493d7817985ec344186af767841c59b5fa1b29b0071363a606baaafc834237f8[.]bin

General

Target

493d7817985ec344186af767841c59b5fa1b29b0071363a606baaafc834237f8.bin
Size

208KB
MD5

71dee152c04bfdd026bd8fb8e5544296
SHA1

6dd5305c562eec513c8955f93d827f28866ada35
SHA256

493d7817985ec344186af767841c59b5fa1b29b0071363a606baaafc834237f8
SHA512

83546ad8689327be7849cc31c082975d18c9d1e2f8d68a184131da9f38a712f0de705ee2adcf97f451e293744374085a6108d2b0f070029a7c6fc7848b1aae49
SSDEEP

6144:b38jvNJqZ/P7WIEqgQlGUoq3OIEuWJk1D:ojFmXSIbV7FyJk1D

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 9 IoCs

Processes:

description	ioc
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW

Files

493d7817985ec344186af767841c59b5fa1b29b0071363a606baaafc834237f8.bin
.apk android arch:arm64

l.clq.yfepwz

fiksrdu.O2Activity

Activities

fiksrdu.O2Activity

android.intent.action.MAIN

fiksrdu.BlActivity

android.intent.action.SEND
android.intent.action.SENDTO

fiksrdu.X2Activity

android.intent.action.MAIN

Permissions

android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.CALL_PHONE
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.DISABLE_KEYGUARD
android.permission.RECEIVE_BOOT_COMPLETED
ctapkqg.wvjhyqda.uwmd
kkxtpos.njwiabs.bdad
mfwfgay.tobifabc.bkjfqsq
android.permission.WAKE_LOCK
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_SMS
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.SEND_SMS
android.permission.DISABLE_KEYGUARD
android.permission.READ_CONTACTS
android.permission.CHANGE_WIFI_STATE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.READ_PROFILE

Receivers

fiksrdu.V4Receiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_ADDED

fiksrdu.ZbReceiver

android.provider.Telephony.SMS_DELIVER

fiksrdu.NeReceiver

android.provider.Telephony.WAP_PUSH_DELIVER

Services

fiksrdu.QsService

android.intent.action.RESPOND_VIA_MESSAGE

Android Permissions

493d7817985ec344186af767841c59b5fa1b29b0071363a606baaafc834237f8.bin

Permissions

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_NETWORK_STATE

android.permission.CALL_PHONE

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.DISABLE_KEYGUARD

android.permission.RECEIVE_BOOT_COMPLETED

ctapkqg.wvjhyqda.uwmd

kkxtpos.njwiabs.bdad

mfwfgay.tobifabc.bkjfqsq

android.permission.WAKE_LOCK

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_PHONE_STATE

android.permission.RECEIVE_SMS

android.permission.READ_SMS

android.permission.WRITE_SMS

android.permission.SEND_SMS

android.permission.DISABLE_KEYGUARD

android.permission.READ_CONTACTS

android.permission.CHANGE_WIFI_STATE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.READ_PROFILE

Sharing

General

Malware Config

Signatures

Files

l.clq.yfepwz

fiksrdu.O2Activity

Activities

fiksrdu.O2Activity

fiksrdu.BlActivity

fiksrdu.X2Activity

Permissions

Receivers

fiksrdu.V4Receiver

fiksrdu.ZbReceiver

fiksrdu.NeReceiver

Services

fiksrdu.QsService

Android Permissions

493d7817985ec344186af767841c59b5fa1b29b0071363a606baaafc834237f8.bin