Overview

overview

10

Static

static

10

4abeb85593...98.apk

android-9-x86

4abeb85593...98.apk

android-10-x64

4abeb85593...98.apk

android-11-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4abeb85593c772d9a182a2f9d044ab72883a30df2d252b92e4505e1e10797f98.bin

  • Size

    2.5MB

  • MD5

    20b3407ecb37c7697f1c159fe2deb9b5

  • SHA1

    27e01c9d9b4da7e15f9cb5a879bf3cb7ac3f8c7f

  • SHA256

    4abeb85593c772d9a182a2f9d044ab72883a30df2d252b92e4505e1e10797f98

  • SHA512

    cd2f2574a9dc7422cef9d9105b11c63bce6a60b3b73acd33828694cd740bc77840d98522396516e727137c6c719d4940717b9d05c68efc0feb4a6d9c4cb7ba75

  • SSDEEP

    49152:b3fqGqstaYHOPWQLcloY9AiDvd9R81i5HcuHt1ARCMmZGpyPyQYgD7Mnbq:DfN2PW9lf9nvmkSubARCMmZSmbDS+

Score
10/10
ajina

Malware Config

Extracted

Family

ajina

C2

150.241.78.113:8080

Attributes
  • target_apps

    air.com.ssdsoftwaresolutions.clickuz

    am.easypay.easywallet

    am.imwallet.android

    am.mts.mobidram

    am.upay.android

    app.ab.banking

    arca.am.arca

    az.anipay.usermbanking

    az.cib.app

    az.epul.technopay.android

    az.portmanat.app

    az.portmanat.newapp

    az.pulpal

    az.tezpay.app

    com.binance.dev

    com.eg.android.AlipayGphone

    com.fastshift.wallet

    com.haypost.haypost_mobile

    com.intervale.baitushum

    com.ipc_app

    com.kp.kompanion

    com.kp.megapay.kg

    com.m10

    com.maanavan.mb_kyrgyzstan

    com.mbf.fsclient_android

    com.moneybookers.skrillpayments

    com.ofss.digx.mobile.android.allied

    com.pyypl

    com.safaroff.million_android

    com.wefawvevw.app

Signatures

  • Ajina family
    ajina
  • Declares services with permission to bind to the system 1 IoCs
  • Requests dangerous framework permissions 9 IoCs

Files

  • 4abeb85593c772d9a182a2f9d044ab72883a30df2d252b92e4505e1e10797f98.bin
    .apk android

    basoskuf.or.shedevroprofilnik

    basoskuf.or.shedevroprofilnik.ui.MainActivity


Android Permissions

4abeb85593c772d9a182a2f9d044ab72883a30df2d252b92e4505e1e10797f98.bin

Permissions

oppo.permission.OPPO_COMPONENT_SAFE

com.huawei.permission.external_app_settings.USE_COMPONENT

android.permission.CALL_PHONE

android.permission.READ_PHONE_NUMBERS

android.permission.READ_CALL_LOG

android.permission.READ_CONTACTS

android.permission.GET_ACCOUNTS

android.permission.READ_PHONE_STATE

android.permission.READ_SMS

android.permission.RECEIVE_SMS

android.permission.SEND_SMS

android.permission.INTERNET

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.RECEIVE_BOOT_COMPLETED

basoskuf.or.shedevroprofilnik.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.