otpstealer | псб_кабинет_личный_7504353566[.]apk | Triage

Resubmissions

22/08/2024, 13:47

240822-q3tgmazfjg 10

Sharing

General

Target

псб_кабинет_личный_7504353566.apk
Size

34.3MB
MD5

edd52e61ecf5ac3425d50c9c0089ea89
SHA1

7f56ec85a1defbcfbec2590de9bcb445bdf0f3ac
SHA256

6e2cbd8d83b67f5602d5c4286961ce725cc3d1214a56e1c407273401b4211434
SHA512

46dc52f487de1c912f76f216d0d68bb5186201216c616d570da92c169ee9a8632638b7b36f86640dc74f223f1c6cfa8a15070d02efa486493a79e7b0f8e7801f
SSDEEP

393216:WPw1wg7DxoGTOmy5UeirqyyqKkei7vvdwaEFso7ri/Gg+Pmu2D7YzYroYqp8B1s9:+wugZoGimHryxmHdwayiuAusxq+i9

Score

10^/10

otpstealer

Malware Config

Signatures

Otpstealer family
otpstealer

Otpstealer payload 1 IoCs

resource	yara_rule
sample	family_otpstealer

Requests dangerous framework permissions 1 IoCs

description	ioc
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS

Files

псб_кабинет_личный_7504353566.apk
.apk android arch:arm64 arch:arm

com.simplemobiletools.launcher

com.simplemobiletools.launcher.activities.MainActivity

Activities

com.simplemobiletools.launcher.activities.MainActivity

android.content.pm.action.CONFIRM_PIN_SHORTCUT
android.intent.action.MAIN

com.simplemobiletools.launcher.activities.SettingsActivity

android.intent.action.APPLICATION_PREFERENCES

Permissions

android.permission.INTERNET
android.permission.FOREGROUND_SERVICE
android.permission.RECEIVE_SMS
android.permission.QUERY_ALL_PACKAGES
android.permission.BIND_APPWIDGET
android.permission.REQUEST_DELETE_PACKAGES
android.permission.EXPAND_STATUS_BAR

Receivers

com.simplemobiletools.launcher.apper.MyReceiver

android.provider.Telephony.SMS_DELIVER
android.provider.Telephony.SMS_RECEIVED

com.simplemobiletools.commons.receivers.SharedThemeReceiver

com.simplemobiletools.commons.SHARED_THEME_ACTIVATED
com.simplemobiletools.commons.SHARED_THEME_UPDATED

androidx.profileinstaller.ProfileInstallReceiver

androidx.profileinstaller.action.INSTALL_PROFILE
androidx.profileinstaller.action.SKIP_FILE
androidx.profileinstaller.action.SAVE_PROFILE
androidx.profileinstaller.action.BENCHMARK_OPERATION

Services

Android Permissions

псб_кабинет_личный_7504353566.apk

Permissions

android.permission.INTERNET

android.permission.FOREGROUND_SERVICE

android.permission.RECEIVE_SMS

android.permission.QUERY_ALL_PACKAGES

android.permission.BIND_APPWIDGET

android.permission.REQUEST_DELETE_PACKAGES

android.permission.EXPAND_STATUS_BAR