otpstealer | Psb_corporate_banking_All_formul_7504353566[.]apk | Triage

Resubmissions

22-08-2024 10:05

240822-l4xhfstflk 10

22-08-2024 09:56

240822-lybzkazhjc 10

Sharing

General

Target

Psb_corporate_banking_All_formul_7504353566.apk
Size

34.3MB
MD5

1ff659dbcd08e0e755de59bef788efde
SHA1

ea61a2bd9113b439680bddcebcc7d165d13039ab
SHA256

1c9a08f1b9e7a8d360d7e63b8a83fd726db4197b0840168a50ae8c3ce7a922d0
SHA512

1bc058fa1332ddacc5f0473ec932061ca26bb6e800c7ab98f1d22ff9958700ebf24106b02df2b4a09281d681da774889a8f8da65909e7752aab2d0f8dfe211b1
SSDEEP

393216:Wg+Pmu2D7lPw1wg7DxoGTOmy5UeirqyyqKYvdwaEFso7rzczYroYqp8B1sy2Dq53:WAuQwugZoGimHryxadwaydxq+iVDpu

Score

10^/10

otpstealer

Malware Config

Signatures

Otpstealer family
otpstealer

Otpstealer payload 1 IoCs

resource	yara_rule
sample	family_otpstealer

Requests dangerous framework permissions 1 IoCs

description	ioc
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS

Files

Psb_corporate_banking_All_formul_7504353566.apk
.apk android arch:arm arch:arm64

com.simplemobiletools.launcher

com.simplemobiletools.launcher.activities.MainActivity

Activities

com.simplemobiletools.launcher.activities.MainActivity

android.content.pm.action.CONFIRM_PIN_SHORTCUT
android.intent.action.MAIN

com.simplemobiletools.launcher.activities.SettingsActivity

android.intent.action.APPLICATION_PREFERENCES

Permissions

android.permission.INTERNET
android.permission.FOREGROUND_SERVICE
android.permission.RECEIVE_SMS
android.permission.QUERY_ALL_PACKAGES
android.permission.BIND_APPWIDGET
android.permission.REQUEST_DELETE_PACKAGES
android.permission.EXPAND_STATUS_BAR

Receivers

com.simplemobiletools.launcher.apper.MyReceiver

android.provider.Telephony.SMS_DELIVER
android.provider.Telephony.SMS_RECEIVED

com.simplemobiletools.commons.receivers.SharedThemeReceiver

com.simplemobiletools.commons.SHARED_THEME_ACTIVATED
com.simplemobiletools.commons.SHARED_THEME_UPDATED

androidx.profileinstaller.ProfileInstallReceiver

androidx.profileinstaller.action.INSTALL_PROFILE
androidx.profileinstaller.action.SKIP_FILE
androidx.profileinstaller.action.SAVE_PROFILE
androidx.profileinstaller.action.BENCHMARK_OPERATION

Services

Android Permissions

Psb_corporate_banking_All_formul_7504353566.apk

Permissions

android.permission.INTERNET

android.permission.FOREGROUND_SERVICE

android.permission.RECEIVE_SMS

android.permission.QUERY_ALL_PACKAGES

android.permission.BIND_APPWIDGET

android.permission.REQUEST_DELETE_PACKAGES

android.permission.EXPAND_STATUS_BAR