xamalicious | com[.]medoc[.]cashalot[.]ingenico_19[.]675[.]SIGNED 2[.]apk

Resubmissions

31/01/2025, 14:25

250131-rred1aznem 10

31/01/2025, 14:24

250131-rqsv1azndk 10

31/01/2025, 14:23

250131-rqdfbaxqht 10

31/01/2025, 14:22

250131-rprljsznbk 10

Sharing

Copy URL

Twitter E-mail

General

Target

com.medoc.cashalot.ingenico_19.675.SIGNED 2.apk
Size

37.7MB
MD5

96d5b192bad79478833ef7f5bd6c52e6
SHA1

074b683cd584e64d9c24d05989838aa4dbc0d93b
SHA256

a25b1787179d2b114aece87cf5f0e87103fe14286ad3ac48c37f90b720cc8166
SHA512

b598411a5e21ea50cc874ec89b536a8cfcac08d0ba9f11538edccdde2a5030b3957c0b1c398aea073bbe648fa5f927cd22667763659f4a2ee7bba9c8fd77de6d
SSDEEP

393216:EGPdKz3dP1lKb0by7UpMIo0r0Rb/u8t19wuCzS1znXbabgQWnHNytebOtJCLtR93:Ejlxp3YRbljMSNXbaiHNqK7OUGO

Score

10^/10

xamalicious

Malware Config

Signatures

Android Xamalicious payload 1 IoCs

resource	yara_rule
sample	family_xamalicious

Xamalicious family
xamalicious

Requests dangerous framework permissions 6 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Required to be able to access the camera device.	android.permission.CAMERA
Required to be able to connect to paired Bluetooth devices.	android.permission.BLUETOOTH_CONNECT
Required to be able to discover and pair nearby Bluetooth devices.	android.permission.BLUETOOTH_SCAN
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE

Files

com.medoc.cashalot.ingenico_19.675.SIGNED 2.apk
.apk android arch:arm

com.medoc.cashalot.ingenico

crc6417dcae06b00e0ca1.MainActivity

Activities

crc6417dcae06b00e0ca1.MainActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.VIBRATE
android.permission.CAMERA
android.permission.PRIVATE_EXTERNAL_STORAGE
android.permission.PUBLIC_EXTERNAL_STORAGE
android.permission.BLUETOOTH_PRIVILEGED
android.permission.BLUETOOTH_CONNECT
android.permission.BLUETOOTH_SCAN
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
com.ingenico.payment.permission.MAKE_PAYMENT
com.ingenico.payment.permission.UPDATE_PAYMENT
com.ingenico.batch.permission.CLOSE_BATCH
android.permission.READ_PHONE_STATE
android.permission.READ_PRIVILEGED_PHONE_STATE

Receivers

Android Permissions

com.medoc.cashalot.ingenico_19.675.SIGNED 2.apk

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.VIBRATE

android.permission.CAMERA

android.permission.PRIVATE_EXTERNAL_STORAGE

android.permission.PUBLIC_EXTERNAL_STORAGE

android.permission.BLUETOOTH_PRIVILEGED

android.permission.BLUETOOTH_CONNECT

android.permission.BLUETOOTH_SCAN

android.permission.BLUETOOTH

android.permission.BLUETOOTH_ADMIN

com.ingenico.payment.permission.MAKE_PAYMENT

com.ingenico.payment.permission.UPDATE_PAYMENT

com.ingenico.batch.permission.CLOSE_BATCH

android.permission.READ_PHONE_STATE

android.permission.READ_PRIVILEGED_PHONE_STATE