Overview

overview

10

Static

static

6

f2d01c45e2...1a.apk

android-9-x86

10

f2d01c45e2...1a.apk

android-10-x64

10

f2d01c45e2...1a.apk

android-11-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f2d01c45e252f781a56a8ab5b89ebfa4db6c90db8a95202d831d404cc7f2761a.bin

  • Size

    3.6MB

  • MD5

    e35319056a81b17979da132bd2294a73

  • SHA1

    ad6e3270762af7be035f53781dca0819a72906db

  • SHA256

    f2d01c45e252f781a56a8ab5b89ebfa4db6c90db8a95202d831d404cc7f2761a

  • SHA512

    c10537354ab456afab51021778e1b5202244b625a7e772a4f4f031f84a88e2662288912ba430e74388fd02cf6cea80c2d28ad15df5a724e9994f5b1ba4d021fe

  • SSDEEP

    98304:2lQCQGxYYqruDRxww5Thkp4tLXRc4OTe67G0ihOakEUg90o1u5l/ghcfHFy9eJx:2b06Ty4ZdOTe67RihOaZ0+i

Score
6/10

Malware Config

Signatures

  • Attempts to obfuscate APK file format

    Applies obfuscation techniques to the APK format in order to hinder analysis

  • Declares broadcast receivers with permission to handle system events 1 IoCs
  • Declares services with permission to bind to the system 2 IoCs
  • Requests dangerous framework permissions 31 IoCs

Files

  • f2d01c45e252f781a56a8ab5b89ebfa4db6c90db8a95202d831d404cc7f2761a.bin
    .apk android

    com.dehodigipuhixoyi.mafuko

    com.dehodigipuhixoyi.mafuko.ronubafitajavu


Android Permissions

f2d01c45e252f781a56a8ab5b89ebfa4db6c90db8a95202d831d404cc7f2761a.bin

Permissions

android.permission.READ_SMS

com.oppo.launcher.permission.READ_SETTINGS

com.oppo.permission.safe.BACKUP

com.oplus.permission.safe.PROTECT

android.permission.INTERNET

android.permission.BLUETOOTH_ADVERTISE

android.permission.PEERS_MAC_ADDRESS

android.permission.WRITE_SECURE_SETTINGS

android.permission.OVERRIDE_WIFI_CONFIG

android.permission.WRITE_CONTACTS

android.permission.DELETE_PACKAGES

com.oplus.permission.safe.SETTINGS_SEARCH

android.permission.CAMERA

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.INTERNET

android.permission.QUERY_ALL_PACKAGES

android.permission.WRITE_MEDIA_STORAGE

com.oppo.permission.RUTILCMD

com.oplus.permission.safe.PRIVATE

android.permission.WAKE_LOCK

com.oplus.permission.safe.CONNECTIVITY

oplus.permission.OPLUS_COMPONENT_SAFE

android.permission.ACCESS_COARSE_LOCATION

android.permission.FORCE_STOP_PACKAGES

android.permission.VIBRATE

android.permission.RECEIVE_SMS

android.permission.WRITE_CONTACTS

android.permission.ACCESS_WIFI_STATE

com.coloros.alarmclock.permission.ACCESS_PROVIDER

android.permission.READ_CONTACTS

com.oplus.metis.factdata.permission.DATABASE

android.permission.WAKE_LOCK

com.oplus.thirdkit.permission.SECURITY

android.permission.INTERACT_ACROSS_USERS_FULL

android.permission.CHANGE_NETWORK_STATE

android.permission.ACCESS_BACKGROUND_LOCATION

android.permission.NEARBY_WIFI_DEVICES

android.permission.ACCESS_MTP

android.permission.BLUETOOTH_CONNECT

android.permission.UPDATE_APP_OPS_STATS

android.permission.PACKAGE_USAGE_STATS

android.permission.SYSTEM_ALERT_WINDOW

android.permission.MANAGE_USERS

android.permission.ACCESS_WIFI_STATE

android.permission.DEVICE_POWER

com.coloros.codebook.permission.READ

com.coloros.operationManual.permission.tipsprovider

com.oplus.permission.safe.POWER

heytap.permission.cloud.ACCESS_CLOUD

android.permission.DISABLE_KEYGUARD