com.network.android.NetworkMain
android.intent.action.MAIN
Behavioral task
behavioral1
Sample
ade8bef0ac29fa363fc9afd958af0074478aef650adeb0318517b48bd996d5d5.apk
Resource
android-x86-arm-20240910-en
android-9-x86
7 signatures
150 seconds
Behavioral task
behavioral2
Sample
ade8bef0ac29fa363fc9afd958af0074478aef650adeb0318517b48bd996d5d5.apk
Resource
android-x64-20240910-en
android-10-x64
7 signatures
150 seconds
Behavioral task
behavioral3
Sample
ade8bef0ac29fa363fc9afd958af0074478aef650adeb0318517b48bd996d5d5.apk
Resource
android-x64-arm64-20240910-en
android-11-x64
6 signatures
150 seconds
General
-
Target
ade8bef0ac29fa363fc9afd958af0074478aef650adeb0318517b48bd996d5d5.zip
-
Size
253KB
-
MD5
92355b413ce41a274d4ca6724846f6c4
-
SHA1
607aa771206673e9d97df0aac302013d22c423bb
-
SHA256
cdc4645f8705dd614528ac63a6cecce5b35dc931ce15d6c5421c91b47cb860e6
-
SHA512
767c5ea745346ff3d276c1708a2a3b53f48276b6cd59c97ecf9741495a1588c8e5b4767045e17b8e77fd2e09cf3e0a15fb81bf5a7f09069b6e89188e96a94190
-
SSDEEP
6144:Sr9HU+G8IPdAAk5PjsmEslzmIn7XyOjmfzup0e3zTEXlCz:E9Hi8IPjk5PXEslz1bfDKc
Score
10/10
Malware Config
Signatures
-
Pegasus family
-
Pegasus payload 1 IoCs
resource yara_rule static1/unpack001/ade8bef0ac29fa363fc9afd958af0074478aef650adeb0318517b48bd996d5d5.apk family_pegasus1 -
Requests dangerous framework permissions 21 IoCs
description ioc Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE Required to be able to access the camera device. android.permission.CAMERA Allows access to the list of accounts in the Accounts Service. android.permission.GET_ACCOUNTS Allows an application to see the number being dialed during an outgoing call with the option to redirect the call to a different number or abort the call altogether. android.permission.PROCESS_OUTGOING_CALLS Allows an application to read the user's calendar data. android.permission.READ_CALENDAR Allows an application to read the user's contacts data. android.permission.READ_CONTACTS Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE Allows an application to read SMS messages. android.permission.READ_SMS Allows an application to monitor incoming MMS messages. android.permission.RECEIVE_MMS Allows an application to receive SMS messages. android.permission.RECEIVE_SMS Allows an application to receive WAP push messages. android.permission.RECEIVE_WAP_PUSH Allows an application to record audio. android.permission.RECORD_AUDIO Allows an application to send SMS messages. android.permission.SEND_SMS Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW Allows an application to use SIP service. android.permission.USE_SIP Allows an application to write the user's calendar data. android.permission.WRITE_CALENDAR Allows an application to write the user's contacts data. android.permission.WRITE_CONTACTS Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS
Files
-
ade8bef0ac29fa363fc9afd958af0074478aef650adeb0318517b48bd996d5d5.zip.zip
Password: infected
-
ade8bef0ac29fa363fc9afd958af0074478aef650adeb0318517b48bd996d5d5.apk.apk android
com.network.android
com.network.android.NetworkMain
Activities
Permissions
android.permission.FORCE_STOP_PACKAGES
android.permission.ACCESS_CHECKIN_PROPERTIES
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.ACCESS_MOCK_LOCATION
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_SURFACE_FLINGER
android.permission.ACCESS_WIFI_STATE
android.permission.ACCOUNT_MANAGER
android.permission.AUTHENTICATE_ACCOUNTS
android.permission.BATTERY_STATS
android.permission.BIND_APPWIDGET
android.permission.BIND_DEVICE_ADMIN
android.permission.BIND_INPUT_METHOD
android.permission.BIND_REMOTEVIEWS
android.permission.BIND_WALLPAPER
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.BRICK
android.permission.BROADCAST_PACKAGE_REMOVED
android.permission.BROADCAST_SMS
android.permission.BROADCAST_STICKY
android.permission.BROADCAST_WAP_PUSH
android.permission.CALL_PHONE
android.permission.CALL_PRIVILEGED
android.permission.CAMERA
android.permission.CHANGE_COMPONENT_ENABLED_STATE
android.permission.CHANGE_CONFIGURATION
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_MULTICAST_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.CLEAR_APP_CACHE
android.permission.CLEAR_APP_USER_DATA
