com.unprefined.tsarevitch.sphygmomanometrically
android.intent.action.MAIN
android.intent.action.VIEW
General
-
Target
e7d6ce2ad7b816c2aeb19425d7a174ee6b04ea748abc84cb65eaaf2d408d430d.bin
-
Size
3.9MB
-
MD5
d7af53607ad462f1ace152be5c4bc79c
-
SHA1
dc7f8ed8b5de140adbe74719024c95be6efae9f7
-
SHA256
e7d6ce2ad7b816c2aeb19425d7a174ee6b04ea748abc84cb65eaaf2d408d430d
-
SHA512
a023143dd993724c4d2da5c1c7b267b461a1a83b610019c18950533b411dfece30f536468b4d9c1d74390e44067ac50d4c0d4a1cb78a07210dd15bd127111345
-
SSDEEP
98304:HwGuIdbuOsmIEWEA2uj2IL6ydhgavRkeTLCe:HoOuEuj2ILSekgCe
Score
10/10
Malware Config
Extracted
Family
godfather
C2
https://t.me/tumonokasiperake
Signatures
-
Godfather family
-
Declares services with permission to bind to the system 1 IoCs
-
Requests dangerous framework permissions 1 IoCs
Files
-
e7d6ce2ad7b816c2aeb19425d7a174ee6b04ea748abc84cb65eaaf2d408d430d.bin
com.unprefined.tsarevitch
com.unprefined.tsarevitch.sphygmomanometrically
Android Permissions
e7d6ce2ad7b816c2aeb19425d7a174ee6b04ea748abc84cb65eaaf2d408d430d.bin
Permissions
android.permission.INTERNET
android.permission.FOREGROUND_SERVICE
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.WAKE_LOCK
android.permission.POST_NOTIFICATIONS
android.permission.QUERY_ALL_PACKAGES
com.unprefined.tsarevitch.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION