#phishing
Target: Income Tax Department India 🇮🇳
Contains 3 malicious apps.
MD5: 6BD516C7AFCFAE7AB62CFB3683980E08
MD5: 5536CD56E6313AB403ACD4DF3CF612FB
MD5: A1D5659FE3E0B85670FF77F3A1228C9B
Sample not available in VT.
Android Trojan-Dropper Found on Google Play
10,000+ Installs
Encrypted Payload file
assets/36290 (encrypted)
decrypt the file with XOR Key '0xC2'
you will get the original .dex - IOC: F8E13CC7D3968FCABF7D1938826B0B45
has the base64 encoded strings.