android.permission.CONTROL_LOCATION_UPDATES
android.permission.DELETE_CACHE_FILES
android.permission.DELETE_PACKAGES
android.permission.DEVICE_POWER
android.permission.DIAGNOSTIC
android.permission.DISABLE_KEYGUARD
android.permission.DUMP
android.permission.EXPAND_STATUS_BAR
android.permission.FACTORY_TEST
android.permission.FLASHLIGHT
android.permission.FORCE_BACK
android.permission.GET_ACCOUNTS
android.permission.GET_PACKAGE_SIZE
android.permission.GET_TASKS
android.permission.GLOBAL_SEARCH
android.permission.HARDWARE_TEST
android.permission.INJECT_EVENTS
android.permission.INSTALL_LOCATION_PROVIDER
android.permission.INSTALL_PACKAGES
android.permission.INTERNAL_SYSTEM_WINDOW
android.permission.INTERNET
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.MANAGE_ACCOUNTS
android.permission.MANAGE_APP_TOKENS
android.permission.MASTER_CLEAR
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.MODIFY_PHONE_STATE
android.permission.MOUNT_FORMAT_FILESYSTEMS
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.NFC
android.permission.PERSISTENT_ACTIVITY
android.permission.PROCESS_OUTGOING_CALLS
android.permission.READ_CALENDAR
android.permission.READ_CONTACTS
android.permission.READ_FRAME_BUFFER
android.permission.READ_HISTORY_BOOKMARKS
android.permission.READ_INPUT_STATE
android.permission.READ_LOGS
android.permission.READ_PHONE_STATE
android.permission.READ_SMS
android.permission.READ_SYNC_SETTINGS
android.permission.READ_SYNC_STATS
android.permission.REBOOT
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.RECEIVE_MMS
android.permission.RECEIVE_SMS
android.permission.RECEIVE_WAP_PUSH
android.permission.RECORD_AUDIO
android.permission.REORDER_TASKS
android.permission.RESTART_PACKAGES
android.permission.SEND_SMS
android.permission.SET_ACTIVITY_WATCHER
android.permission.SET_ALARM
android.permission.SET_ALWAYS_FINISH
android.permission.SET_ANIMATION_SCALE
android.permission.SET_DEBUG_APP
android.permission.SET_ORIENTATION
android.permission.SET_PREFERRED_APPLICATIONS
android.permission.SET_PROCESS_LIMIT
android.permission.SET_TIME
android.permission.SET_TIME_ZONE
android.permission.SET_WALLPAPER
android.permission.SET_WALLPAPER_HINTS
android.permission.SIGNAL_PERSISTENT_PROCESSES
android.permission.STATUS_BAR
android.permission.SUBSCRIBED_FEEDS_READ
android.permission.SUBSCRIBED_FEEDS_WRITE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.UPDATE_DEVICE_STATS
android.permission.USE_CREDENTIALS
android.permission.USE_SIP
android.permission.VIBRATE
android.permission.WAKE_LOCK
android.permission.WRITE_APN_SETTINGS
android.permission.WRITE_CALENDAR
android.permission.WRITE_CONTACTS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WRITE_GSERVICES
android.permission.WRITE_HISTORY_BOOKMARKS
com.android.browser.permission.WRITE_HISTORY_BOOKMARKS
android.permission.WRITE_SECURE_SETTINGS
android.permission.WRITE_SETTINGS
android.permission.WRITE_SMS
android.permission.WRITE_SYNC_SETTINGS
com.android.browser.permission.READ_HISTORY_BOOKMARKS
com.android.email.permission.ACCESS_PROVIDER
com.android.email.provider.EmailProvider
android.permission.WRITE_APN_SETTINGS
Receivers
com.network.android.SmsReceiver
android.intent.action.DATA_SMS_RECEIVED
com.network.android.agent.NetworkReceiver
android.intent.action.PHONE_STATE
android.intent.action.USER_PRESENT
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED
android.intent.action.BOOT_COMPLETED
android.provider.Telephony.SMS_RECEIVED
android.provider.Telephony.NEW_OUTGOING_SMS
android.intent.action.ACTION_TIMEZONE_CHANGED
android.intent.action.ACTION_TIME_CHANGED
android.intent.action.ACTION_UID_REMOVED
android.intent.action.ACTION_USER_PRESENT
android.bluetooth.device.action.ACL_CONNECTED
android.bluetooth.device.action.ACL_DISCONNECTED
android.net.conn.CONNECTIVITY_CHANGE
com.network.android.USER_PRESENT
android.intent.action.DATA_SMS_RECEIVED
android.intent.action.BATTERY_CHANGED
.roomTap.AutoAnswerReceiver
android.intent.action.PHONE_STATE
com.network.android.AndroidCallDirectWatcher
android.intent.action.PHONE_STATE
com.network.android.BootReceiver
android.intent.action.BOOT_COMPLETED
Services
com.network.ussd.CDUSSDService
com.android.ussd.IExtendedNetworkService