General

  • Target

    47f16dcf2d93dfaa610f6d00b7edb0fb3049f1c69f1e19bd87df9647e74dd229.bin

  • Size

    1.4MB

  • MD5

    2684425e71385a53e90a0b138d0578c6

  • SHA1

    e81b450057ed4d1c574dfcec05b4dda686d18d38

  • SHA256

    47f16dcf2d93dfaa610f6d00b7edb0fb3049f1c69f1e19bd87df9647e74dd229

  • SHA512

    18a7a57ba4d08ac84c33e0166d79549e6b973c2ccddf694f0db317dccd3957dbc7acdf632045728bff7f54b8289f45a822999e15f1259e3d5976da0daa733a42

  • SSDEEP

    24576:rY4XaRaTFTvHpKp/ZlQqgwSRyLjKp3tgdYu+D9WQfNFXs7uiOScyarfCeS9HxVgs:rY4aRaTFjHpKdZlPvSRyLjK3gdY99WQA

Score
6/10

Malware Config

Signatures

  • Attempts to obfuscate APK file format

    Applies obfuscation techniques to the APK format in order to hinder analysis

  • Declares broadcast receivers with permission to handle system events 1 IoCs
  • Declares services with permission to bind to the system 2 IoCs
  • Requests dangerous framework permissions 34 IoCs

Files

  • 47f16dcf2d93dfaa610f6d00b7edb0fb3049f1c69f1e19bd87df9647e74dd229.bin
    .apk android arch:arm64 arch:arm arch:x64 arch:x86

    com.behave.shuffle

    com.elbow.p045l


Android Permissions

47f16dcf2d93dfaa610f6d00b7edb0fb3049f1c69f1e19bd87df9647e74dd229.bin

Permissions

com.oppo.launcher.permission.WRITE_SETTINGS

com.oplus.permission.safe.SAU

android.permission.ACCESS_ADSERVICES_ATTRIBUTION

android.permission.FOREGROUND_SERVICE

android.permission.REQUEST_COMPANION_RUN_IN_BACKGROUND

android.permission.ACCESS_NOTIFICATION_POLICY

android.permission.WAKE_LOCK

com.google.android.providers.gsf.permission.READ_GSERVICES

android.permission.MANAGE_EXTERNAL_STORAGE

heytap.permission.cloud.ACCESS_CLOUD

android.permission.WRITE_MEDIA_STORAGE

android.permission.REQUEST_DELETE_PACKAGES

android.permission.WRITE_SETTINGS

android.permission.READ_SMS

android.permission.MANAGE_APP_OPS_MODES

com.oplus.permission.safe.POWER

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.WRITE_EXTERNAL_STORAGE

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

com.oppo.permission.safe.SECURITY

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS

android.permission.WRITE_EXTERNAL_STORAGE

com.oplus.permission.safe.BACKUP

android.permission.ACCESS_COARSE_LOCATION

android.permission.WRITE_CONTACTS

android.permission.DELETE_PACKAGES

android.permission.PEERS_MAC_ADDRESS

android.permission.INTERNET

android.permission.MANAGE_USERS

android.permission.VIBRATE

android.permission.FORCE_STOP_PACKAGES

com.coloros.operationManual.permission.tipsprovider

android.permission.FOREGROUND_SERVICE

android.permission.POST_NOTIFICATIONS

android.permission.BATTERY_STATS

com.google.android.gms.permission.ACTIVITY_RECOGNITION

com.oppo.permission.safe.BACKUP

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.ACCESS_NETWORK_STATE

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.POST_NOTIFICATIONS

android.permission.FOREGROUND_SERVICE_LOCATION

com.xiaomi.permission.ACCESS_SECURE_ELEMENT

android.permission.ACCESS_WIFI_STATE

android.permission.REQUEST_DELETE_PACKAGES

android.permission.READ_MEDIA_IMAGES

android.permission.CALL_PHONE

android.permission.WAKE_LOCK

android.permission.WAKE_LOCK