d2Clfn9[.]apk | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d2Clfn9.apk
Size

3.3MB
MD5

d2db6e7df106b8fd119646374fe9b42c
SHA1

903c388e1854a195d905284cd7f8605a0e371c6b
SHA256

a05832ce3716afb1fcccf46f348006d2a296ca777e1ff3d223797dc74d06b31f
SHA512

323ef956618d46a01cf2bd27c1af997b76dc34b834e3b5f0c960b733b5be37514d264402ed14718de616cadb0dc5ae2040a3da31162cb8c8c0db659a51360697
SSDEEP

49152:FsznzL8YVNKj3cj3F59O7CS51KSCVltoePkr42dIR+9wRm:FszztV/ihmluePkh9wRm

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 1 IoCs

description	ioc
Allows an app to post notifications.	android.permission.POST_NOTIFICATIONS

Files

d2Clfn9.apk
.apk android arch:arm64 arch:arm arch:x86 arch:x64

moe.shizuku.privileged.api

moe.shizuku.manager.MainActivity

Activities

moe.shizuku.manager.MainActivity

android.intent.action.MAIN

moe.shizuku.manager.settings.SettingsActivity

android.intent.action.APPLICATION_PREFERENCES

moe.shizuku.manager.authorization.RequestPermissionActivity

moe.shizuku.privileged.api.intent.action.REQUEST_PERMISSION

moe.shizuku.manager.legacy.ShellRequestHandlerActivity

rikka.shizuku.intent.action.REQUEST_BINDER

moe.shizuku.manager.legacy.LegacyIsNotSupportedActivity

moe.shizuku.privileged.api.intent.action.REQUEST_AUTHORIZATION

Permissions

android.permission.RECEIVE_BOOT_COMPLETED
android.permission.FOREGROUND_SERVICE
moe.shizuku.manager.permission.MANAGER
android.permission.INTERNET
android.permission.POST_NOTIFICATIONS
moe.shizuku.privileged.api.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

Receivers

moe.shizuku.manager.receiver.BootCompleteReceiver

android.intent.action.LOCKED_BOOT_COMPLETED
android.intent.action.BOOT_COMPLETED

moe.shizuku.manager.receiver.ShizukuReceiver

rikka.shizuku.intent.action.REQUEST_BINDER

Services

Android Permissions

d2Clfn9.apk

Permissions

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.FOREGROUND_SERVICE

moe.shizuku.manager.permission.MANAGER

android.permission.INTERNET

android.permission.POST_NOTIFICATIONS

moe.shizuku.privileged.api.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION