antidot | Shield Plus_6[.]2[.]apk

General

Target

Shield Plus_6.2.apk
Size

8.1MB
MD5

5b7d31fb9202d6b559263fac309eb477
SHA1

587856a9368146e701ad654087329d4636cd62d1
SHA256

add00a4daf4de36f154c7313a13c155fd5a922119cb087d6cd93ed4b2fe372bc
SHA512

42dd54f71a23bc47ea92613b7a8b8b74f01cc8ec8b9e65afbb7c4bdbbb3d51ac510cba8ea68341f603ac177475a034d80f9849467fb6ead64f1db1b9de45366b
SSDEEP

196608:Wyw2BxZNmiYIQFBCuZ4NOzCjj8IkxCfgEK:Dw2T7mibQFBCw4NqcIIkxC4n

Score

10^/10

antidot

Malware Config

Signatures

Antidot family
antidot
Antidot payload 1 IoCs

Processes:

resource yara_rule

sample family_antidot
Declares services with permission to bind to the system 1 IoCs

Processes:

description ioc

Required by VPN services to bind with the system. Allows apps to provision VPN services. android.permission.BIND_VPN_SERVICE

resource	yara_rule
sample	family_antidot

description	ioc
Required by VPN services to bind with the system. Allows apps to provision VPN services.	android.permission.BIND_VPN_SERVICE

Requests dangerous framework permissions 44 IoCs

Processes:

description	ioc
Allows a calling app to continue a call which was started in another app.	android.permission.ACCEPT_HANDOVER
Allows the app to answer an incoming phone call.	android.permission.ANSWER_PHONE_CALLS
Allows an application to access data from sensors that the user uses to measure what is happening inside their body, such as heart rate.	android.permission.BODY_SENSORS_BACKGROUND
Required to be able to range to devices using ultra-wideband.	android.permission.UWB_RANGING
Allows an application to recognize physical activity.	android.permission.ACTIVITY_RECOGNITION
Allows an app to access location in the background.	android.permission.ACCESS_BACKGROUND_LOCATION
Required to be able to advertise to nearby Bluetooth devices.	android.permission.BLUETOOTH_ADVERTISE
Required to be able to discover and pair nearby Bluetooth devices.	android.permission.BLUETOOTH_SCAN
Required to be able to connect to paired Bluetooth devices.	android.permission.BLUETOOTH_CONNECT
Allows an application to access any geographic locations persisted in the user's shared collection.	android.permission.ACCESS_MEDIA_LOCATION
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows an application to add voicemails into the system.	com.android.voicemail.permission.ADD_VOICEMAIL
Required to be able to access the camera device.	android.permission.CAMERA
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application a broad access to external storage in scoped storage.	android.permission.MANAGE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to access data from sensors that the user uses to measure what is happening inside their body, such as heart rate.	android.permission.BODY_SENSORS
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an application to write the user's calendar data.	android.permission.WRITE_CALENDAR
Allows an application to read the user's calendar data.	android.permission.READ_CALENDAR
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS
Allows an application to use SIP service.	android.permission.USE_SIP
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to collect component usage statistics.	android.permission.PACKAGE_USAGE_STATS
Allows an app to post notifications.	android.permission.POST_NOTIFICATIONS
Required to be able to advertise and connect to nearby devices via Wi-Fi.	android.permission.NEARBY_WIFI_DEVICES
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES
Allows read access to the device's phone number(s).	android.permission.READ_PHONE_NUMBERS
Allows an application to read the user's call log.	android.permission.READ_CALL_LOG
Allows an application to write and read the user's call log data.	android.permission.WRITE_CALL_LOG
Allows an application to monitor incoming MMS messages.	android.permission.RECEIVE_MMS
Allows an application to receive WAP push messages.	android.permission.RECEIVE_WAP_PUSH
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to read image files from external storage.	android.permission.READ_MEDIA_IMAGES
Allows an application to read audio files from external storage.	android.permission.READ_MEDIA_AUDIO
Allows an application to read video files from external storage.	android.permission.READ_MEDIA_VIDEO
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE

Files

Shield Plus_6.2.apk
.apk android arch:arm64

com.shield.cheat

com.shield.cheat.Activity.LoginActivity

Activities

com.shield.cheat.Activity.LoginActivity

android.intent.action.MAIN

top.bienvenido.mundo.manifest.MundoIntermediary

android.intent.action.VIEW

com.google.firebase.auth.internal.GenericIdpActivity

android.intent.action.VIEW

com.google.firebase.auth.internal.RecaptchaActivity

android.intent.action.VIEW

Permissions

android.permission.GET_TASKS
android.permission.USE_BIOMETRIC
com.open.gallery.smart.Read
android.permission.HIGH_SAMPLING_RATE_SENSORS
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.CAPTURE_VIDEO_OUTPUT
android.permission.RUN_USER_INITIATED_JOBS
android.permission.ACCEPT_HANDOVER
android.permission.ANSWER_PHONE_CALLS
android.permission.BODY_SENSORS_BACKGROUND
android.permission.UWB_RANGING
android.permission.ACTIVITY_RECOGNITION
android.permission.DETECT_SCREEN_CAPTURE
android.permission.MANAGE_MEDIA_PROJECTION
android.permission.MANAGE_GAME_MODE
miui.permission.WRITE_STEPS
miui.permission.READ_STEPS
com.xiaomi.sdk.permission.PAYMENT
com.xiaomi.permission.AUTH_SERVICE
android.permission.SET_PREFERRED_APPLICATIONS
android.permission.NETWORK_SETTINGS
android.permission.MANAGE_ROLE_HOLDERS
android.permission.ACCESS_KEYGUARD_SECURE_STORAGE
android.permission.READ_SEARCH_INDEXABLES
com.huawei.permission.MANAGE_VOICERECOGNITION
com.huawei.permission.MANAGE_USE_SECURITY
android.permission.ACCESS_BACKGROUND_LOCATION
ohos.permission.READ_MESSAGES
ohos.permission.RECEIVE_MMS
ohos.permission.RECEIVE_SMS
ohos.permission.RECEIVE_WAP_MESSAGES
ohos.permission.SEND_MESSAGES
ohos.permission.READ_CELL_MESSAGES
ohos.permission.READ_CALL_LOG
ohos.permission.WRITE_CALL_LOG
ohos.permission.READ_CONTACTS
ohos.permission.WRITE_CONTACTS
ohos.permission.ANSWER_CALL
ohos.permission.GET_BUNDLE_INFO
ohos.permission.DISTRIBUTED_DATASYNC
ohos.permission.DISTRIBUTED_DEVICE_STATE_CHANGE
ohos.permission.GET_DISTRIBUTED_DEVICE_INFO
ohos.permission.ACCESS_SERVICE
ohos.permission.LOCATION
ohos.permission.LOCATION_IN_BACKGROUND
ohos.permission.CAMERA
ohos.permission.MICROPHONE
ohos.permission.READ_CALENDAR
ohos.permission.BIND_SERVICE
ohos.permission.ACTIVITY_MOTION
ohos.permission.READ_HEALTH_DATA
ohos.permission.MEDIA_LOCATION
ohos.permission.READ_MEDIA
ohos.permission.WRITE_MEDIA
ohos.permission.GET_APP_ACCOUNTS
ohos.permission.GET_NETWORK_INFO
ohos.permission.GET_WIFI_INFO
ohos.permission.USE_BLUETOOTH
ohos.permission.DISCOVER_BLUETOOTH
ohos.permission.SET_NETWORK_INFO
ohos.permission.SET_WIFI_INFO
ohos.permission.SPREAD_STATUS_BAR
ohos.permission.INTERNET
ohos.permission.MODIFY_AUDIO_SETTINGS
ohos.permission.RECEIVER_STARTUP_COMPLETED
ohos.permission.RUNNING_LOCK
ohos.permission.ACCESS_BIOMETRIC
ohos.permission.RCV_NFC_TRANSACTION_EVENT
ohos.permission.COMMONEVENT_STICKY
ohos.permission.SYSTEM_FLOAT_WINDOW
ohos.permission.VIBRATE
ohos.permission.USE_TRUSTCIRCLE_MANAGER
ohos.permission.USE_WHOLE_SCREEN
ohos.permission.SET_WALLPAPER
ohos.permission.SET_WALLPAPER_DIMENSION
ohos.permission.REARRANGE_MISSIONS
ohos.permission.CLEAN_BACKGROUND_PROCESSES
ohos.permission.KEEP_BACKGROUND_RUNNING
ohos.permission.ACCELEROMETER
ohos.permission.GYROSCOPE
ohos.permission.MULTIMODAL_INTERACTIVE
ohos.permission.ACCESS_FM_AM
ohos.permission.NFC_TAG
ohos.permission.NFC_CARD_EMULATION
android.permission.READ_DEVICE_CONFIG
android.permission.BLUETOOTH_PRIVILEGED
android.permission.MANAGE_OWN_CALLS
android.permission.BIND_TELECOM_CONNECTION_SERVICE
android.permission.BLUETOOTH_ADVERTISE
android.permission.BLUETOOTH_SCAN
android.permission.BLUETOOTH_CONNECT
android.permission.USE_EXACT_ALARM
android.permission.ACCESS_MEDIA_LOCATION
android.permission.RECEIVE_SMS
android.permission.CALL_PHONE
android.permission.RUN_LONG_JOBS
android.hardware.usb.host
