xamalicious | indus[.]credit[.]card-2[.]apk

General

Target

indus.credit.card-2.apk
Size

35.1MB
MD5

a146c25c8b4140101d3f68507205d8a1
SHA1

fcfc956580093622f8724c8830ce7075d84c4ca0
SHA256

345eef06415790547537f434ba5a609e0eae805b282b3f9f916cc31b372c5dac
SHA512

114a27d05565acebd81df2862b0504cf17ea456a56dd0ec8a831f1a3409c77dab013945c102408af72d275b32d0a63f6337b601696df1f6fbd8c37d7d8b23a35
SSDEEP

786432:CT4XQvCzYrVEjRW9/4m1ssWtb7QBB9R4gUnjQ+19Y:CT4AiYaKUj4BVhMQ1

Score

10^/10

xamalicious

Android Xamalicious payload 1 IoCs

Processes:

resource	yara_rule
sample	family_xamalicious

Requests dangerous framework permissions 3 IoCs

Processes:

description	ioc
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an app to post notifications.	android.permission.POST_NOTIFICATIONS

Permissions

android.permission.INTERNET

android.permission.RECEIVE_SMS

android.permission.FOREGROUND_SERVICE

android.permission.READ_EXTERNAL_STORAGE

android.permission.POST_NOTIFICATIONS

com.rewardz.card.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION