slocker | 5251a356421340a45c8dc6d431ef8a8cbca4078a0305a87f4fbd552e9fc0793e[.]zip

General

Target

5251a356421340a45c8dc6d431ef8a8cbca4078a0305a87f4fbd552e9fc0793e.zip
Size

2.5MB
MD5

53d02e860e16e5b6506bc1555b42b2e3
SHA1

1595c41c846043a8faf35fbeb5764a2302fa8bb0
SHA256

3d825a4433f9daf33ccf4fb53a4c5f9541ee0a62022f8e01c303bc021778c7a7
SHA512

3bc78b7e0728ba9bba9778e537e0b37c35efaa88e0ee947fd72c5e4e21092b294ead1982ce09583cf620cf6f6df0ee71f212ed642cd54ad3674fef73c37ce1c1
SSDEEP

49152:SXY4BzpupvlcvX4rYLEA40YTVUNzd4wmLoBy/uVu4Whtk+0OK6Kz2vR:AYg929cPtH4kil8tikBMZ

Score

10^/10

slocker

SLocker payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/5251a356421340a45c8dc6d431ef8a8cbca4078a0305a87f4fbd552e9fc0793e.apk	family_slocker_1

Requests dangerous framework permissions 7 IoCs

Processes:

description	ioc
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Required to be able to access the camera device.	android.permission.CAMERA

5251a356421340a45c8dc6d431ef8a8cbca4078a0305a87f4fbd552e9fc0793e.zip
.zip

Password: infected
5251a356421340a45c8dc6d431ef8a8cbca4078a0305a87f4fbd552e9fc0793e.apk
.apk android

com.XPhantom.id

com.XPhantom.id.MainActivity

Activities

com.XPhantom.id.MainActivity

android.intent.action.MAIN

Permissions

android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.SET_WALLPAPER
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_CONTACTS
android.permission.READ_SMS
android.permission.ACCESS_FINE_LOCATION
android.permission.WAKE_LOCK
android.permission.INTERNET
android.permission.REQUEST_INSTALL_PACKAGE
android.permission.CAMERA

Receivers

com.XPhantom.id.BootReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

Services