a0c2671f650c0c513398ae285bd0aa8226f620eb7750b54513f7bc3fb9cc2b52[.]bin

General

Target

a0c2671f650c0c513398ae285bd0aa8226f620eb7750b54513f7bc3fb9cc2b52.bin
Size

5.0MB
MD5

a13a2d591eedd4e738f533f9f485c81a
SHA1

ff3e24ec7cdd0d1ea3aba47a20ccea8523a8b4b7
SHA256

a0c2671f650c0c513398ae285bd0aa8226f620eb7750b54513f7bc3fb9cc2b52
SHA512

18591413d384818ca1ed3345c0d0841c59a2bfbea7f487d571ff36aaa0d4757224c4cb3e96fd2f319fc2cd74f72f5bd44b4f62a30b5c1409b136a0982445d5b6
SSDEEP

98304:3MqapZMg3WXUNlEN19i0w9+xGpusLnoivODzTPn5Dxvr1i7TVm:3MqaFkUNl5GxGBRqzJKVm

Score

6^/10

Malware Config

Signatures

Attempts to obfuscate APK file format
Applies obfuscation techniques to the APK format in order to hinder analysis

Declares services with permission to bind to the system 1 IoCs

Processes:

description	ioc
Required by accessibility services to bind with the system. Allows apps to access accessibility features.	android.permission.BIND_ACCESSIBILITY_SERVICE

Files

a0c2671f650c0c513398ae285bd0aa8226f620eb7750b54513f7bc3fb9cc2b52.bin
.apk android

com.drastic.daughter

com.fernata.pricktimber.Adaurd

Activities

com.fernata.pricktimber.Adaurd

android.intent.action.MAIN
android.intent.action.VIEW

com.fernata.pricktimber.Rarttwo

android.intent.action.SEND

Permissions

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.INTERNET
android.permission.WAKE_LOCK

Receivers

com.fernata.pricktimber.Flaterhorse

com.runningsdk.action.REQUEST_SDK_RUNNING_ACTION
com.runningsdk.action.RESPONSE_SDK_RUNNING_ACTION

com.fernata.pricktimber.Uracksiren

android.intent.action.BOOT_COMPLETED
android.intent.action.MY_PACKAGE_REPLACED
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED
android.intent.action.PHONE_STATE
android.hardware.usb.action.USB_STATE

com.fernata.pricktimber.Paliendrum

android.intent.action.MY_PACKAGE_REPLACED

com.fernata.pricktimber.Kfestivalclose

android.intent.action.MEDIA_SCANNER_SCAN_FILE

com.fernata.pricktimber.Ebeachamazing

android.intent.action.MY_PACKAGE_REPLACED
android.intent.action.BOOT_COMPLETED
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

android.net.conn.CONNECTIVITY_CHANGE

androidx.work.impl.background.systemalarm.RescheduleReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.background.systemalarm.UpdateProxies

Services

com.fernata.pricktimber.schoolingly

android.accessibilityservice.AccessibilityService

Android Permissions

a0c2671f650c0c513398ae285bd0aa8226f620eb7750b54513f7bc3fb9cc2b52.bin

Permissions

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS

android.permission.INTERNET

android.permission.WAKE_LOCK

Sharing

General

Malware Config

Signatures

Files

com.drastic.daughter

com.fernata.pricktimber.Adaurd

Activities

com.fernata.pricktimber.Adaurd

com.fernata.pricktimber.Rarttwo

Permissions

Receivers

com.fernata.pricktimber.Flaterhorse

com.fernata.pricktimber.Uracksiren

com.fernata.pricktimber.Paliendrum

com.fernata.pricktimber.Kfestivalclose

com.fernata.pricktimber.Ebeachamazing

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

androidx.work.impl.background.systemalarm.RescheduleReceiver

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

Services

com.fernata.pricktimber.schoolingly

Android Permissions

a0c2671f650c0c513398ae285bd0aa8226f620eb7750b54513f7bc3fb9cc2b52.bin