General

  • Target

    20e8864ba525f3c54476aae9069929f459c1aaf8051fbc846caf528eb12e99bc.bin

  • Size

    2.5MB

  • MD5

    64c836eb7426e8009b908ad401facf91

  • SHA1

    fc3e4f5b947a3f82ff31e21c284c00ccfa77d5c1

  • SHA256

    20e8864ba525f3c54476aae9069929f459c1aaf8051fbc846caf528eb12e99bc

  • SHA512

    a3d30fdc21297f92ef277381563ade156cec1c12e5a78faec6fca313ac1ef57f867a368672c08817e64409e3ce094b1796b8402396caccac02657223bfcb9ed8

  • SSDEEP

    49152:Xt7VGyZSUL4VKsEUHrtwbWX+foQ/sx4OtMbotgRsrZP:Xt7VJ0VKsEUHreaXuot4OuzsrZP

Score
10/10

Malware Config

Extracted

Family

ajina

C2

150.241.78.159:8080

Signatures

  • Ajina family
  • Requests dangerous framework permissions 5 IoCs

Files

  • 20e8864ba525f3c54476aae9069929f459c1aaf8051fbc846caf528eb12e99bc.bin
    .apk android

    a_chto.s_ebalom.googl_a_XD

    a_chto.s_ebalom.googl_a_XD.ui.MainActivity


Android Permissions

20e8864ba525f3c54476aae9069929f459c1aaf8051fbc846caf528eb12e99bc.bin

Permissions

android.permission.READ_SMS

android.permission.RECEIVE_SMS

android.permission.READ_PHONE_STATE

android.permission.READ_PHONE_NUMBERS

android.permission.CALL_PHONE

android.permission.INTERNET

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.FOREGROUND_SERVICE

android.permission.USE_EXACT_ALARM

a_chto.s_ebalom.googl_a_XD.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION