Browser_34[.]4[.]0[.]51[.]164[.]632504017[.]apk

General

Target

Browser_34.4.0.51.164.632504017.apk
Size

180.8MB
MD5

b85674f89f922c50a4de07345a1a0bdd
SHA1

f51dd3c6f14637773463c7227ee9a65801b48ac6
SHA256

aeb0e6f0d3b869e54740a72e209d0475e64784bea5cac9cbb271073a76e9b7e4
SHA512

08f30a93a1953ea1c538b8e101dbdb77813c8920007a84b133328d6b49ba88973786ccd8432dd69b6b0f24d1a5a8b8d5056461557ab2e615c492ba2edf5c23b0
SSDEEP

3145728:59CzlsVXU51rjcj03tjA/27tjRj8iS7HSBskXOxSRAp4htfb:ole81rjcj03tjA/27tjRj8iS7HSBskXp

Score

6^/10

Malware Config

Signatures

Attempts to obfuscate APK file format
Applies obfuscation techniques to the APK format in order to hinder analysis

Requests dangerous framework permissions 7 IoCs

description	ioc
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to post notifications.	android.permission.POST_NOTIFICATIONS
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW

Files

Browser_34.4.0.51.164.632504017.apk
.apk android arch:arm64

com.oculus.browser

com.oculus.browser.PanelActivity

Activities

org.chromium.chrome.browser.media.MediaLauncherActivity

android.intent.action.VIEW

org.chromium.chrome.browser.dragdrop.DragAndDropLauncherActivity

org.chromium.chrome.browser.dragdrop.action.VIEW

org.chromium.chrome.browser.incognito.IncognitoTabLauncher

org.chromium.chrome.browser.incognito.OPEN_PRIVATE_TAB

com.oculus.browser.PermissionsRequestActivity

com.oculus.vrshell.panel.vr_permission.GET

org.chromium.chrome.browser.browserservices.ManageTrustedWebActivityDataActivity

android.support.customtabs.action.ACTION_MANAGE_TRUSTED_WEB_ACTIVITY_DATA
android.support.customtabs.action.ACTION_MANAGE_TRUSTED_WEB_ACTIVITY_DATA

org.chromium.chrome.browser.webauth.authenticator.CableAuthenticatorUSBActivity

android.hardware.usb.action.USB_ACCESSORY_ATTACHED

com.oculus.browser.WebVRActivity

android.intent.action.MAIN

com.oculus.browser.WebVRVolumeActivity

android.intent.action.MAIN

com.oculus.browser.PanelActivity

android.intent.action.MAIN
com.oculus.vrshell.SHELL_MAIN
android.intent.action.VIEW

Permissions

android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_NETWORK_STATE
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
android.permission.FOREGROUND_SERVICE
android.permission.FOREGROUND_SERVICE_MEDIA_PLAYBACK
android.permission.FOREGROUND_SERVICE_DATA_SYNC
android.permission.FOREGROUND_SERVICE_SPECIAL_USE
android.permission.FOREGROUND_SERVICE_LOCATION
android.permission.FOREGROUND_SERVICE_MICROPHONE
android.permission.RUN_USER_INITIATED_JOBS
android.permission.INTERNET
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.POST_NOTIFICATIONS
android.permission.QUERY_ALL_PACKAGES
android.permission.READ_EXTERNAL_STORAGE
android.permission.VIBRATE
android.permission.READ_PRIVILEGED_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.RECORD_AUDIO
android.permission.USE_CREDENTIALS
android.permission.WAKE_LOCK
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.CREDENTIAL_MANAGER_QUERY_CANDIDATE_CREDENTIALS
android.permission.CREDENTIAL_MANAGER_SET_ALLOWED_PROVIDERS
android.permission.CREDENTIAL_MANAGER_SET_ORIGIN
com.oculus.vrshell.permission.ACCESS_PANEL_ACTIVITY_FEATURES
com.oculus.vrshell.permission.THEATER_VIEW_SERVICE
com.oculus.vrshell.BrowserTheaterViewRequestBroadcastReceiverPermission
com.oculus.vrshell.permission.BROWSER_DUI_REPLACEMENT
com.oculus.horizon.FBCONNECT_CONTENT_PROVIDER_READ_ACCESS
com.oculus.permission.PLAY_AUDIO_BACKGROUND
com.oculus.permission.RECORD_AUDIO_BACKGROUND
com.oculus.permission.READ_SETTINGS
com.oculus.permission.WRITE_SETTINGS
com.oculus.permission.READ_PACKAGE_SETTINGS
com.oculus.permission.WRITE_PACKAGE_SETTINGS
com.oculus.permission.READ_FOCUS_STATE
com.oculus.permission.REPORT_EVENTS
com.oculus.permission.REPORT_EVENTS_DEBUG
com.oculus.browser.permission.C2D_MESSAGE
com.oculus.browser.permission.READ_WRITE_BOOKMARK_FOLDERS
com.oculus.browser.TOS_ACKED
com.chrome.permission.DEVICE_EXTRAS
com.google.android.c2dm.permission.RECEIVE
com.google.android.apps.now.CURRENT_ACCOUNT_ACCESS
com.oculus.permission.HAND_TRACKING
com.oculus.permission.PASSTHROUGH
com.oculus.permission.ACCESS_TRACKING_ENV
com.oculus.permission.USE_ANCHOR_API
com.oculus.permission.PLANE_TRACKING
com.oculus.permission.BOUNDARY_VISIBILITY
com.oculus.permission.USE_SCENE
com.oculus.permission.TOUCH_CONTROLLER_PRO
android.permission.SYSTEM_ALERT_WINDOW
android.permission.USE_BIOMETRIC
com.oculus.permission.DEVICE_CONFIG_PUSH_TO_CLIENT

Receivers

org.chromium.chrome.browser.safe_browsing.PasswordProtectionBroadcastReceiver

com.android.chrome.safe_browsing.LOGIN

com.oculus.browser.PackageBroadcastReceiver

android.intent.action.PACKAGE_FULLY_REMOVED

org.chromium.chrome.browser.quickactionsearchwidget.QuickActionSearchWidgetProvider$QuickActionSearchWidgetProviderSearch

android.appwidget.action.APPWIDGET_UPDATE

org.chromium.chrome.browser.quickactionsearchwidget.QuickActionSearchWidgetProvider$QuickActionSearchWidgetProviderDino

android.appwidget.action.APPWIDGET_UPDATE

com.oculus.browser.fbns.FBNSNotificationsReceiver

com.oculus.vrnotifications.intent.action.SILENT_PAYLOAD

com.oculus.browser.PackageSettingsReceiver

com.oculus.intent.action.SYNC_PWA_SETTING

org.chromium.chrome.browser.notifications.NotificationServiceImpl$Receiver

org.chromium.chrome.browser.notifications.CLICK_NOTIFICATION
org.chromium.chrome.browser.notifications.CLOSE_NOTIFICATION
org.chromium.chrome.browser.notifications.PRE_UNSUBSCRIBE
org.chromium.chrome.browser.notifications.UNDO_UNSUBSCRIBE
org.chromium.chrome.browser.notifications.COMMIT_UNSUBSCRIBE

org.chromium.chrome.browser.notifications.permissions.NotificationPermissionChangeReceiver

android.app.action.APP_BLOCK_STATE_CHANGED

com.oculus.deviceconfigclient.DeviceConfigClientReceiver

oculus.intent.action.DC_SET_CLIENT_VALUES

com.oculus.deviceconfigclient.DeviceConfigClientDebugReceiver

oculus.intent.action.DC_EXPORT_CLIENT_ACCESS_LOG

Services

org.chromium.components.payments.PaymentDetailsUpdateService

org.chromium.intent.action.UPDATE_PAYMENT_DETAILS

com.oculus.browser.PanelService

com.oculus.vrshell.SHELL_MAIN

org.chromium.chrome.browser.media.ui.ChromeMediaNotificationControllerServices$PlaybackListenerService1

android.intent.action.MEDIA_BUTTON

org.chromium.chrome.browser.media.ui.ChromeMediaNotificationControllerServices$PlaybackListenerService2

android.intent.action.MEDIA_BUTTON

org.chromium.chrome.browser.media.ui.ChromeMediaNotificationControllerServices$PlaybackListenerService3

android.intent.action.MEDIA_BUTTON

org.chromium.chrome.browser.media.ui.ChromeMediaNotificationControllerServices$PlaybackListenerService4

android.intent.action.MEDIA_BUTTON

org.chromium.chrome.browser.media.ui.ChromeMediaNotificationControllerServices$PlaybackListenerService5

android.intent.action.MEDIA_BUTTON

org.chromium.chrome.browser.media.ui.ChromeMediaNotificationControllerServices$PlaybackListenerService6

android.intent.action.MEDIA_BUTTON

org.chromium.chrome.browser.media.ui.ChromeMediaNotificationControllerServices$PlaybackListenerService7

android.intent.action.MEDIA_BUTTON

org.chromium.chrome.browser.media.ui.ChromeMediaNotificationControllerServices$PresentationListenerService

android.intent.action.MEDIA_BUTTON

org.chromium.chrome.browser.media.ui.ChromeMediaNotificationControllerServices$CastListenerService

android.intent.action.MEDIA_BUTTON

Android Permissions

Browser_34.4.0.51.164.632504017.apk

Permissions

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_NETWORK_STATE

android.permission.DOWNLOAD_WITHOUT_NOTIFICATION

android.permission.FOREGROUND_SERVICE

android.permission.FOREGROUND_SERVICE_MEDIA_PLAYBACK

android.permission.FOREGROUND_SERVICE_DATA_SYNC

android.permission.FOREGROUND_SERVICE_SPECIAL_USE

android.permission.FOREGROUND_SERVICE_LOCATION

android.permission.FOREGROUND_SERVICE_MICROPHONE

android.permission.RUN_USER_INITIATED_JOBS

android.permission.INTERNET

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.POST_NOTIFICATIONS

android.permission.QUERY_ALL_PACKAGES

android.permission.READ_EXTERNAL_STORAGE

android.permission.VIBRATE

android.permission.READ_PRIVILEGED_PHONE_STATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.RECORD_AUDIO

android.permission.USE_CREDENTIALS

android.permission.WAKE_LOCK

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.CREDENTIAL_MANAGER_QUERY_CANDIDATE_CREDENTIALS

android.permission.CREDENTIAL_MANAGER_SET_ALLOWED_PROVIDERS

android.permission.CREDENTIAL_MANAGER_SET_ORIGIN

com.oculus.vrshell.permission.ACCESS_PANEL_ACTIVITY_FEATURES

com.oculus.vrshell.permission.THEATER_VIEW_SERVICE

com.oculus.vrshell.BrowserTheaterViewRequestBroadcastReceiverPermission

com.oculus.vrshell.permission.BROWSER_DUI_REPLACEMENT

com.oculus.horizon.FBCONNECT_CONTENT_PROVIDER_READ_ACCESS

com.oculus.permission.PLAY_AUDIO_BACKGROUND

com.oculus.permission.RECORD_AUDIO_BACKGROUND

com.oculus.permission.READ_SETTINGS

com.oculus.permission.WRITE_SETTINGS

com.oculus.permission.READ_PACKAGE_SETTINGS

com.oculus.permission.WRITE_PACKAGE_SETTINGS

com.oculus.permission.READ_FOCUS_STATE

com.oculus.permission.REPORT_EVENTS

com.oculus.permission.REPORT_EVENTS_DEBUG

com.oculus.browser.permission.C2D_MESSAGE

com.oculus.browser.permission.READ_WRITE_BOOKMARK_FOLDERS

com.oculus.browser.TOS_ACKED

com.chrome.permission.DEVICE_EXTRAS

com.google.android.c2dm.permission.RECEIVE

com.google.android.apps.now.CURRENT_ACCOUNT_ACCESS

com.oculus.permission.HAND_TRACKING

com.oculus.permission.PASSTHROUGH

com.oculus.permission.ACCESS_TRACKING_ENV

com.oculus.permission.USE_ANCHOR_API

Resubmissions

Sharing

General

Malware Config

Signatures

Files

com.oculus.browser

com.oculus.browser.PanelActivity

Activities

org.chromium.chrome.browser.media.MediaLauncherActivity

org.chromium.chrome.browser.dragdrop.DragAndDropLauncherActivity

org.chromium.chrome.browser.incognito.IncognitoTabLauncher

com.oculus.browser.PermissionsRequestActivity

org.chromium.chrome.browser.browserservices.ManageTrustedWebActivityDataActivity

org.chromium.chrome.browser.webauth.authenticator.CableAuthenticatorUSBActivity

com.oculus.browser.WebVRActivity

com.oculus.browser.WebVRVolumeActivity

com.oculus.browser.PanelActivity

Permissions

Receivers

org.chromium.chrome.browser.safe_browsing.PasswordProtectionBroadcastReceiver

com.oculus.browser.PackageBroadcastReceiver

org.chromium.chrome.browser.quickactionsearchwidget.QuickActionSearchWidgetProvider$QuickActionSearchWidgetProviderSearch

org.chromium.chrome.browser.quickactionsearchwidget.QuickActionSearchWidgetProvider$QuickActionSearchWidgetProviderDino

com.oculus.browser.fbns.FBNSNotificationsReceiver

com.oculus.browser.PackageSettingsReceiver

org.chromium.chrome.browser.notifications.NotificationServiceImpl$Receiver

org.chromium.chrome.browser.notifications.permissions.NotificationPermissionChangeReceiver

com.oculus.deviceconfigclient.DeviceConfigClientReceiver

com.oculus.deviceconfigclient.DeviceConfigClientDebugReceiver

Services

org.chromium.components.payments.PaymentDetailsUpdateService

com.oculus.browser.PanelService

org.chromium.chrome.browser.media.ui.ChromeMediaNotificationControllerServices$PlaybackListenerService1

org.chromium.chrome.browser.media.ui.ChromeMediaNotificationControllerServices$PlaybackListenerService2

org.chromium.chrome.browser.media.ui.ChromeMediaNotificationControllerServices$PlaybackListenerService3

org.chromium.chrome.browser.media.ui.ChromeMediaNotificationControllerServices$PlaybackListenerService4

org.chromium.chrome.browser.media.ui.ChromeMediaNotificationControllerServices$PlaybackListenerService5

org.chromium.chrome.browser.media.ui.ChromeMediaNotificationControllerServices$PlaybackListenerService6

org.chromium.chrome.browser.media.ui.ChromeMediaNotificationControllerServices$PlaybackListenerService7

org.chromium.chrome.browser.media.ui.ChromeMediaNotificationControllerServices$PresentationListenerService

org.chromium.chrome.browser.media.ui.ChromeMediaNotificationControllerServices$CastListenerService

Android Permissions

Browser_34.4.0.51.164.632504017.apk