Managed XDR

telegram_encrypted_enstr.apk — malware analysis report

File info

Filename
telegram_encrypted_enstr.apk
File type
Zip archive data, at least v2.0 to extract
File size
5 MB
First seen
Last seen

Environment

droid7/x86 ru

Hashes

SHA1
489848161c200dc90aff81ca08199da8ff36f640
SHA256
96b2005488ae8979282af726dd2bc32967c96924b0ed415a87bc284f1abe18e7
MD5
1aa321376e792147c1df73daf4e80171

Signatures

Other

device_admin: Asks for device admin rights
is_device_admin: Check accessibility - device admin
runtime_exec: Starts native process
acquire: Acquires the wake lock
skip_main_activity: Abort loading MainActivity
super_user: Checks root access
wake_lock: Creates a new wake lock
dex_elements: Modifies classes path (possibly, dynamic code loading)
power_vendor: Unlimited access to individual vendor power settings
reflection: Uses reflection
media_recorder: Using the MediaRecorder
register_receiver: Registers broadcast receiver
read_or_write_global_settings: Read or write global settings
shared_prefs: Uses shared preferences
trowable: Throwable exceptions
start_activity: Starts activity
start_service: Starts service
keyguard_manager: Interaction with Keyguard Manager
get_runtime: Gets Runtime class
read_or_write_secure_settings: Read or write secure settings
change_screen_status: Display status is changed
notify: Attempts to create a notification