Overview

overview

10

Static

static

7

ndQOhY0ypd.apk

android-10-x64

10

ndQOhY0ypd.apk

android-11-x64

10

Resubmissions

13-10-2022 15:48

221013-s89f5sbhen 10

06-10-2022 16:41

221006-t7h38sacan 10

05-10-2022 13:53

221005-q667wseeb2 10

31-08-2022 20:23

220831-y6g7rsdba5 10

31-08-2022 20:11

220831-yykb6abbdk 10

31-08-2022 19:40

220831-ydqy7sagfk 10

31-08-2022 17:36

220831-v6tzsahdgm 10

31-08-2022 17:32

220831-v4htqshddn 7

Analysis

  • max time kernel
    4119939s
  • max time network
    586s
  • platform
    android_x64
  • resource
    android-x64-20220823-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20220823-enlocale:en-usos:android-10-x64system
  • submitted
    31-08-2022 20:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ndQOhY0ypd.apk

  • Size

    5.2MB

  • MD5

    ca559118f4605b0316a13b8cfa321f65

  • SHA1

    5ef4d5784738d79f22f9bc5e8db7c94985bc1a3a

  • SHA256

    3eb7efa71648ae819f1bff89399717805129487081e8261dd65bf596f2467054

  • SHA512

    091f07d51e9d7c924666f28a30b03e5ff887e239ad2ed9a99cbd65e7b9350c6fc89cafdbbe05de27f8ea6dc90ff8484c1b692fc891b58fcc6104fa6878e8f3d7

  • SSDEEP

    98304:+Ld3yR0X7GPzP21DeReIrJ0jJMooanGHNdyc7scnuB5k9MWdU:+LxyR0X7Qz/diMolGfyXcNMWdU

Score
10/10
malibotbankerinfostealertrojan

Malware Config

Signatures

  • Malibot payload 1 IoCs
  • malibot

    Malibot is an Android banking malware with the ability to bypass 2FA/MFA codes.

    infostealertrojanbankermalibot
  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • com.slhytrowb.wfxaicaiw
    1⤵
    • Loads dropped Dex/Jar
    PID:4942

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.slhytrowb.wfxaicaiw/app_webview/.com.google.Chrome.uygxzQ
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/com.slhytrowb.wfxaicaiw/app_webview/Cookies
    Filesize

    64KB

    MD5

    9b23e6a88d5a95f155f205cb04b93cd0

    SHA1

    b62dccbbef087a0731f226b96d15d35d8aa5e5fc

    SHA256

    f2f3c3c0c7f085399a6f9a464c1ac30a59ceeb5a4b7026286fa5609e6e8ef857

    SHA512

    bce5f25d98e2e8296c4101b62082dcb6a43902f3431ff6f725e41be6b9aece76e887ef94c4818baf4da845708fd76fd51c37fb6915710c870647593868f27482

    Download Submit

  • /data/user/0/com.slhytrowb.wfxaicaiw/app_webview/Cookies-journal
    Filesize

    1KB

    MD5

    bc8495bb535f383e713ba9b01611fffc

    SHA1

    e8c526eaa67c9fc6d4357492063a91f329bcb063

    SHA256

    a8f823a1d8d32ddc69b667d211cbad7714187df2a1c34709cbca448b0df4b2b7

    SHA512

    ca4d8a60b0f0f4858c419ed6dda23e3812570f237ec4d98c276656df030f1788509a0cb1ecb79ef22631880895eb3daf8b663debd6e64242c0d2a81cce255069

    Download Submit

  • /data/user/0/com.slhytrowb.wfxaicaiw/app_webview/GPUCache/index
    Filesize

    48B

    MD5

    6d7d499960179766cd4261d12dacc411

    SHA1

    e6f8553b0015e12b23cc551afe98763f3b1c9bed

    SHA256

    c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

    SHA512

    6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

    Download Submit

  • /data/user/0/com.slhytrowb.wfxaicaiw/app_webview/GPUCache/index-dir/temp-index
    Filesize

    96B

    MD5

    8172b5362714208bf96e70f47d59d2a0

    SHA1

    38ef6f9da94f984634cf0579b3baa323b5ce95b0

    SHA256

    2960837abd56150bfce1b57f073c3ef42b418749f7acef6809b05a609d22e35e

    SHA512

    7537c7208e1d540df2af98b8437e01fa9e7fb99d1439b6c07ab9d9aaa9132409c2376777cea18551213487681b46a8bf7a4fef054393ecda9fdcf5562b7e9bca

    Download Submit

  • /data/user/0/com.slhytrowb.wfxaicaiw/app_webview/Web Data
    Filesize

    112KB

    MD5

    b663831f8cc130493476d94f2d7a5330

    SHA1

    043a1956ab8e40821d67043f8a9110a8eb36fb93

    SHA256

    c109aa8bfc364d5fd0756f1c9d35ee3d6df31325061ac70d8469f28cfc882ab7

    SHA512

    e8ee923192cdf16318febdc23362f3eeaf5c914b923f80cd3a91a2e83e94bced54460d4ef1e54accc26a7d54b89e2e10c00097e60002cf6427298dc5f18fed16