android.permission.HARDWARE_TEST
android.permission.INTERACT_ACROSS_USERS_FULL
android.permission.READ_PRIVILEGED_PHONE_STATE
android.permission.QUERY_ALL_PACKAGES
android.permission.WRITE_SOCIAL_STREAM
android.permission.READ_SOCIAL_STREAM
android.permission.READ_PROFILE
android.permission.WRITE_PROFILE
android.permission.READ_USER_DICTIONARY
android.permission.WRITE_USER_DICTIONARY
android.permission.USE_CREDENTIALS
android.permission.AUTHENTICATE_ACCOUNTS
com.samsung.svoice.sync.READ_DATABASE
com.samsung.svoice.sync.ACCESS_SERVICE
com.samsung.svoice.sync.WRITE_DATABASE
com.sec.android.app.voicenote.Controller
com.sec.android.permission.VOIP_INTERFACE
com.sec.android.permission.LAUNCH_PERSONAL_PAGE_SERVICE
com.samsung.android.providers.context.permission.WRITE_USE_APP_FEATURE_SURVEY
com.samsung.android.providers.context.permission.READ_RECORD_AUDIO
com.samsung.android.providers.context.permission.WRITE_RECORD_AUDIO
com.sec.android.settings.permission.SOFT_RESET
sec.android.permission.READ_MSG_PREF
com.samsung.android.scloud.backup.lib.read
com.samsung.android.scloud.backup.lib.write
com.android.alarm.permission.SET_ALARM
com.android.voicemail.permission.ADD_VOICEMAIL
com.android.voicemail.permission.READ_WRITE_ALL_VOICEMAIL
com.huawei.authentication.HW_ACCESS_AUTH_SERVICE
com.android.vending.BILLING
com.android.vending.CHECK_LICENSE
com.google.android.providers.talk.permission.READ_ONLY
com.google.android.providers.talk.permission.WRITE_ONLY
com.google.android.c2dm.permission.RECEIVE
com.google.android.gms.permission.ACTIVITY_RECOGNITION
com.google.android.gms.permission.AD_ID_NOTIFICATION
com.google.android.providers.gsf.permission.READ_GSERVICES
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
android.permission.READ_APP_BADGE
com.google.android.launcher.permission.READ_SETTINGS
com.oppo.launcher.permission.WRITE_SETTINGS
me.everything.badger.permission.BADGE_COUNT_READ
me.everything.badger.permission.BADGE_COUNT_WRITE
com.android.launcher.permission.READ_SETTINGS
com.sec.android.provider.badge.permission.READ
com.sec.android.provider.badge.permission.WRITE
com.htc.launcher.permission.READ_SETTINGS
com.htc.launcher.permission.UPDATE_SHORTCUT
com.sonyericsson.home.permission.BROADCAST_BADGE
com.sonymobile.home.permission.PROVIDER_INSERT_BADGE
com.anddoes.launcher.permission.UPDATE_COUNT
com.majeur.launcher.permission.UPDATE_BADGE
com.huawei.android.launcher.permission.CHANGE_BADGE
com.huawei.android.launcher.permission.WRITE_SETTINGS
com.android.launcher.permission.WRITE_SETTINGS
com.android.launcher3.permission.READ_SETTINGS
com.android.launcher2.permission.READ_SETTINGS
com.teslacoilsw.launcher.permission.READ_SETTINGS
com.actionlauncher.playstore.permission.READ_SETTINGS
com.mx.launcher.permission.READ_SETTINGS
com.anddoes.launcher.permission.READ_SETTINGS
com.apusapps.launcher.permission.READ_SETTINGS
com.tsf.shell.permission.READ_SETTINGS
com.lenovo.launcher.permission.READ_SETTINGS
com.oppo.launcher.permission.READ_SETTINGS
com.bbk.launcher2.permission.READ_SETTINGS
com.s.launcher.permission.READ_SETTINGS
cn.nubia.launcher.permission.READ_SETTINGS
com.huawei.android.launcher.permission.READ_SETTINGS
android.permission.INTERNET
android.permission.CAMERA
android.permission.FLASHLIGHT
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_MULTICAST_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.MANAGE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.BATTERY_STATS
android.permission.BODY_SENSORS
android.permission.BROADCAST_STICKY
android.permission.DISABLE_KEYGUARD
android.permission.EXPAND_STATUS_BAR
android.permission.GET_ACCOUNTS
android.permission.MANAGE_ACCOUNTS
android.permission.READ_PHONE_STATE
android.permission.CHANGE_CONFIGURATION
android.permission.WRITE_SETTINGS
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.PERSISTENT_ACTIVITY
android.permission.RECORD_AUDIO
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.NFC
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.VIBRATE
android.permission.USE_FINGERPRINT
com.android.browser.permission.READ_HISTORY_BOOKMARKS
com.android.browser.permission.WRITE_HISTORY_BOOKMARKS
android.permission.CLEAR_APP_CACHE
android.permission.GET_PACKAGE_SIZE
android.permission.WRITE_SYNC_SETTINGS
android.permission.READ_SYNC_SETTINGS
android.permission.READ_SYNC_STATS
android.permission.SUBSCRIBED_FEEDS_READ
android.permission.SUBSCRIBED_FEEDS_WRITE
android.permission.WRITE_CALENDAR
android.permission.READ_CALENDAR
android.permission.READ_CONTACTS
android.permission.WRITE_CONTACTS
android.permission.READ_LOGS
android.permission.RESTART_PACKAGES
android.permission.SET_TIME
android.permission.SET_TIME_ZONE
android.permission.SET_WALLPAPER
android.permission.SET_WALLPAPER_HINTS
android.permission.TRANSMIT_IR
android.permission.USE_SIP
android.permission.WAKE_LOCK
android.permission.SYSTEM_ALERT_WINDOW
android.permission.SYSTEM_OVERLAY_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.GET_INTENT_SENDER_INTENT
android.permission.BIND_DIRECTORY_SEARCH
android.permission.UPDATE_APP_OPS_STATS
android.permission.INSTALL_PACKAGES
android.permission.DELETE_PACKAGES
android.permission.CLEAR_APP_USER_DATA
android.permission.WRITE_MEDIA_STORAGE
android.permission.ACCESS_CACHE_FILESYSTEM
android.permission.DEVICE_POWER
android.permission.WRITE_APN_SETTINGS
android.permission.BIND_APPWIDGET
android.permission.ACCOUNT_MANAGER
android.permission.PACKAGE_USAGE_STATS
android.permission.READ_INSTALL_SESSIONS
android.permission.READ_OWNER_DATA
android.permission.READ_CELL_BROADCASTS
android.permission.WRITE_CLIPS
android.permission.READ_CLIPS
android.permission.GET_CLIPS
android.permission.WRITE_OWNER_DATA
android.permission.ACCESS_GPS
android.permission.ACCESS_WIMAX_STATE
android.permission.ACCESS_DOWNLOAD_MANAGER
android.permission.CHANGE_WIMAX_STATE
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
android.permission.POST_NOTIFICATIONS
android.permission.NEARBY_WIFI_DEVICES
android.permission.ACCESS_FINE_LOCATION
android.permission.REORDER_TASKS
android.permission.REQUEST_DELETE_PACKAGES
android.permission.FOREGROUND_SERVICE
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.READ_PHONE_NUMBERS
android.permission.ACCESS_NETWORK_STATE
com.sk.spatch.permission.SAFE_ACCESS
android.permission.READ_CALL_LOG
android.permission.WRITE_CALL_LOG
android.permission.RECEIVE_MMS
android.permission.RECEIVE_WAP_PUSH
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.WRITE_SMS
com.google.android.googleapps.permission.GOOGLE_AUTH
com.google.android.googleapps.permission.GOOGLE_AUTH.OTHER_SERVICES
com.google.android.googleapps.permission.GOOGLE_AUTH.YouTubeUser
android.permission.READ_MEDIA_IMAGES
android.permission.READ_MEDIA_AUDIO
android.permission.READ_MEDIA_VIDEO
android.permission.START_FOREGROUND_SERVICES_FROM_BACKGROUND
android.permission.FOREGROUND_SERVICE_CAMERA
android.permission.FOREGROUND_SERVICE_CONNECTED_DEVICE
android.permission.FOREGROUND_SERVICE_DATA_SYNC
android.permission.FOREGROUND_SERVICE_HEALTH
android.permission.FOREGROUND_SERVICE_LOCATION
android.permission.FOREGROUND_SERVICE_MEDIA_PLAYBACK
android.permission.FOREGROUND_SERVICE_MEDIA_PROJECTION
android.permission.FOREGROUND_SERVICE_MICROPHONE
android.permission.FOREGROUND_SERVICE_PHONE_CALL
android.permission.FOREGROUND_SERVICE_REMOTE_MESSAGING
android.permission.FOREGROUND_SERVICE_SPECIAL_USE
android.permission.FOREGROUND_SERVICE_SYSTEM_EXEMPTED
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INTERACT_ACROSS_USERS
com.google.android.gms.permission.AD_ID
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
com.shield.cheat.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

