Overview

overview

10

Static

static

10

810639224a...e9.apk

android-9-x86

810639224a...e9.apk

android-10-x64

810639224a...e9.apk

android-11-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    810639224a5e15b28e9573aac5924849ea79d38672e7431777aabdea0ec306e9.bin

  • Size

    2.4MB

  • MD5

    f561141f1c468bfd2a98f43d106ab7f1

  • SHA1

    763f16644dbc54b4f8f9d2c7290bc2f4f8475d0e

  • SHA256

    810639224a5e15b28e9573aac5924849ea79d38672e7431777aabdea0ec306e9

  • SHA512

    5f709b655c0108b5b13362a35b93e115c2fddb192c02f64a4ad546cb8083d146943e5480e3f1fcf93a45b6ef558bf4a2877c6cd574b0e90ecee60f138e28bcde

  • SSDEEP

    49152:MbAMFiSvZI7h2G2vnAvjFHO34qXmIB5HcRHq1dRCMmZGpyPEYgD7eDFt:+niSva2GmArRO36+SR2dRCMmZS1bDoFt

Score
10/10
ajina

Malware Config

Extracted

Family

ajina

C2

109.120.157.82:8080

Attributes
  • target_apps

    air.com.ssdsoftwaresolutions.clickuz

    am.easypay.easywallet

    am.imwallet.android

    am.mts.mobidram

    am.upay.android

    app.ab.banking

    arca.am.arca

    az.anipay.usermbanking

    az.cib.app

    az.epul.technopay.android

    az.portmanat.app

    az.portmanat.newapp

    az.pulpal

    az.tezpay.app

    com.binance.dev

    com.eg.android.AlipayGphone

    com.fastshift.wallet

    com.haypost.haypost_mobile

    com.intervale.baitushum

    com.ipc_app

    com.kp.kompanion

    com.kp.megapay.kg

    com.m10

    com.maanavan.mb_kyrgyzstan

    com.mbf.fsclient_android

    com.moneybookers.skrillpayments

    com.ofss.digx.mobile.android.allied

    com.pyypl

    com.safaroff.million_android

    com.wefawvevw.app

Signatures

  • Ajina family
    ajina
  • Declares services with permission to bind to the system 1 IoCs
  • Requests dangerous framework permissions 9 IoCs

Files

  • 810639224a5e15b28e9573aac5924849ea79d38672e7431777aabdea0ec306e9.bin
    .apk android

    basoskuf.or.shedevroprofilnik

    basoskuf.or.shedevroprofilnik.ui.MainActivity


Android Permissions

810639224a5e15b28e9573aac5924849ea79d38672e7431777aabdea0ec306e9.bin

Permissions

oppo.permission.OPPO_COMPONENT_SAFE

com.huawei.permission.external_app_settings.USE_COMPONENT

android.permission.CALL_PHONE

android.permission.READ_PHONE_NUMBERS

android.permission.READ_CALL_LOG

android.permission.READ_CONTACTS

android.permission.GET_ACCOUNTS

android.permission.READ_PHONE_STATE

android.permission.READ_SMS

android.permission.RECEIVE_SMS

android.permission.SEND_SMS

android.permission.INTERNET

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.RECEIVE_BOOT_COMPLETED

basoskuf.or.shedevroprofilnik.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.