Resubmissions

07/11/2024, 07:07

241107-hxxyvszraq 7

02/11/2024, 16:42

241102-t7nzgszeml 7

General

  • Target

    fabdf6f305ed33293ffaac8651657426a6fa4a5bba79d95bf6b3ff481e9e6400

  • Size

    24.0MB

  • MD5

    d6f6290c38d02d54b744b611f9f552ea

  • SHA1

    a1c4f0da62946896a5ea8a3bb207586bf37b8452

  • SHA256

    fabdf6f305ed33293ffaac8651657426a6fa4a5bba79d95bf6b3ff481e9e6400

  • SHA512

    72836061d6c68390eddb7a94e36338bc8af88cd4f6dea28fd156ab86bd9aa265d4cfc2341701e745afc085c6c99997756796a543315eefb720dc9c3d42bf7550

  • SSDEEP

    393216:KKVIq36TYlbmOVf6VSmkNS1S9gu4ehUyA0uVnFk3q36TZvzzGCsuNpJbFk5fuE:MtsIOMVST4St0vVnFk3tR/tDdbFkBuE

Score
6/10

Malware Config

Signatures

  • Attempts to obfuscate APK file format

    Applies obfuscation techniques to the APK format in order to hinder analysis

  • Declares services with permission to bind to the system 2 IoCs
  • Requests dangerous framework permissions 4 IoCs

Files

  • fabdf6f305ed33293ffaac8651657426a6fa4a5bba79d95bf6b3ff481e9e6400
    .apk android arch:arm64 arch:arm

    Password: infected

    plnfexcq.fehlwuggm.kyxvb

    eu57.qw0j2f.o9doba


  • wavvzucu22.png
    .apk android

    Password: infected

    gqcvctl.msthh.swxgkyv

    com.service.zooxyfdm.PhoneCallzooxyfdmActivity


  • wavvzucu29.png
    .apk android arch:arm64 arch:arm

    Password: infected

    gqcvctl.msthh.swxgkyv

    com.service.zooxyfdm.RequestzooxyfdmActivity


Android Permissions

fabdf6f305ed33293ffaac8651657426a6fa4a5bba79d95bf6b3ff481e9e6400

Permissions

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.INTERNET

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.MANAGE_EXTERNAL_STORAGE