a86da299d9c52dca9911e3fe12d0ab43491f8e6234c33b982a46e0cb0cdf5a1a[.]bin

General

Target

a86da299d9c52dca9911e3fe12d0ab43491f8e6234c33b982a46e0cb0cdf5a1a.bin
Size

4.7MB
MD5

ec299bf5009f171d297abd40e7ea3a2f
SHA1

5b72ae85bb808faded66667caf2ffd722429c782
SHA256

a86da299d9c52dca9911e3fe12d0ab43491f8e6234c33b982a46e0cb0cdf5a1a
SHA512

66dcb3b8d28e19625b17f8f8b3f9000137be826b54e6239ed6ce31137840f4836c4f8d294ba840a4dcb2f1acf77577e5937626bf0f9db24528ecfb356f459080
SSDEEP

98304:MMpApfYdg+FzamwAJXyOlHjgkchzfr3PBkCN73Ol64tYF+w7iqe59/:MYPFuJ07lHjdcxt3OY4tYFuqU9/

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 7 IoCs

description	ioc
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application a broad access to external storage in scoped storage.	android.permission.MANAGE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE

Files

a86da299d9c52dca9911e3fe12d0ab43491f8e6234c33b982a46e0cb0cdf5a1a.bin
.apk android

ru.aaaaacag.installer

ru.aaaaacag.installer.MainActivity

Activities

ru.aaaaacag.installer.MainActivity

android.intent.action.MAIN
android.intent.action.SEND
android.intent.action.SEND_MULTIPLE
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

ru.aaaaacag.installer.SetPrefs

android.intent.action.MAIN

com.widgets.WidgetConfigureActivity1

android.appwidget.action.APPWIDGET_CONFIGURE

com.widgets.WidgetConfigureActivity2

android.appwidget.action.APPWIDGET_CONFIGURE

Permissions

android.permission.BLUETOOTH
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.ACCESS_SUPERUSER
android.permission.INTERNET
android.permission.VIBRATE
com.android.vending.CHECK_LICENSE
android.permission.INTERACT_ACROSS_USERS_FULL
android.permission.ACCESS_NETWORK_STATE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.WRITE_SETTINGS
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.REQUEST_DELETE_PACKAGES
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WRITE_MEDIA_STORAGE
android.permission.MANAGE_EXTERNAL_STORAGE
android.permission.REORDER_TASKS
android.permission.READ_EXTERNAL_STORAGE
com.huawei.permission.external_app_settings.USE_COMPONENT
oppo.permission.OPPO_COMPONENT_SAFE
android.permission.WAKE_LOCK
android.permission.CHANGE_WIFI_STATE
android.permission.FOREGROUND_SERVICE
android.permission.GET_TASKS
android.permission.BATTERY_STATS
android.permission.READ_PHONE_STATE
com.android.launcher.permission.INSTALL_SHORTCUT

Receivers

ru.aaaaacag.installer.PackageChangeReceiver

android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_REPLACED
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_CHANGED

ru.aaaaacag.installer.OnAlarmReceiver

com.ui.OnAlarmReceiver.ACTION_WIDGET_RECEIVER

ru.aaaaacag.installer.BinderBootReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.MEDIA_SCANNER_FINISHED
android.intent.action.MEDIA_SCANNER_STARTED
android.intent.action.MEDIA_MOUNTED
android.intent.action.MEDIA_EJECT
android.intent.action.MEDIA_UNMOUNTED
android.intent.action.MEDIA_REMOVED

ru.aaaaacag.installer.OnBootReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.EXTERNAL_APPLICATIONS_AVAILABLE
android.intent.action.EXTERNAL_APPLICATIONS_UNAVAILABLE
android.intent.action.UMS_DISCONNECTED
android.intent.action.POWER_DISCONNECTED
android.intent.action.MY_PACKAGE_REPLACED

com.widgets.Widget5

android.appwidget.action.APPWIDGET_UPDATE
com.ui.widgets.Widget5.ACTION_WIDGET_RECEIVER
com.ui.widgets.Widget5.ACTION_WIDGET_RECEIVER_Updater

com.widgets.Widget4

android.appwidget.action.APPWIDGET_UPDATE
com.ui.widgets.Widget4.ACTION_WIDGET_RECEIVER
com.ui.widgets.Widget4.ACTION_WIDGET_RECEIVER_Updater

com.widgets.Widget1

android.appwidget.action.APPWIDGET_UPDATE

com.widgets.Widget3

android.appwidget.action.APPWIDGET_UPDATE
com.ui.widgets.Widget3.ACTION_WIDGET_RECEIVER
com.ui.widgets.Widget3.ACTION_WIDGET_RECEIVER_Updater

com.widgets.Widget2

android.appwidget.action.APPWIDGET_UPDATE
com.ui.widgets.Widget2.ACTION_WIDGET_RECEIVER
com.ui.widgets.Widget2.ACTION_WIDGET_RECEIVER_Updater

Services

com.google.android.finsky.billing.iab.InAppBillingService

com.android.vending.billing.InAppBillingService.PROX
ru.aaaaacag.installer
com.android.vending.billing.InAppBillingService.INST

com.google.android.finsky.services.LicensingService

ru.aaaaacag.installer.service

com.services.TestService

com.ui.ITestServiceInterface.BIND

Android Permissions

a86da299d9c52dca9911e3fe12d0ab43491f8e6234c33b982a46e0cb0cdf5a1a.bin

Permissions

android.permission.BLUETOOTH

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.ACCESS_SUPERUSER

android.permission.INTERNET

android.permission.VIBRATE

com.android.vending.CHECK_LICENSE

android.permission.INTERACT_ACROSS_USERS_FULL

android.permission.ACCESS_NETWORK_STATE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.WRITE_SETTINGS

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.REQUEST_DELETE_PACKAGES

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.WRITE_MEDIA_STORAGE

android.permission.MANAGE_EXTERNAL_STORAGE

android.permission.REORDER_TASKS

android.permission.READ_EXTERNAL_STORAGE

com.huawei.permission.external_app_settings.USE_COMPONENT

oppo.permission.OPPO_COMPONENT_SAFE

android.permission.WAKE_LOCK

android.permission.CHANGE_WIFI_STATE

android.permission.FOREGROUND_SERVICE

android.permission.GET_TASKS

android.permission.BATTERY_STATS

android.permission.READ_PHONE_STATE

com.android.launcher.permission.INSTALL_SHORTCUT

Sharing

General

Malware Config

Signatures

Files

ru.aaaaacag.installer

ru.aaaaacag.installer.MainActivity

Activities

ru.aaaaacag.installer.MainActivity

ru.aaaaacag.installer.SetPrefs

com.widgets.WidgetConfigureActivity1

com.widgets.WidgetConfigureActivity2

Permissions

Receivers

ru.aaaaacag.installer.PackageChangeReceiver

ru.aaaaacag.installer.OnAlarmReceiver

ru.aaaaacag.installer.BinderBootReceiver

ru.aaaaacag.installer.OnBootReceiver

com.widgets.Widget5

com.widgets.Widget4

com.widgets.Widget1

com.widgets.Widget3

com.widgets.Widget2

Services

com.google.android.finsky.billing.iab.InAppBillingService

com.google.android.finsky.services.LicensingService

com.services.TestService

Android Permissions

a86da299d9c52dca9911e3fe12d0ab43491f8e6234c33b982a46e0cb0cdf5a1a.bin