    Download Submit

  • /data/user/0/com.slhytrowb.wfxaicaiw/app_webview/Web Data-journal
    Filesize

    1KB

    MD5

    00376fc85233f1f75b7a8656223935d1

    SHA1

    77025146c58d5e99d69075e16b8451d1bcae166b

    SHA256

    7823a7021c35b53a76b4a163a8d80b58209a56f18f2f3e25fca50ffe7f247744

    SHA512

    e336d28cac5afa9678f40147f88ba10b7b54586e940227d3b9f74614f842fd56d8432f74d3bf21bb8d3032d29d499859707c2cc9f64d8a183bbbf52782d2c8e2

    Download Submit

  • /data/user/0/com.slhytrowb.wfxaicaiw/app_webview/metrics_guid
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/com.slhytrowb.wfxaicaiw/app_webview/metrics_guid
    Filesize

    36B

    MD5

    ab9ede51a8bbc17d45904a280eaad5e1

    SHA1

    5f50ef2dd5c38780530596813ddc1325415b67ee

    SHA256

    aed283d3ae0a3b0ef1a8906392c57c45a4dfdff61879dc111c28a674d9c40628

    SHA512

    493d87cfe70db7175683b7550608f4694cb363ae488962b9957e2daafefb97e69d7336a50a45c4560f961961f911874016a199dbf867160059953a32243ac7c3

    Download Submit

  • /data/user/0/com.slhytrowb.wfxaicaiw/app_webview/variations_seed_new
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/com.slhytrowb.wfxaicaiw/app_webview/variations_stamp
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/com.slhytrowb.wfxaicaiw/app_webview/webview_data.lock
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/com.slhytrowb.wfxaicaiw/cache/WebView/Crashpad/settings.dat
    Filesize

    40B

    MD5

    e68596e851fd4889e8a0279dba039d18

    SHA1

    39254193efe56510bd30cb855d347b61eb7be2ed

    SHA256

    f5d1c6db9b2efa8c65dbed1efde400a023e8976d64a253ff048437de0fee55bb

    SHA512

    a08f495964890b6d830db10c3ea0b487bf63f1ae2fb7aa4317f2e4fa4d47ba9c8b78c1ab4066f483015829ea2093bedfc9e30605b286be3031e6da158d1d3309

    Download Submit

  • /data/user/0/com.slhytrowb.wfxaicaiw/cache/org.chromium.android_webview/1c8cab44519da61b_0
    Filesize

    340B

    MD5

    80820283ef777f8dc30a51c05ebe503c

    SHA1

    139d8c1ba3b34efab7ebc1cdc5044500abfc2290

    SHA256

    a584e17fdbabb02d34c0d83c23350bc9db9a9839badc5272bab1a2d9d151b132

    SHA512

    cded306868af1fcf836d30600c9b5585e1119a3181d2608467071e7ec867843bc3c64256e88461fd9b605e484e157c1828e03b9e0f6cb75a42a51283f33f13a4

    Download Submit

  • /data/user/0/com.slhytrowb.wfxaicaiw/cache/org.chromium.android_webview/Code Cache/js/index
    Filesize

    48B

    MD5

    6d7d499960179766cd4261d12dacc411

    SHA1

    e6f8553b0015e12b23cc551afe98763f3b1c9bed

    SHA256

    c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

    SHA512

    6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

    Download Submit

  • /data/user/0/com.slhytrowb.wfxaicaiw/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-index
    Filesize

    96B

    MD5

    09027b22f4274bcc3c5f7bb57614cc22

    SHA1

    d0523a412982519e44c10386132bce465569b2fb

    SHA256

    fe1b7dec28eaed4e8d2e5234d68961db05c2171bbf863428e56a257be3f3b0b1

    SHA512

    409c7186e52aa3ae1fab38780868d1c4d33b2dfd60c524e34119e326cf8b60663ca530223fcc268f17dc9394635f05d6fddb98278aa163c6cccf7ee5ceb6d47d

    Download Submit

  • /data/user/0/com.slhytrowb.wfxaicaiw/cache/org.chromium.android_webview/e4db911cfa09c606_0
    Filesize

    520B

    MD5

    5e825535913d4021e85192bb9560b825

    SHA1

    33aaa817de7358769185b139e54355d3585cfafc

    SHA256

    40dbda1f4318758873d4a80d21f9da4919ddb8cac53ddf2ee94480d0585789d6

    SHA512

    aefeb124c2f7679ccdf4fb4acdc12d3f1553692d56cba96828133ffe3c61e91027c7a755c670f8610a53970ebfc53f5ece5f2d7d65a4e01969544013d8b4baae

