com.appd.instll.splash
android.intent.action.MAIN
android.intent.action.VIEW
General
-
Target
Serasa Score (1) (4).apk
-
Size
4.6MB
-
MD5
f3b066c1e73649cf191c37bac74fd1be
-
SHA1
01766f9765338a7555fb88a9003cda84b1c4ede1
-
SHA256
c34498e0deb153d9ead03345a692cb71d14ab654b7d39f26d3f52b327ad033c0
-
SHA512
8ffbfc426d24d7ad07e0b7d7dfddab8453d4d81ba77bf7a6ec001acc27f0ebf325b3a3b3e1c6bbb3f2aa53a2144628b7368e4c3b28a4a4b390ea0518a331345b
-
SSDEEP
98304:hXz/GHIMP1AxAF3nwp5sPKPc7VotXQO1tcGH54R/fU732RYOu5RW4T8gffSrLhBl:Zz/8IMPGAFXmsSMqVVk2mSOeWZgnSrLB
Score
10/10
Malware Config
Extracted
Family
spynote
C2
0.tcp.sa.ngrok.io:12113
Signatures
-
Spynote family
-
Attempts to obfuscate APK file format
Applies obfuscation techniques to the APK format in order to hinder analysis
-
Declares broadcast receivers with permission to handle system events 1 IoCs
-
Declares services with permission to bind to the system 3 IoCs
-
Requests dangerous framework permissions 3 IoCs
Files
-
Serasa Score (1) (4).apk
com.appd.instll.load
com.appd.instll.splash
-
childapp.apk
wallace.quarter.absolutely
wallace.quarter.gsmstlrtrqxntwwxwkrmrhicnznixuatiaohdntoucrrsjldjs2.qkskemnbpqmojhuoswucwuxkmyyngfqcvowhmcwxkbdjcevebo31
Android Permissions
Serasa Score (1) (4).apk
Permissions
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.REQUEST_DELETE_PACKAGES