xamalicious | com[.]companyname[.]easycheckio-Signed[.]apk

General

Target

com.companyname.easycheckio-Signed.apk
Size

83.9MB
MD5

e64b45ae038b5436ee1feec64a480d59
SHA1

8d991eee0a721bb6a539278fb41664e8649193af
SHA256

8df77bb1fcd93ea07dc6bde82ad856dd8097cf0850cdb8942cf50016491424d6
SHA512

42e4493af61fdf4be222d0e11c0e8e3d7461139a170d001363de631fafb31c677d7759efc36c85b321f19f27f2b6e019c6b4f4f4d75428a345bccdbea9e0db9a
SSDEEP

1572864:7JKxcPMjofNYAU++Exi9+tEI8uCUDScwSOJMA9vf3cU:7oKQMC++eztEI8ubDrjMMA1cU

Score

10^/10

xamalicious

Android Xamalicious payload 1 IoCs

Processes:

resource	yara_rule
sample	family_xamalicious

Requests dangerous framework permissions 3 IoCs

Processes:

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application a broad access to external storage in scoped storage.	android.permission.MANAGE_EXTERNAL_STORAGE

Permissions

android.permission.ACCESS_NETWORK_STATE

android.permission.INTERNET

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.MANAGE_EXTERNAL_STORAGE

com.companyname.easycheckio.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION