9caafab9291d2aefbe717ef8c8107ef0N[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

9caafab9291d2aefbe717ef8c8107ef0N.zip
Size

7.6MB
MD5

9caafab9291d2aefbe717ef8c8107ef0
SHA1

73ed97fadd96e8dad00a60d7a5373385420af284
SHA256

599ca6200dda0809cbf90f7bc868be2e7e02c2cb1eb6909142827ef3b2b8586b
SHA512

faf32aff1708a521fc29d62f31215eaf48aa90b1f550cc3bd69702d03439e48e8ae7a442515ee1b0b580cd717f61737103ee2aa88b6fec35a3f0abad40dcd13e
SSDEEP

196608:iTfwuJ55xmT1y+Zy98814I+jg9MBrrG5AfpCgvEaspLW/:iTY855ehkX17+jF3LogvE5pLW/

Score

6^/10

Malware Config

Signatures

Attempts to obfuscate APK file format
Applies obfuscation techniques to the APK format in order to hinder analysis

Declares services with permission to bind to the system 2 IoCs

description	ioc
Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device.	android.permission.BIND_NOTIFICATION_LISTENER_SERVICE
Required by accessibility services to bind with the system. Allows apps to access accessibility features.	android.permission.BIND_ACCESSIBILITY_SERVICE

Requests dangerous framework permissions 4 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application a broad access to external storage in scoped storage.	android.permission.MANAGE_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES

Files

9caafab9291d2aefbe717ef8c8107ef0N.zip
.apk android

Password: infected

com.ddxkjuiwekjcewew3jkdsiuc.app

com.ddxkjuiwekjcewew3jkdsiuc.app.MainActivity

Activities

com.ddxkjuiwekjcewew3jkdsiuc.app.MainActivity

android.intent.action.MAIN

Permissions

android.permission.WRITE_SYNC_SETTINGS
android.permission.READ_EXTERNAL_STORAGE
android.permission.MANAGE_EXTERNAL_STORAGE
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.REQUEST_INSTALL_PACKAGES
asd.apk
.apk android

Password: infected

com.ddbklciodsxkjwejkfwe3jkkjc.security

com.ddbklciodsxkjwejkfwe3jkkjc.security.MainActivity

Activities

com.ddbklciodsxkjwejkfwe3jkkjc.security.MainActivity

android.ffa.action.START_SERVICE

Permissions

android.permission.REQUEST_DELETE_PACKAGES
android.permission.CAMERA
android.permission.READ_CONTACTS
android.permission.READ_EXTERNAL_STORAGE
android.permission.PROCESS_OUTGOING_CALLS
android.permission.BLUETOOTH_CONNECT
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_CONTACTS
android.permission.WRITE_CALL_LOG
android.permission.ACTION_MANAGE_OVERLAY_PERMISSION
android.permission.READ_SMS
android.permission.ACCESS_BACKGROUND_LOCATION
android.permission.SYSTEM_ALERT_WINDOW
android.permission.ANSWER_PHONE_CALLS
android.permission.RECORD_AUDIO
android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.BLUETOOTH_ADMIN
android.permission.BLUETOOTH
android.permission.READ_PHONE_NUMBERS
android.permission.READ_CALL_LOG
android.permission.RECEIVE_SMS
android.permission.WAKE_LOCK
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.RECEIVE_LAUNCH_BROADCASTS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.CHANGE_WIFI_STATE
android.permission.FOREGROUND_SERVICE
android.permission.CALL_PHONE
android.permission.DISABLE_KEYGUARD

Receivers

com.ddbklciodsxkjwejkfwe3jkkjc.security.cast.CallMyListener

android.media.RINGER_MODE_CHANGED
android.intent.action.ACTION_SHUTDOWN
android.intent.action.BATTERY_LOW
android.intent.action.SCREEN_OFF
android.intent.action.USER_PRESENT
android.intent.action.SCREEN_ON
android.intent.action.USER_UNLOCKED
android.intent.action.BATTERY_OKAY
android.intent.action.CONFIGURATION_CHANGED
android.intent.action.REBOOT
android.intent.action.NEW_OUTGOING_CALL
android.intent.action.REBOOT
android.intent.action.PHONE_STATE
android.intent.action.BATTERY_CHANGED
android.intent.action.BOOT_COMPLETED
android.intent.action.ACTION_SHUTDOWN
android.intent.action.MEDIA_MOUNTED
android.intent.action.MEDIA_UNMOUNTED

Services

com.ddbklciodsxkjwejkfwe3jkkjc.security.NotificationReceiverService

android.service.notification.NotificationListenerService

com.ddbklciodsxkjwejkfwe3jkkjc.security.services.AccessServ

android.accessibilityservice.AccessibilityService
base.apk
.apk android

Password: infected

com.ddbklciodsxkjwejkfwe3jkkjc.security

com.ddbklciodsxkjwejkfwe3jkkjc.security.MainActivity

Activities

com.ddbklciodsxkjwejkfwe3jkkjc.security.MainActivity

android.ffa.action.START_SERVICE

Permissions

android.permission.BLUETOOTH_ADMIN
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_CONTACTS
android.permission.RECORD_AUDIO
android.permission.ACCESS_FINE_LOCATION
android.permission.ACTION_MANAGE_OVERLAY_PERMISSION
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.REQUEST_DELETE_PACKAGES
android.permission.READ_PHONE_STATE
android.permission.WRITE_CALL_LOG
android.permission.CHANGE_WIFI_STATE
android.permission.INTERNET
android.permission.FOREGROUND_SERVICE
android.permission.READ_SMS
android.permission.ACCESS_BACKGROUND_LOCATION
android.permission.PROCESS_OUTGOING_CALLS
android.permission.CALL_PHONE
android.permission.WAKE_LOCK
android.permission.CAMERA
android.permission.READ_PHONE_NUMBERS
android.permission.RECEIVE_LAUNCH_BROADCASTS
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.ACCESS_COARSE_LOCATION
android.permission.SYSTEM_ALERT_WINDOW
android.permission.ACCESS_WIFI_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.BLUETOOTH
android.permission.DISABLE_KEYGUARD
android.permission.READ_CALL_LOG
android.permission.RECEIVE_SMS
android.permission.WRITE_CONTACTS
android.permission.ANSWER_PHONE_CALLS
android.permission.ACCESS_NETWORK_STATE

Services

com.ddbklciodsxkjwejkfwe3jkkjc.security.NotificationReceiverService

android.service.notification.NotificationListenerService

Android Permissions

9caafab9291d2aefbe717ef8c8107ef0N.zip

Permissions

android.permission.WRITE_SYNC_SETTINGS

android.permission.READ_EXTERNAL_STORAGE

android.permission.MANAGE_EXTERNAL_STORAGE

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.REQUEST_INSTALL_PACKAGES

Sharing

General

Malware Config

Signatures

Files

Password: infected

com.ddxkjuiwekjcewew3jkdsiuc.app

com.ddxkjuiwekjcewew3jkdsiuc.app.MainActivity

Activities

com.ddxkjuiwekjcewew3jkdsiuc.app.MainActivity

Permissions

Password: infected

com.ddbklciodsxkjwejkfwe3jkkjc.security

com.ddbklciodsxkjwejkfwe3jkkjc.security.MainActivity

Activities

com.ddbklciodsxkjwejkfwe3jkkjc.security.MainActivity

Permissions

Receivers

com.ddbklciodsxkjwejkfwe3jkkjc.security.cast.CallMyListener

Services

com.ddbklciodsxkjwejkfwe3jkkjc.security.NotificationReceiverService

com.ddbklciodsxkjwejkfwe3jkkjc.security.services.AccessServ

Password: infected

com.ddbklciodsxkjwejkfwe3jkkjc.security

com.ddbklciodsxkjwejkfwe3jkkjc.security.MainActivity

Activities

com.ddbklciodsxkjwejkfwe3jkkjc.security.MainActivity

Permissions

Services

com.ddbklciodsxkjwejkfwe3jkkjc.security.NotificationReceiverService

Android Permissions

9caafab9291d2aefbe717ef8c8107ef0N.zip