General

  • Target

    c12d17b6f0ff858fc7e8e39b12217e23d1653c864c3f581ab4e2a2868a088cda

  • Size

    16.6MB

  • MD5

    6251e4b919dc2c7ca3c762542f81ce67

  • SHA1

    b5fb56ce8ecda3b89c7ffbdfc72d9b8974a05bdb

  • SHA256

    c12d17b6f0ff858fc7e8e39b12217e23d1653c864c3f581ab4e2a2868a088cda

  • SHA512

    c2cf3f5dd6d8bd2af3d87530e2d5973e080a007525d718289136f23fbcf723e06c4fb5d18ea6762fbd91bdd5e279e5ab4ef0e4e82ab45e26121025cc919a9a5a

  • SSDEEP

    393216:m7PCMSrWcIvgyz4Jd6AiewLZQTtmIFWctC0y0bz:kC9KcugyQkFewmp5FU0l

Score
6/10

Malware Config

Signatures

  • Attempts to obfuscate APK file format

    Applies obfuscation techniques to the APK format in order to hinder analysis

  • Declares services with permission to bind to the system 1 IoCs
  • Requests dangerous framework permissions 1 IoCs

Files

  • c12d17b6f0ff858fc7e8e39b12217e23d1653c864c3f581ab4e2a2868a088cda
    .apk android arch:x64 arch:arm64 arch:arm arch:x86

    efforts.meridian.dock.diagnosis

    com.wish.defaultcallservice.activity.ValidActivityV


  • app2.apk
    .apk android arch:x64 arch:arm64 arch:arm arch:x86

    root.detachment.reaches

    com.wish.lmbank.activity.LauncherActivity


Android Permissions

c12d17b6f0ff858fc7e8e39b12217e23d1653c864c3f581ab4e2a2868a088cda

Permissions

android.permission.INTERNET

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.INSTALL_PACKAGES

android.permission.FOREGROUND_SERVICE

android.permission.REQUEST_DELETE_PACKAGES