4b0c4419cb96f3d30be4b66952507c69610cb7d2b05f564bdcf32affb6115262

General

Target

4b0c4419cb96f3d30be4b66952507c69610cb7d2b05f564bdcf32affb6115262
Size

8.9MB
MD5

f1c5f85dd0211241dc04b47c394a6b97
SHA1

4c67ea218230a004a2e84b158facc975dbf2ccb2
SHA256

4b0c4419cb96f3d30be4b66952507c69610cb7d2b05f564bdcf32affb6115262
SHA512

5b967977a02a6a7f5c52e866f1270f29186d150847e0a194444267f494fde7ff0ad6dccdb73ec481f5a84dfd2fb3e46f3462d16515e4e488c88a0cbdd7a7f463
SSDEEP

196608:fGRxCKykKLorTi/zThx2/pUyIUGTRDXbiobLitDq7ox:vnorTi/5xbcG1biobLik7Q

Score

10^/10

Malware Config

Signatures

Coper_DGA_Strings 4 IoCs

resource	yara_rule
static1/unpack001/base.apk	Coper_DGA_Strings
static1/unpack001/base.apk	Coper_DGA_Strings
static1/unpack001/base.apk	Coper_DGA_Strings
static1/unpack001/base.apk	Coper_DGA_Strings

Attempts to obfuscate APK file format
Applies obfuscation techniques to the APK format in order to hinder analysis

Declares broadcast receivers with permission to handle system events 1 IoCs

description	ioc
Required by device admin receivers to bind with the system. Allows apps to manage device administration features.	android.permission.BIND_DEVICE_ADMIN

Declares services with permission to bind to the system 2 IoCs

description	ioc
Required by accessibility services to bind with the system. Allows apps to access accessibility features.	android.permission.BIND_ACCESSIBILITY_SERVICE
Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device.	android.permission.BIND_NOTIFICATION_LISTENER_SERVICE

Requests dangerous framework permissions 1 IoCs

description	ioc
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES

Files

4b0c4419cb96f3d30be4b66952507c69610cb7d2b05f564bdcf32affb6115262
.apk android

com.minor.scrap

com.false.monster.Csufferconvince

Activities

com.false.monster.Csufferconvince

android.intent.action.MAIN
com.example.android.apis.content.SESSION_API_PACKAGE_INSTALLED

Permissions

android.permission.REQUEST_INSTALL_PACKAGES
base.apk
.apk android arch:x86 arch:arm64 arch:x64 arch:arm

com.pcloud74bookmarksconnect

com.pcloud74bookmarksconnect.uldPWnLOPq

Activities

com.pcloud74bookmarksconnect.uldPWnLOPq

android.intent.action.MAIN

com.pcloud74bookmarksconnect.gqLpzA

android.intent.action.SEND
android.intent.action.SENDTO
android.intent.action.VIEW
android.intent.action.SEND
android.intent.action.SEND_MULTIPLE

Permissions

android.permission.CALL_PHONE
android.permission.QUERY_ALL_PACKAGES
android.permission.WRITE_SMS
android.permission.REORDER_TASKS
android.permission.WAKE_LOCK
android.permission.RECEIVE_SMS
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.SEND_SMS
android.permission.FOREGROUND_SERVICE
android.permission.USES_POLICY_FORCE_LOCK
android.permission.VIBRATE
android.permission.USE_FULL_SCREEN_INTENT
android.permission.READ_SMS
android.permission.WRITE_SETTINGS
android.permission.INTERNET
android.permission.ACCESS_NOTIFICATION_POLICY
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.provider.Telephony.SMS_RECEIVED
android.permission.POST_NOTIFICATIONS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.RECEIVE_MMS
android.permission.READ_PHONE_NUMBERS
android.permission.REQUEST_DELETE_PACKAGES
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE

Receivers

com.pcloud74bookmarksconnect.pjgaJVcz90pTx

android.app.action.DEVICE_ADMIN_ENABLED
android.app.action.DEVICE_ADMIN_DISABLED

com.pcloud74bookmarksconnect.rdo75j4

android.provider.Telephony.SMS_RECEIVED

com.pcloud74bookmarksconnect.iqqkT5mm3Qjpy

android.provider.Telephony.SMS_DELIVER

com.pcloud74bookmarksconnect.wwUEqzVTluIL

android.provider.Telephony.WAP_PUSH_DELIVER

com.pcloud74bookmarksconnect.c3DYg

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.USER_PRESENT
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
android.provider.Telephony.SMS_RECEIVED
android.intent.action.SCREEN_ON
android.intent.action.SCREEN_OFF
android.intent.action.EXTERNAL_APPLICATIONS_AVAILABLE
android.net.conn.CONNECTIVITY_CHANGE
android.net.wifi.WIFI_STATE_CHANGED
android.intent.action.DREAMING_STOPPED

Services

com.pcloud74bookmarksconnect.rv736neOYwI

android.intent.action.RESPOND_VIA_MESSAGE

com.pcloud74bookmarksconnect.onxhcgzeWl

android.accessibilityservice.AccessibilityService

com.pcloud74bookmarksconnect.cawT5W

android.service.notification.NotificationListenerService

Android Permissions

4b0c4419cb96f3d30be4b66952507c69610cb7d2b05f564bdcf32affb6115262

Permissions

android.permission.REQUEST_INSTALL_PACKAGES

Sharing

General

Malware Config

Signatures

Files

com.minor.scrap

com.false.monster.Csufferconvince

Activities

com.false.monster.Csufferconvince

Permissions

com.pcloud74bookmarksconnect

com.pcloud74bookmarksconnect.uldPWnLOPq

Activities

com.pcloud74bookmarksconnect.uldPWnLOPq

com.pcloud74bookmarksconnect.gqLpzA

Permissions

Receivers

com.pcloud74bookmarksconnect.pjgaJVcz90pTx

com.pcloud74bookmarksconnect.rdo75j4

com.pcloud74bookmarksconnect.iqqkT5mm3Qjpy

com.pcloud74bookmarksconnect.wwUEqzVTluIL

com.pcloud74bookmarksconnect.c3DYg

Services

com.pcloud74bookmarksconnect.rv736neOYwI

com.pcloud74bookmarksconnect.onxhcgzeWl

com.pcloud74bookmarksconnect.cawT5W

Android Permissions

4b0c4419cb96f3d30be4b66952507c69610cb7d2b05f564bdcf32affb6115262