Overview

overview

10

Static

static

10

b5cda2f5c6...29.apk

android-9-x86

b5cda2f5c6...29.apk

android-10-x64

b5cda2f5c6...29.apk

android-11-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b5cda2f5c6fd1a75c500864d86d57eae69888aa3e9e42c9bc569894be70a5529.bin

  • Size

    2.4MB

  • MD5

    ab74f83a992391a5de532297a9864bf5

  • SHA1

    b13e06777ee34fdbc91cd0030a29f1d4f41ec0a8

  • SHA256

    b5cda2f5c6fd1a75c500864d86d57eae69888aa3e9e42c9bc569894be70a5529

  • SHA512

    2baf812400a2ecfb436a4713f7f81527c6eb09fdeea93075b77b078b069492a606ea95473a7239699c33fe4cbe17ec0eeba4b04a539b28e1f37e1f0c19ec31fa

  • SSDEEP

    49152:EblZsd211+6P0RmieH9wUvs4pM4PE5HccH01wRCMmZGpyPcYgD7vHrSz:ABFqmpdh02sScQwRCMmZSNbDD0

Score
10/10
ajina

Malware Config

Extracted

Family

ajina

C2

89.22.231.173:8080

Attributes
  • target_apps

    air.com.ssdsoftwaresolutions.clickuz

    am.easypay.easywallet

    am.imwallet.android

    am.mts.mobidram

    am.upay.android

    app.ab.banking

    arca.am.arca

    az.anipay.usermbanking

    az.cib.app

    az.epul.technopay.android

    az.portmanat.app

    az.portmanat.newapp

    az.pulpal

    az.tezpay.app

    com.binance.dev

    com.eg.android.AlipayGphone

    com.fastshift.wallet

    com.haypost.haypost_mobile

    com.intervale.baitushum

    com.ipc_app

    com.kp.kompanion

    com.kp.megapay.kg

    com.m10

    com.maanavan.mb_kyrgyzstan

    com.mbf.fsclient_android

    com.moneybookers.skrillpayments

    com.ofss.digx.mobile.android.allied

    com.pyypl

    com.safaroff.million_android

    com.wefawvevw.app

Signatures

  • Ajina family
    ajina
  • Declares services with permission to bind to the system 1 IoCs
  • Requests dangerous framework permissions 9 IoCs

Files

  • b5cda2f5c6fd1a75c500864d86d57eae69888aa3e9e42c9bc569894be70a5529.bin
    .apk android

    basoskuf.or.shedevroprofilnik

    basoskuf.or.shedevroprofilnik.ui.MainActivity


Android Permissions

b5cda2f5c6fd1a75c500864d86d57eae69888aa3e9e42c9bc569894be70a5529.bin

Permissions

oppo.permission.OPPO_COMPONENT_SAFE

com.huawei.permission.external_app_settings.USE_COMPONENT

android.permission.CALL_PHONE

android.permission.READ_PHONE_NUMBERS

android.permission.READ_CALL_LOG

android.permission.READ_CONTACTS

android.permission.GET_ACCOUNTS

android.permission.READ_PHONE_STATE

android.permission.READ_SMS

android.permission.RECEIVE_SMS

android.permission.SEND_SMS

android.permission.INTERNET

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.RECEIVE_BOOT_COMPLETED

basoskuf.or.shedevroprofilnik.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.