antidot | ddaee6eb26c90becb14e08752506c3cdfaa9e5a9fba86256990fd77216bc3e99[.]apk

Sharing

Copy URL

Twitter E-mail

General

Target

ddaee6eb26c90becb14e08752506c3cdfaa9e5a9fba86256990fd77216bc3e99.apk
Size

3.8MB
MD5

7ffce1956cdf1b2e5671b56aaa07c9db
SHA1

e289591702c36e64aff51f2910c47bf07d19419f
SHA256

ddaee6eb26c90becb14e08752506c3cdfaa9e5a9fba86256990fd77216bc3e99
SHA512

1c391de7e4421cd8b7973ef4b62ccbc61825d5904c9f789209fddbb5c6c22646d909cc3573497e0325f02d9d2e2a1e2475d548651f5a14ce23bb026a149738f6
SSDEEP

98304:7wDwODE0Sw7JrHQnmVLlmSCVj2zoAw180JZ5+yxnzlqspbUzv4wE/GwUOO3nL:7wU4EOJTlVLYSSj2zy8oay4s18EulT

Score

10^/10

antidot

Malware Config

Signatures

Antidot family
antidot

Antidot payload 1 IoCs

resource	yara_rule
sample	family_antidot

Declares services with permission to bind to the system 1 IoCs

description	ioc
Required by VPN services to bind with the system. Allows apps to provision VPN services.	android.permission.BIND_VPN_SERVICE

Requests dangerous framework permissions 41 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application a broad access to external storage in scoped storage.	android.permission.MANAGE_EXTERNAL_STORAGE
Allows a calling app to continue a call which was started in another app.	android.permission.ACCEPT_HANDOVER
Allows the app to answer an incoming phone call.	android.permission.ANSWER_PHONE_CALLS
Allows an application to access data from sensors that the user uses to measure what is happening inside their body, such as heart rate.	android.permission.BODY_SENSORS_BACKGROUND
Required to be able to range to devices using ultra-wideband.	android.permission.UWB_RANGING
Allows an application to recognize physical activity.	android.permission.ACTIVITY_RECOGNITION
Allows an app to access location in the background.	android.permission.ACCESS_BACKGROUND_LOCATION
Required to be able to advertise to nearby Bluetooth devices.	android.permission.BLUETOOTH_ADVERTISE
Required to be able to discover and pair nearby Bluetooth devices.	android.permission.BLUETOOTH_SCAN
Required to be able to connect to paired Bluetooth devices.	android.permission.BLUETOOTH_CONNECT
Allows an application to access any geographic locations persisted in the user's shared collection.	android.permission.ACCESS_MEDIA_LOCATION
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Required to be able to access the camera device.	android.permission.CAMERA
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to read the user's call log.	android.permission.READ_CALL_LOG
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES
Allows an application to read image files from external storage.	android.permission.READ_MEDIA_IMAGES
Allows an application to read audio files from external storage.	android.permission.READ_MEDIA_AUDIO
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to write the user's calendar data.	android.permission.WRITE_CALENDAR
Allows an application to access data from sensors that the user uses to measure what is happening inside their body, such as heart rate.	android.permission.BODY_SENSORS
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to read video files from external storage.	android.permission.READ_MEDIA_VIDEO
Allows an application to receive WAP push messages.	android.permission.RECEIVE_WAP_PUSH
Allows an application to monitor incoming MMS messages.	android.permission.RECEIVE_MMS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS
Allows an application to write and read the user's call log data.	android.permission.WRITE_CALL_LOG
Allows an application to read the user's calendar data.	android.permission.READ_CALENDAR
Allows an app to post notifications.	android.permission.POST_NOTIFICATIONS
Required to be able to advertise and connect to nearby devices via Wi-Fi.	android.permission.NEARBY_WIFI_DEVICES
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows read access to the device's phone number(s).	android.permission.READ_PHONE_NUMBERS
Allows an application to use SIP service.	android.permission.USE_SIP

Files

ddaee6eb26c90becb14e08752506c3cdfaa9e5a9fba86256990fd77216bc3e99.apk
.apk android arch:arm64

com.lethal.visionx

com.lethal.visionx.RootChecker

Activities

com.lethal.visionx.RootChecker

android.intent.action.MAIN

Permissions

android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MANAGE_EXTERNAL_STORAGE
android.permission.QUERY_ALL_PACKAGES
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.USE_BIOMETRIC
android.permission.FOREGROUND_SERVICE_CAMERA
android.permission.FOREGROUND_SERVICE_CONNECTED_DEVICE
android.permission.FOREGROUND_SERVICE_DATA_SYNC
android.permission.FOREGROUND_SERVICE_HEALTH
android.permission.FOREGROUND_SERVICE_LOCATION
android.permission.FOREGROUND_SERVICE_MEDIA_PLAYBACK
android.permission.FOREGROUND_SERVICE_MEDIA_PROJECTION
android.permission.FOREGROUND_SERVICE_MICROPHONE
android.permission.FOREGROUND_SERVICE_PHONE_CALL
android.permission.FOREGROUND_SERVICE_REMOTE_MESSAGING
android.permission.FOREGROUND_SERVICE_SPECIAL_USE
android.permission.FOREGROUND_SERVICE_SYSTEM_EXEMPTED
com.open.gallery.smart.Read
android.permission.HIGH_SAMPLING_RATE_SENSORS
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.RUN_USER_INITIATED_JOBS
android.permission.ACCEPT_HANDOVER
android.permission.ANSWER_PHONE_CALLS
android.permission.BODY_SENSORS_BACKGROUND
android.permission.UWB_RANGING
android.permission.ACTIVITY_RECOGNITION
android.permission.DETECT_SCREEN_CAPTURE
android.permission.ACCESS_BACKGROUND_LOCATION
ohos.permission.GET_BUNDLE_INFO
android.permission.MANAGE_OWN_CALLS
android.permission.BLUETOOTH_ADVERTISE
android.permission.BLUETOOTH_SCAN
android.permission.BLUETOOTH_CONNECT
android.permission.ACCESS_MEDIA_LOCATION
android.permission.RECEIVE_SMS
android.permission.CALL_PHONE
android.permission.RUN_USER_INITIATED_JOBS
android.permission.CAMERA
android.permission.FLASHLIGHT
android.permission.USE_EXACT_ALARM
android.permission.WRITE_SOCIAL_STREAM
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.WRITE_PROFILE
android.permission.READ_USER_DICTIONARY
android.permission.READ_CALL_LOG
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.SUBSCRIBED_FEEDS_READ
android.permission.READ_MEDIA_IMAGES
android.permission.READ_MEDIA_AUDIO
android.permission.VIBRATE
android.permission.SUBSCRIBED_FEEDS_WRITE
android.permission.ACCESS_FINE_LOCATION
android.permission.WRITE_CALENDAR
android.permission.READ_SOCIAL_STREAM
android.permission.MANAGE_ACCOUNTS
android.permission.BODY_SENSORS
android.permission.BROADCAST_STICKY
android.permission.WRITE_USER_DICTIONARY
android.permission.AUTHENTICATE_ACCOUNTS
android.permission.USE_CREDENTIALS
android.permission.CHANGE_WIFI_MULTICAST_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.TRANSMIT_IR
android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECORD_AUDIO
android.permission.EXPAND_STATUS_BAR
android.permission.GET_ACCOUNTS
android.permission.READ_PROFILE
android.permission.READ_MEDIA_VIDEO
android.permission.RECEIVE_WAP_PUSH
android.permission.GET_PACKAGE_SIZE
android.permission.RECEIVE_MMS
android.permission.SET_WALLPAPER_HINTS
android.permission.WRITE_SYNC_SETTINGS
android.permission.READ_PHONE_STATE
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.NFC
android.permission.DISABLE_KEYGUARD
android.permission.FOREGROUND_SERVICE
android.permission.READ_CONTACTS
android.permission.WAKE_LOCK
android.permission.REQUEST_DELETE_PACKAGES
android.permission.WRITE_CONTACTS
android.permission.READ_SYNC_STATS
android.permission.READ_SYNC_SETTINGS
android.permission.USE_FINGERPRINT
android.permission.WRITE_CALL_LOG
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.REORDER_TASKS
android.permission.READ_CALENDAR
android.permission.SET_WALLPAPER
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.GET_TASKS
android.permission.POST_NOTIFICATIONS
android.permission.NEARBY_WIFI_DEVICES
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.READ_PHONE_NUMBERS
android.permission.USE_SIP
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
com.lethal.visionx.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

Receivers

top.bienvenido.mundo.manifest.MundoReceiver

com.lethal.visionx.mundo.receiver.stub

androidx.profileinstaller.ProfileInstallReceiver

androidx.profileinstaller.action.INSTALL_PROFILE
androidx.profileinstaller.action.SKIP_FILE
androidx.profileinstaller.action.SAVE_PROFILE
androidx.profileinstaller.action.BENCHMARK_OPERATION

Services

Android Permissions

ddaee6eb26c90becb14e08752506c3cdfaa9e5a9fba86256990fd77216bc3e99.apk

Permissions

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.MANAGE_EXTERNAL_STORAGE

android.permission.QUERY_ALL_PACKAGES

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.USE_BIOMETRIC

android.permission.FOREGROUND_SERVICE_CAMERA

android.permission.FOREGROUND_SERVICE_CONNECTED_DEVICE

android.permission.FOREGROUND_SERVICE_DATA_SYNC

android.permission.FOREGROUND_SERVICE_HEALTH

android.permission.FOREGROUND_SERVICE_LOCATION

android.permission.FOREGROUND_SERVICE_MEDIA_PLAYBACK

android.permission.FOREGROUND_SERVICE_MEDIA_PROJECTION

android.permission.FOREGROUND_SERVICE_MICROPHONE

android.permission.FOREGROUND_SERVICE_PHONE_CALL

android.permission.FOREGROUND_SERVICE_REMOTE_MESSAGING

android.permission.FOREGROUND_SERVICE_SPECIAL_USE

android.permission.FOREGROUND_SERVICE_SYSTEM_EXEMPTED

com.open.gallery.smart.Read

android.permission.HIGH_SAMPLING_RATE_SENSORS

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS

android.permission.RUN_USER_INITIATED_JOBS

android.permission.ACCEPT_HANDOVER

android.permission.ANSWER_PHONE_CALLS

android.permission.BODY_SENSORS_BACKGROUND

android.permission.UWB_RANGING

android.permission.ACTIVITY_RECOGNITION

android.permission.DETECT_SCREEN_CAPTURE

android.permission.ACCESS_BACKGROUND_LOCATION

ohos.permission.GET_BUNDLE_INFO

android.permission.MANAGE_OWN_CALLS

android.permission.BLUETOOTH_ADVERTISE

android.permission.BLUETOOTH_SCAN

android.permission.BLUETOOTH_CONNECT

android.permission.ACCESS_MEDIA_LOCATION

android.permission.RECEIVE_SMS

android.permission.CALL_PHONE

android.permission.RUN_USER_INITIATED_JOBS

android.permission.CAMERA

android.permission.FLASHLIGHT

android.permission.USE_EXACT_ALARM

android.permission.WRITE_SOCIAL_STREAM

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_LOCATION_EXTRA_COMMANDS

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_NETWORK_STATE

android.permission.WRITE_PROFILE

android.permission.READ_USER_DICTIONARY

android.permission.READ_CALL_LOG

Sharing

General

Malware Config

Signatures

Files

com.lethal.visionx

com.lethal.visionx.RootChecker

Activities

com.lethal.visionx.RootChecker

Permissions

Receivers

top.bienvenido.mundo.manifest.MundoReceiver

androidx.profileinstaller.ProfileInstallReceiver

Services

Android Permissions

ddaee6eb26c90becb14e08752506c3cdfaa9e5a9fba86256990fd77216bc3e99.apk