I got my hands on an active android malware and reversed it

Disclaimer : I am not an android developer and i hate java so i dont know much about the code . So if i make any mistake please correct me . Now lets get started

My friend received a message with a shortened link that points to a github website . This website keeps changing but here is the shortened URL .

If you are from India then you may know that some state govts provides laptops to highschool students . Even i got one once and my laptop was from lenevo so for some people this will look quite legit.

I downloaded the apk . The apk is getting updated . I used jadx to decompile the apk . I opened the mainactivity class

It opens a splash screen named atmanirbhsplash . After that it runs another class called chapkadhav.class . This class will show you some ads and ask for your phone number and ask for almost every permission . Then it starts a service and runs a class called blasting . This sends the sms in order to spread itself . It will run a class called b .

This class reads your contact and stores it in an array . There are two classes to send text messages . Thse chapkadhav class checks a condition . I dont know what this is but according to a stack overflow article its checking the month but it does not make any sense to me

The blasting class then gets the phone number . There is a function to check if the number is active or exists . It uses the api of jio to check if the number exists and this is how the malware spreads . Its an adware to be exact

I am a hacker and ex-web developer . I sometime work as a freelance dev/hacker . Sometime I hunt bugs