Receivers

top.bienvenido.mundo.manifest.MundoReceiver

com.shield.cheat.mundo.receiver.stub

androidx.profileinstaller.ProfileInstallReceiver

androidx.profileinstaller.action.INSTALL_PROFILE
androidx.profileinstaller.action.SKIP_FILE
androidx.profileinstaller.action.SAVE_PROFILE
androidx.profileinstaller.action.BENCHMARK_OPERATION

Services

Android Permissions

Shield Plus_6.2.apk

Permissions

android.permission.GET_TASKS

android.permission.USE_BIOMETRIC

com.open.gallery.smart.Read

android.permission.HIGH_SAMPLING_RATE_SENSORS

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS

android.permission.CAPTURE_VIDEO_OUTPUT

android.permission.RUN_USER_INITIATED_JOBS

android.permission.ACCEPT_HANDOVER

android.permission.ANSWER_PHONE_CALLS

android.permission.BODY_SENSORS_BACKGROUND

android.permission.UWB_RANGING

android.permission.ACTIVITY_RECOGNITION

android.permission.DETECT_SCREEN_CAPTURE

android.permission.MANAGE_MEDIA_PROJECTION

android.permission.MANAGE_GAME_MODE

miui.permission.WRITE_STEPS

miui.permission.READ_STEPS

com.xiaomi.sdk.permission.PAYMENT

com.xiaomi.permission.AUTH_SERVICE

android.permission.SET_PREFERRED_APPLICATIONS

android.permission.NETWORK_SETTINGS

android.permission.MANAGE_ROLE_HOLDERS

android.permission.ACCESS_KEYGUARD_SECURE_STORAGE

android.permission.READ_SEARCH_INDEXABLES

com.huawei.permission.MANAGE_VOICERECOGNITION

com.huawei.permission.MANAGE_USE_SECURITY

android.permission.ACCESS_BACKGROUND_LOCATION

ohos.permission.READ_MESSAGES

ohos.permission.RECEIVE_MMS

ohos.permission.RECEIVE_SMS

ohos.permission.RECEIVE_WAP_MESSAGES

ohos.permission.SEND_MESSAGES

ohos.permission.READ_CELL_MESSAGES

ohos.permission.READ_CALL_LOG

ohos.permission.WRITE_CALL_LOG

ohos.permission.READ_CONTACTS

ohos.permission.WRITE_CONTACTS

ohos.permission.ANSWER_CALL

ohos.permission.GET_BUNDLE_INFO

ohos.permission.DISTRIBUTED_DATASYNC

ohos.permission.DISTRIBUTED_DEVICE_STATE_CHANGE

ohos.permission.GET_DISTRIBUTED_DEVICE_INFO

ohos.permission.ACCESS_SERVICE

ohos.permission.LOCATION

ohos.permission.LOCATION_IN_BACKGROUND

ohos.permission.CAMERA

ohos.permission.MICROPHONE

ohos.permission.READ_CALENDAR

ohos.permission.BIND_SERVICE

ohos.permission.ACTIVITY_MOTION

Resubmissions

Sharing

General

Malware Config

Signatures

Files

com.shield.cheat

com.shield.cheat.Activity.LoginActivity

Activities

com.shield.cheat.Activity.LoginActivity

top.bienvenido.mundo.manifest.MundoIntermediary

com.google.firebase.auth.internal.GenericIdpActivity

com.google.firebase.auth.internal.RecaptchaActivity

Permissions

Receivers

top.bienvenido.mundo.manifest.MundoReceiver

androidx.profileinstaller.ProfileInstallReceiver

Services

Android Permissions

Shield Plus_6.2.apk