Target
Delta_X-2.640.730.apk
Size
174.1MB
MD5
32ad74a3f7e1c46966c74611d16c8c6d
SHA1
56d4d5ebe8bd80bc653e94c3ab236358a8cc5b3a
SHA256
645bf4274a0145ef206987d646309640920c05473ea8c65e07ad88eb4f237181
SHA512
17138e52969370c62f6e737f2ef6077882bdd6b661b38c3d49dd858d6dfa67b35ea10daebb5e0c97335028e84be9a6703a520d8087e965928096a142ba1b17d0
SSDEEP
3145728:s8Hy1RCAMLEsstDC6+C6/zugMvZDP5YI+CrY7mf/W0o+3XDL6Sp1m37X8BsR+Fdm:s8gR1YEskS/zqJ5YIlrYCtoLSpw37X8c
Office document macro which triggers in special circumstances - often malicious.
| resource | yara_rule |
|---|---|
| sample | office_macro_on_action |
| description | ioc |
|---|---|
| Allows an app to post notifications. | android.permission.POST_NOTIFICATIONS |
| Allows an application to read the user's contacts data. | android.permission.READ_CONTACTS |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE |
| Allows an application a broad access to external storage in scoped storage. | android.permission.MANAGE_EXTERNAL_STORAGE |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE |
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.MAIN
android.permission.BLUETOOTH
android.permission.POST_NOTIFICATIONS
android.permission.VIBRATE
com.android.vending.BILLING
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.READ_CONTACTS
android.permission.FOREGROUND_SERVICE
android.permission.FOREGROUND_SERVICE_DATA_SYNC
android.permission.USE_FULL_SCREEN_INTENT
android.permission.DISABLE_KEYGUARD
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MANAGE_EXTERNAL_STORAGE
com.google.android.gms.permission.AD_ID
android.permission.READ_EXTERNAL_STORAGE
android.permission.ACCESS_ADSERVICES_ATTRIBUTION
com.huawei.appmarket.service.commondata.permission.GET_COMMON_DATA
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
android.permission.WAKE_LOCK
com.google.android.c2dm.permission.RECEIVE
com.roblox.client.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION
com.google.android.gms.auth.api.phone.SMS_RETRIEVED
android.intent.action.MY_PACKAGE_REPLACED
com.android.vending.INSTALL_REFERRER
com.google.android.c2dm.intent.RECEIVE
com.google.firebase.MESSAGING_EVENT
com.google.firebase.MESSAGING_EVENT
android.permission.BLUETOOTH
android.permission.POST_NOTIFICATIONS
android.permission.VIBRATE
com.android.vending.BILLING
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.READ_CONTACTS
android.permission.FOREGROUND_SERVICE
android.permission.FOREGROUND_SERVICE_DATA_SYNC
android.permission.USE_FULL_SCREEN_INTENT
android.permission.DISABLE_KEYGUARD
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MANAGE_EXTERNAL_STORAGE
com.google.android.gms.permission.AD_ID
android.permission.READ_EXTERNAL_STORAGE
android.permission.ACCESS_ADSERVICES_ATTRIBUTION
com.huawei.appmarket.service.commondata.permission.GET_COMMON_DATA
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
android.permission.WAKE_LOCK
com.google.android.c2dm.permission.RECEIVE
com.roblox.client.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION