Clicky

Monday, March 19, 2018

Android Tizi - Samples



2017/11/25  Research: Google. Tizi: Detecting and blocking socially engineered spyware on Android 

List of SHA256 hashes
com.press.nasa.com.tanofresh
4d780a6fc18458311250d4d1edc750468fdb9b3e4c950dce5b35d4567b47d4a7

com.dailyworkout.tizi
7c6af091a7b0f04fb5b212bd3c180ddcc6abf7cd77478fd22595e5b7aa7cfd9f

com.system.update.systemupdate
7a956c754f003a219ea1d2205de3ef5bc354419985a487254b8aeb865442a55e

19032b32cc0d99e65f32a28ecffc411572bb58cc19c8cf8195339dd30011e54c
3135c6a2793b66c73aacc668f0fddcdf8afdb0749024d408f592bf715e4c68ac
b702149585354b78ee317e2cc1d89e35bf59d73e9610c6b2950899a5f1315fa5
ccf604ba0393ac28c6b5f9f8bb719de251476968589df0239c743e30e1eb2707


Download. Email me if you need the password













Sandbox results
Required permissions
android.permission.CHANGE_NETWORK_STATE (change network connectivity)
android.permission.ACCESS_COARSE_UPDATES (Unknown permission from android reference)
android.permission.READ_CALENDAR (read calendar events)
android.permission.PROCESS_OUTGOING_CALLS (intercept outgoing calls)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.INTERNET (full Internet access)
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.SEND_SMS (send SMS messages)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.READ_CALL_LOG (read the user's call log.)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.RECORD_AUDIO (record audio)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.CALL_PHONE (directly call phone numbers)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.READ_SMS (read SMS or MMS)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.CHANGE_WIFI_STATE (change Wi-Fi status)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.READ_CONTACTS (read contact data)
android.location.GPS_ENABLED_CHANGE (Unknown permission from android reference)
android.permission.GET_ACCOUNTS (discover known accounts)
 Activities
com.system.update.systemupdate.MainActivity
 Services
com.system.update.systemupdate.services.MQTTService
 Receivers
com.system.update.systemupdate.receivers.StartOnBoot
com.system.update.systemupdate.receivers.RestartUpdateService
com.system.update.systemupdate.receivers.StartOnData
 Activity-related intent filters
com.system.update.systemupdate.MainActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
 Receiver-related intent filters
com.system.update.systemupdate.receivers.StartOnBoot
actions: android.intent.action.BOOT_COMPLETED, android.intent.action.QUICKBOOT_POWERON
com.system.update.systemupdate.receivers.StartOnData
actions: android.net.conn.CONNECTIVITY_CHANGE
com.system.update.systemupdate.receivers.RestartUpdateService
actions: android.net.conn.CONNECTIVITY_CHANGE
 Application certificate information

Subject
    DN: C:US, CN:Android Debug, O:Android
    C: US
    CN: Android Debug
    O: Android
validto: 09:20 AM 10/25/2046
serialnumber: 01
thumbprint: 4d2962ac1f6551435709a5a874595d855b1fa8ab
validfrom: 09:20 AM 11/01/2016
Issuer
    DN: C:US, CN:Android Debug, O:Android
    C: US
    CN: Android Debug
    O: Android

The file being studied is a compressed stream! Details about the compressed contents follow.
 Contained files
This file is a compressed stream containing 241 files.
[+] classes.dex DEX 752 Bytes
[+] classes2.dex DEX 64752 Bytes
[+] AndroidManifest.xml XML 8076 Bytes
[+] META-INF/CERT.RSA unknown 765 Bytes
[+] META-INF/CERT.SF unknown 24185 Bytes
[+] META-INF/MANIFEST.MF unknown 24142 Bytes
[+] bundle.properties unknown 673 Bytes
[+] instant-run.zip ZIP 2513313 Bytes
[+] org/eclipse/paho/client/mqttv3/internal/nls/logcat.proper... unknown 4550 Bytes
[+] org/eclipse/paho/client/mqttv3/internal/nls/messages.prop... unknown 1297 Bytes
[+] org/eclipse/paho/client/mqttv3/internal/nls/messages_cs.p... unknown 1529 Bytes
[+] org/eclipse/paho/client/mqttv3/internal/nls/messages_de.p... unknown 1401 Bytes
[+] org/eclipse/paho/client/mqttv3/internal/nls/messages_es.p... unknown 1409 Bytes
[+] org/eclipse/paho/client/mqttv3/internal/nls/messages_fr.p... unknown 1367 Bytes
[+] org/eclipse/paho/client/mqttv3/internal/nls/messages_hu.p... unknown 1658 Bytes
[+] org/eclipse/paho/client/mqttv3/internal/nls/messages_it.p... unknown 1238 Bytes
[+] org/eclipse/paho/client/mqttv3/internal/nls/messages_ja.p... unknown 2488 Bytes
[+] org/eclipse/paho/client/mqttv3/internal/nls/messages_ko.p... unknown 2111 Bytes
[+] org/eclipse/paho/client/mqttv3/internal/nls/messages_pl.p... unknown 1621 Bytes
[+] org/eclipse/paho/client/mqttv3/internal/nls/messages_pt_B... unknown 1426 Bytes
[+] org/eclipse/paho/client/mqttv3/internal/nls/messages_ru.p... unknown 3676 Bytes
[+] org/eclipse/paho/client/mqttv3/internal/nls/messages_zh_C... unknown 1590 Bytes
[+] org/eclipse/paho/client/mqttv3/internal/nls/messages_zh_T... unknown 1636 Bytes
[+] org/eclipse/paho/client/mqttv3/logging/jsr47min.properties unknown 3568 Bytes
[+] res/anim/abc_fade_in.xml XML 396 Bytes
[+] res/anim/abc_fade_out.xml XML 396 Bytes
[+] res/anim/abc_grow_fade_in_from_bottom.xml XML 860 Bytes
[+] res/anim/abc_popup_enter.xml XML 512 Bytes
[+] res/anim/abc_popup_exit.xml XML 512 Bytes
[+] res/anim/abc_shrink_fade_out_from_bottom.xml XML 860 Bytes
[+] res/anim/abc_slide_in_bottom.xml XML 400 Bytes
[+] res/anim/abc_slide_in_top.xml XML 400 Bytes
[+] res/anim/abc_slide_out_bottom.xml XML 400 Bytes
[+] res/anim/abc_slide_out_top.xml XML 400 Bytes
[+] res/color-v11/abc_background_cache_hint_selector_material... XML 472 Bytes
[+] res/color-v11/abc_background_cache_hint_selector_material... XML 472 Bytes
[+] res/color-v23/abc_btn_colored_borderless_text_material.xml XML 504 Bytes
[+] res/color-v23/abc_color_highlight_material.xml XML 548 Bytes
[+] res/color-v23/abc_tint_btn_checkable.xml XML 628 Bytes
[+] res/color-v23/abc_tint_default.xml XML 1128 Bytes
[+] res/color-v23/abc_tint_edittext.xml XML 672 Bytes
[+] res/color-v23/abc_tint_seek_thumb.xml XML 504 Bytes
[+] res/color-v23/abc_tint_spinner.xml XML 672 Bytes
[+] res/color-v23/abc_tint_switch_thumb.xml XML 628 Bytes
[+] res/color-v23/abc_tint_switch_track.xml XML 668 Bytes
[+] res/color/abc_btn_colored_borderless_text_material.xml XML 608 Bytes
[+] res/color/abc_hint_foreground_material_dark.xml XML 568 Bytes
[+] res/color/abc_hint_foreground_material_light.xml XML 568 Bytes
[+] res/color/abc_primary_text_disable_only_material_dark.xml XML 468 Bytes
[+] res/color/abc_primary_text_disable_only_material_light.xml XML 468 Bytes
[+] res/color/abc_primary_text_material_dark.xml XML 468 Bytes
[+] res/color/abc_primary_text_material_light.xml XML 468 Bytes
[+] res/color/abc_search_url_text.xml XML 596 Bytes
[+] res/color/abc_secondary_text_material_dark.xml XML 468 Bytes
[+] res/color/abc_secondary_text_material_light.xml XML 468 Bytes
[+] res/color/abc_tint_btn_checkable.xml XML 732 Bytes
[+] res/color/abc_tint_default.xml XML 1232 Bytes
[+] res/color/abc_tint_edittext.xml XML 776 Bytes
[+] res/color/abc_tint_seek_thumb.xml XML 608 Bytes
[+] res/color/abc_tint_spinner.xml XML 776 Bytes
[+] res/color/abc_tint_switch_thumb.xml XML 732 Bytes
[+] res/color/abc_tint_switch_track.xml XML 772 Bytes
[+] res/color/switch_thumb_material_dark.xml XML 468 Bytes
[+] res/color/switch_thumb_material_light.xml XML 468 Bytes
[+] res/drawable-ldrtl-xhdpi-v17/abc_ic_menu_copy_mtrl_am_alp... PNG 236 Bytes
[+] res/drawable-ldrtl-xhdpi-v17/abc_ic_menu_cut_mtrl_alpha.png PNG 494 Bytes
[+] res/drawable-ldrtl-xhdpi-v17/abc_spinner_mtrl_am_alpha.9.png PNG 483 Bytes
[+] res/drawable-v21/abc_action_bar_item_background_material.xml XML 336 Bytes
[+] res/drawable-v21/abc_btn_colored_material.xml XML 1908 Bytes
[+] res/drawable-v21/abc_edit_text_material.xml XML 1360 Bytes
[+] res/drawable-v21/abc_ratingbar_indicator_material.xml XML 712 Bytes
[+] res/drawable-v21/abc_ratingbar_material.xml XML 712 Bytes
[+] res/drawable-v21/abc_ratingbar_small_material.xml XML 712 Bytes
[+] res/drawable-v21/notification_action_background.xml XML 496 Bytes
[+] res/drawable-v23/abc_control_background_material.xml XML 380 Bytes
[+] res/drawable-xhdpi-v4/abc_ab_share_pack_mtrl_alpha.9.png PNG 297 Bytes
[+] res/drawable-xhdpi-v4/abc_btn_check_to_on_mtrl_000.png PNG 281 Bytes
[+] res/drawable-xhdpi-v4/abc_btn_check_to_on_mtrl_015.png PNG 432 Bytes
[+] res/drawable-xhdpi-v4/abc_btn_radio_to_on_mtrl_000.png PNG 651 Bytes
[+] res/drawable-xhdpi-v4/abc_btn_radio_to_on_mtrl_015.png PNG 785 Bytes
[+] res/drawable-xhdpi-v4/abc_btn_switch_to_on_mtrl_00001.9.png PNG 2259 Bytes
[+] res/drawable-xhdpi-v4/abc_btn_switch_to_on_mtrl_00012.9.png PNG 2606 Bytes
[+] res/drawable-xhdpi-v4/abc_cab_background_top_mtrl_alpha.9... PNG 234 Bytes
[+] res/drawable-xhdpi-v4/abc_ic_commit_search_api_mtrl_alpha... PNG 228 Bytes
[+] res/drawable-xhdpi-v4/abc_ic_menu_copy_mtrl_am_alpha.png PNG 178 Bytes
[+] res/drawable-xhdpi-v4/abc_ic_menu_cut_mtrl_alpha.png PNG 492 Bytes
[+] res/drawable-xhdpi-v4/abc_ic_menu_paste_mtrl_am_alpha.png PNG 360 Bytes
[+] res/drawable-xhdpi-v4/abc_ic_menu_selectall_mtrl_alpha.png PNG 183 Bytes
[+] res/drawable-xhdpi-v4/abc_ic_menu_share_mtrl_alpha.png PNG 918 Bytes
[+] res/drawable-xhdpi-v4/abc_ic_star_black_16dp.png PNG 333 Bytes
[+] res/drawable-xhdpi-v4/abc_ic_star_black_36dp.png PNG 652 Bytes
[+] res/drawable-xhdpi-v4/abc_ic_star_black_48dp.png PNG 1578 Bytes
[+] res/drawable-xhdpi-v4/abc_ic_star_half_black_16dp.png PNG 431 Bytes
[+] res/drawable-xhdpi-v4/abc_ic_star_half_black_36dp.png PNG 421 Bytes
[+] res/drawable-xhdpi-v4/abc_ic_star_half_black_48dp.png PNG 548 Bytes
[+] res/drawable-xhdpi-v4/abc_list_divider_mtrl_alpha.9.png PNG 167 Bytes
[+] res/drawable-xhdpi-v4/abc_list_focused_holo.9.png PNG 244 Bytes
[+] res/drawable-xhdpi-v4/abc_list_longpressed_holo.9.png PNG 214 Bytes
[+] res/drawable-xhdpi-v4/abc_list_pressed_holo_dark.9.png PNG 214 Bytes
[+] res/drawable-xhdpi-v4/abc_list_pressed_holo_light.9.png PNG 214 Bytes  Contract

No comments:

Post a Comment