPTED

ch.protonvpn.android.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

Sharing

General

Malware Config

Signatures

Files