61c29f4fdab283ec9b111b8afe218bb15f4a75b12ea21c998595b827c75afd26[.]bin

General

Target

61c29f4fdab283ec9b111b8afe218bb15f4a75b12ea21c998595b827c75afd26.bin
Size

2.3MB
MD5

8e38a34dac62998f9365836d8aef7d87
SHA1

7bbb86e2dbc939170b6beb4a1fc1436c21c9b178
SHA256

61c29f4fdab283ec9b111b8afe218bb15f4a75b12ea21c998595b827c75afd26
SHA512

819f875872caeacebf1b0f9f59e1dce9eb165224a26d0c69307b175d869aecbb340065c9bc1ecdda69c79e0f46750abdcec6a1a05ee1daa5b8c911f3d80c1a3a
SSDEEP

49152:wnglhub+1cWroeN4ecLyfxdS/UhDOv9DUdJ:yb+CEoeN4ecLyfnBB8RUdJ

Score

6^/10

Malware Config

Signatures

Attempts to obfuscate APK file format
Applies obfuscation techniques to the APK format in order to hinder analysis

Declares services with permission to bind to the system 1 IoCs

description	ioc
Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device.	android.permission.BIND_NOTIFICATION_LISTENER_SERVICE

Requests dangerous framework permissions 10 IoCs

description	ioc
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to monitor incoming MMS messages.	android.permission.RECEIVE_MMS
Allows an application to receive WAP push messages.	android.permission.RECEIVE_WAP_PUSH
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to post notifications.	android.permission.POST_NOTIFICATIONS
Allows an application to read the user's call log.	android.permission.READ_CALL_LOG
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows an application to see the number being dialed during an outgoing call with the option to redirect the call to a different number or abort the call altogether.	android.permission.PROCESS_OUTGOING_CALLS

Files

61c29f4fdab283ec9b111b8afe218bb15f4a75b12ea21c998595b827c75afd26.bin
.apk android

ru.putisha.app

ru.putisha.app.MainActivity

Activities

ru.putisha.app.MainActivity

android.intent.action.MAIN
android.intent.action.VIEW
android.intent.action.SEND
android.intent.action.SENDTO

Permissions

android.permission.SEND_SMS
android.permission.RECEIVE_SMS
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.RECEIVE_MMS
android.permission.RECEIVE_WAP_PUSH
android.permission.READ_CELL_BROADCASTS
android.permission.READ_PHONE_STATE
android.permission.FOREGROUND_SERVICE
android.permission.FOREGROUND_SERVICE_DATA_SYNC
android.permission.POST_NOTIFICATIONS
android.permission.WAKE_LOCK
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.QUERY_ALL_PACKAGES
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_CALL_LOG
android.permission.CALL_PHONE
android.permission.PROCESS_OUTGOING_CALLS
android.permission.BIND_NOTIFICATION_LISTENER_SERVICE
ru.putisha.app.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

Receivers

ru.putisha.app.SMSBroadcastReceiver

android.provider.Telephony.SMS_DELIVER

ru.putisha.app.MMSBroadcastReceiver

android.provider.Telephony.WAP_PUSH_DELIVER

ru.putisha.app.BootCompletedReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.REBOOT
android.intent.action.LOCKED_BOOT_COMPLETED

androidx.profileinstaller.ProfileInstallReceiver

androidx.profileinstaller.action.INSTALL_PROFILE
androidx.profileinstaller.action.SKIP_FILE
androidx.profileinstaller.action.SAVE_PROFILE
androidx.profileinstaller.action.BENCHMARK_OPERATION

Services

ru.putisha.app.HeadlessSmsSendService

android.intent.action.RESPOND_VIA_MESSAGE

ru.putisha.app.SmsService

android.intent.action.BOOT_COMPLETED
android.intent.action.LOCKED_BOOT_COMPLETED

ru.putisha.app.NotificationService

android.service.notification.NotificationListenerService

Android Permissions

61c29f4fdab283ec9b111b8afe218bb15f4a75b12ea21c998595b827c75afd26.bin

Permissions

android.permission.SEND_SMS

android.permission.RECEIVE_SMS

android.permission.READ_SMS

android.permission.WRITE_SMS

android.permission.RECEIVE_MMS

android.permission.RECEIVE_WAP_PUSH

android.permission.READ_CELL_BROADCASTS

android.permission.READ_PHONE_STATE

android.permission.FOREGROUND_SERVICE

android.permission.FOREGROUND_SERVICE_DATA_SYNC

android.permission.POST_NOTIFICATIONS

android.permission.WAKE_LOCK

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.QUERY_ALL_PACKAGES

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_CALL_LOG

android.permission.CALL_PHONE

android.permission.PROCESS_OUTGOING_CALLS

android.permission.BIND_NOTIFICATION_LISTENER_SERVICE

ru.putisha.app.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

Sharing

General

Malware Config

Signatures

Files

ru.putisha.app

ru.putisha.app.MainActivity

Activities

ru.putisha.app.MainActivity

Permissions

Receivers

ru.putisha.app.SMSBroadcastReceiver

ru.putisha.app.MMSBroadcastReceiver

ru.putisha.app.BootCompletedReceiver

androidx.profileinstaller.ProfileInstallReceiver

Services

ru.putisha.app.HeadlessSmsSendService

ru.putisha.app.SmsService

ru.putisha.app.NotificationService

Android Permissions

61c29f4fdab283ec9b111b8afe218bb15f4a75b12ea21c998595b827c75afd26.bin