74639dd500933f5a8edfe7db76a30433[.]zip

General

Target

74639dd500933f5a8edfe7db76a30433.zip
Size

4.4MB
MD5

ea0c37fb8d4b3d9860acddd5e5e7fb68
SHA1

497ac37d47e618fe8bbc528b6538184420750531
SHA256

feed1181a5597c394a1d9dd8351851a15f984f611899b1e5b3e28eabdc770086
SHA512

131568c805e95837e56feb4ec71594751e93288bad9aedbf86feeb9f1d6cfe4e768a1e9185303b71ea5eb1ef37b558a3d822398d50a0d31b822d73efc732200c
SSDEEP

98304:h9jn359op/Z5HUhW7tfV3LhfsWryr02FPhKziGTh47pAF7g6m:zb3Av5EW7BFJrM0OJKziGTcCF7g

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 6 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE

Files

74639dd500933f5a8edfe7db76a30433.zip
.zip .ps1 polyglot

Password: infected
b1f994a7298e65e3066f29a2120b7ccdb60a097cbc4c69f7e9dfa0d9d549bbfd
.apk android

Password: infected

ch.nth.android.contentabo_l01_sim_univ

ch.nth.android.contentabo_l01.activities.SplashActivity

Activities

ch.nth.android.contentabo_l01.activities.SplashActivity

android.intent.action.MAIN

ch.nth.android.contentabo_l01.activities.MainActivity

android.intent.action.SEARCH

ch.nth.android.contentabo_l01.activities.UpdateAppWithMobileDialogActivity

ch.nth.contentabo.action.install

Permissions

ch.nth.android.contentabo_l01_sim_univ.permission.C2D_MESSAGE
com.google.android.c2dm.permission.RECEIVE
android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.SEND_SMS
android.permission.RECEIVE_SMS
android.permission.WRITE_SMS
android.permission.READ_SMS
android.permission.WAKE_LOCK
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED

Receivers

ch.nth.android.contentabo.common.recivers.SMSBroadcastReceiver

android.provider.Telephony.SMS_RECEIVED

ch.nth.android.contentabo.common.recivers.SMSSentBroadcastReceiver

ch.nth.android.action.FIRST_SMS_SENT
ch.nth.android.action.SECOND_SMS_SENT

ch.nth.android.contentabo_l01.service.AlarmReceiver

ch.nth.android.action.START_APP_UPDATE
ch.nth.android.action.CHECK_SPENDING_LIMIT
ch.nth.android.action.ACTION_SHOW_SPENDING_LIMIT_NOTIFICATION
android.intent.action.BOOT_COMPLETED

com.google.android.gcm.GCMBroadcastReceiver

com.google.android.c2dm.intent.RECEIVE
com.google.android.c2dm.intent.REGISTRATION

Services

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

ch.nth.android.contentabo_l01_sim_univ

ch.nth.android.contentabo_l01.activities.SplashActivity

Activities

ch.nth.android.contentabo_l01.activities.SplashActivity

ch.nth.android.contentabo_l01.activities.MainActivity

ch.nth.android.contentabo_l01.activities.UpdateAppWithMobileDialogActivity

Permissions

Receivers

ch.nth.android.contentabo.common.recivers.SMSBroadcastReceiver

ch.nth.android.contentabo.common.recivers.SMSSentBroadcastReceiver

ch.nth.android.contentabo_l01.service.AlarmReceiver

com.google.android.gcm.GCMBroadcastReceiver

Services