com-mod-evernotepremium-unlocked-10-18-1118144[.]apk

General

Target

com-mod-evernotepremium-unlocked-10-18-1118144.apk
Size

149.1MB
MD5

8c2d3547bf5484efe9221ec01e38c262
SHA1

6c4699867fcc058eba1685a645673b0088b35d7d
SHA256

ae0517f19ac07c05df2d4d99b42e5dfb4220ccf1508a5e93cbad1c24f47b913e
SHA512

bd6dcc695b02def0b4c350fae2aae87930e21ba8079713ca6fa4e8dca166e9f0cec7b2b25b078c46f33df7426512f208651ac7f30c29612fb5d21003cad661ab
SSDEEP

3145728:bhNe4CuvktvyKd0Ordoe7bGwxAaeslNliJY2BAyFFgQPmjH:FM6ktRJoK6EApslzAfAol+z

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 8 IoCs

description	ioc
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION

Files

com-mod-evernotepremium-unlocked-10-18-1118144.apk
.apk .js android arch:arm64 arch:arm arch:x86 arch:x64 polyglot

Password: fuckyouevernote

com.evernote

com.evernote.SplashActivity

Activities

com.evernote.SplashActivity

android.intent.action.MAIN

com.evernote.MainActivity

com.evernote.neutron.TAP_NOTIFICATION
android.intent.action.VIEW
android.intent.action.VIEW

com.evernote.ShareExtensionActivity

android.intent.action.SEND
android.intent.action.SEND_MULTIPLE

com.evernote.widget.WidgetActionsSettingsActivity

android.intent.action.MAIN

com.evernote.widget.Widget1x1SettingsActivity

android.intent.action.CREATE_SHORTCUT

com.evernote.widget.Widget4x1SettingsActivity

android.intent.action.MAIN

com.evernote.widget.WidgetNewNoteReroutingActivity

com.evernote.widget.action.CREATE_QUICK_NOTE
com.evernote.widget.action.CREATE_NEW_NOTE
com.evernote.widget.action.CREATE_NEW_QUICK_REMINDER
com.evernote.widget.action.NEW_SNAPSHOT
com.evernote.widget.action.NEW_VOICE_NOTE
com.evernote.action.SEARCH
com.evernote.widget.action.NEW_QUICK_SNAPSHOT
com.evernote.widget.action.NEW_ATTACHMENT
com.evernote.widget.action.NEW_HANDWRITING
com.evernote.widget.action.LAUNCH_EVERNOTE

Permissions

android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.READ_EXTERNAL_STORAGE
com.android.vending.BILLING
android.permission.READ_PROFILE
android.permission.CAMERA
android.permission.RECORD_AUDIO
android.permission.ACCESS_FINE_LOCATION
com.android.launcher.permission.INSTALL_SHORTCUT
android.permission.FOREGROUND_SERVICE
com.evernote.android.permission.APP_EVENT
Manifest.permission.USE_BIOMETRIC
android.permission.USE_FINGERPRINT
android.permission.WRITE_EXTERNAL_STORAGE
com.android.vending.CHECK_LICENSE
android.permission.WAKE_LOCK
android.permission.VIBRATE
android.permission.READ_CONTACTS
android.permission.QUERY_ALL_PACKAGES
android.permission.ACCESS_COARSE_LOCATION
com.google.android.c2dm.permission.RECEIVE
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
android.permission.USE_BIOMETRIC
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.GET_TASKS

Receivers

com.evernote.widget.EvernoteNewWidgetProvider

android.appwidget.action.APPWIDGET_UPDATE
android.appwidget.action.APPWIDGET_ENABLED
android.appwidget.action.APPWIDGET_DISABLED
android.appwidget.action.APPWIDGET_DELETED
EvernoteWidgetProvider.ACTION_UPDATE

com.evernote.EvernoteBroadcastReceiver

com.evernote.action.CREATE_NOTE_WIDGET

com.kochava.base.ReferralReceiver

com.android.vending.INSTALL_REFERRER

com.learnium.RNDeviceInfo.RNDeviceReceiver

com.android.vending.INSTALL_REFERRER

com.iterable.iterableapi.IterablePushActionReceiver

com.iterable.push.ACTION_PUSH_ACTION

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.qualtrics.digital.QualtricsNotificationManager

android.intent.action.MAIN

com.evernote.android.job.v14.PlatformAlarmReceiver

com.evernote.android.job.v14.RUN_JOB
net.vrallev.android.job.v14.RUN_JOB

com.evernote.android.job.JobBootReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
com.htc.intent.action.QUICKBOOT_POWERON
android.intent.action.MY_PACKAGE_REPLACED

com.transistorsoft.tsbackgroundfetch.BootReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.MY_PACKAGE_REPLACED

Services

com.evernote.EvernoteMessagingService

com.google.firebase.MESSAGING_EVENT

com.iterable.iterableapi.IterableFirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.evernote.android.job.gcm.PlatformGcmService

com.google.android.gms.gcm.ACTION_TASK_READY

Android Permissions

com-mod-evernotepremium-unlocked-10-18-1118144.apk

Permissions

android.permission.INTERNET

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.READ_EXTERNAL_STORAGE

com.android.vending.BILLING

android.permission.READ_PROFILE

android.permission.CAMERA

android.permission.RECORD_AUDIO

android.permission.ACCESS_FINE_LOCATION

com.android.launcher.permission.INSTALL_SHORTCUT

android.permission.FOREGROUND_SERVICE

com.evernote.android.permission.APP_EVENT

Manifest.permission.USE_BIOMETRIC

android.permission.USE_FINGERPRINT

android.permission.WRITE_EXTERNAL_STORAGE

com.android.vending.CHECK_LICENSE

android.permission.WAKE_LOCK

android.permission.VIBRATE

android.permission.READ_CONTACTS

android.permission.QUERY_ALL_PACKAGES

android.permission.ACCESS_COARSE_LOCATION

com.google.android.c2dm.permission.RECEIVE

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

android.permission.USE_BIOMETRIC

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.GET_TASKS

Sharing

General

Malware Config

Signatures

Files

Password: fuckyouevernote

com.evernote

com.evernote.SplashActivity

Activities

com.evernote.SplashActivity

com.evernote.MainActivity

com.evernote.ShareExtensionActivity

com.evernote.widget.WidgetActionsSettingsActivity

com.evernote.widget.Widget1x1SettingsActivity

com.evernote.widget.Widget4x1SettingsActivity

com.evernote.widget.WidgetNewNoteReroutingActivity

Permissions

Receivers

com.evernote.widget.EvernoteNewWidgetProvider

com.evernote.EvernoteBroadcastReceiver

com.kochava.base.ReferralReceiver

com.learnium.RNDeviceInfo.RNDeviceReceiver

com.iterable.iterableapi.IterablePushActionReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.qualtrics.digital.QualtricsNotificationManager

com.evernote.android.job.v14.PlatformAlarmReceiver

com.evernote.android.job.JobBootReceiver

com.transistorsoft.tsbackgroundfetch.BootReceiver

Services

com.evernote.EvernoteMessagingService

com.iterable.iterableapi.IterableFirebaseMessagingService

com.google.firebase.messaging.FirebaseMessagingService

com.evernote.android.job.gcm.PlatformGcmService

Android Permissions

com-mod-evernotepremium-unlocked-10-18-1118144.apk