    Download Submit

  • /data/user/0/com.slhytrowb.wfxaicaiw/cache/org.chromium.android_webview/ee7454f6f7222f8a_0
    Filesize

    338B

    MD5

    ef11061a2bbde73ad896d5f4d6d3a4d5

    SHA1

    0f34c91b18d4cd058348e0769b7eba1cbc5f5973

    SHA256

    ae4acb30bf49099c24e888a7a6bb6164dcf8d7074ea2e23a4ce593f843622b63

    SHA512

    d20d08620c3e1aee5113c0ba57b8066fc0cf13dac68356d9a620c8349a401bdca1610a180c1a7f727ba695bb1e7c368cd15bce6282f5c313d1921c21effa3d79

    Download Submit

  • /data/user/0/com.slhytrowb.wfxaicaiw/cache/org.chromium.android_webview/index
    Filesize

    48B

    MD5

    6d7d499960179766cd4261d12dacc411

    SHA1

    e6f8553b0015e12b23cc551afe98763f3b1c9bed

    SHA256

    c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

    SHA512

    6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

    Download Submit

  • /data/user/0/com.slhytrowb.wfxaicaiw/cache/org.chromium.android_webview/index-dir/temp-index
    Filesize

    96B

    MD5

    786d9871e5863776f0cf8319641c4ba7

    SHA1

    446b00be15cc33e5c4b4f8b3dd4d848041e039d7

    SHA256

    c301c606f7b0b2a50ad726f868e3bfb228d52eaae11e9624c183cc26886c9161

    SHA512

    61f963ad853b41450346091728e9ede0e2f38a98a50f528cf8a134c02a7f38bf3ffd2ce2b40beee7e607e8e31e39b1be011b6c98774b9b15fdee2a5e66122d97

    Download Submit

  • /data/user/0/com.slhytrowb.wfxaicaiw/cache/org.chromium.android_webview/index-dir/temp-index
    Filesize

    96B

    MD5

    4e603222a9a2cb3fa6906ebd9a0f5fad

    SHA1

    423aed57065dcedd0f67966f49f917d2b2a4d2b2

    SHA256

    0df8c42b772fb8867e0953adfe39722e56c42f8a51c228859fe118a5eed01130

    SHA512

    7650c93e19365d0f7b97023f491e8e07fa72e2040608443684492f6527fb90a0fa3728dacae28c455eb14c90a0a6592fef4e667ddb16be8509edc434bf393001

    Download Submit

  • /data/user/0/com.slhytrowb.wfxaicaiw/ihoftigt8f/ffkyffUhHfh8I89/base.apk.hkyhafI1.g8k
    Filesize

    1.7MB

    MD5

    2426b919cdc0753cfda937d3a87d6226

    SHA1

    f258933ea1ecdb552475032b89fc2b3c83e0e6f0

    SHA256

    e7c8f9bacba13bdadf4c74cf356dc7734b0a269bf1bf02695fbba37f87eaeb98

    SHA512

    2cbb1dbee4a7d8bba818b416b7015ba5128cf77b9ba53906fd6efc2940ee71341e62292a79e43eaaf061a6cd4c21a96893354ab4b8b54e35708b768de5fbf21e

    Download Submit

  • /data/user/0/com.slhytrowb.wfxaicaiw/ihoftigt8f/ffkyffUhHfh8I89/g8yUt8ff.atdy
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/com.slhytrowb.wfxaicaiw/ihoftigt8f/ffkyffUhHfh8I89/tmp-base.apk.hkyhafI7457215927260521110.g8k
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/com.slhytrowb.wfxaicaiw/shared_prefs/WebViewChromiumPrefs.xml
    Filesize

    127B

    MD5

    6ef709b8536878951e87c29a1518fc2b

    SHA1

    24376c70b00152501b3d98df61fa7db435339172

    SHA256

    10b13d894f36d4391fcc31313a244d5f6cd89c8e8c03347282e281c4af13c0a6

    SHA512

    96547eff6779251a5c4941e812ec56ed273e9270265005723e1f2864688b04f3b852a90145fba4ea0ddf1e02b39d99e33d28f761b07a04d46e0e4257d8909ff9

    Download Submit

  • /data/user/0/com.slhytrowb.wfxaicaiw/shared_prefs/com.android.launcher3.prefs.xml
    Filesize

    128B

    MD5

    20837fd8daf2a2de8d6c4ccd8e90653a

    SHA1

    7ac08617bd4585151c239325aea243d9eca586f7

    SHA256

    e05f0ae0ee70ef2efac07e999da273b5f506462b67549f9080f6cdf469d70cec

    SHA512

    a4fd7ac1ce847a84fe4f47c2e7079f00b16b86213fe840b70e3a55992a043da99ca6fe1c9a723e709e2ee3985ed3b7c5a299d1cf5b29e8228f3f81d3cbb6876a

    Download Submit

  • /data/user/0/com.slhytrowb.wfxaicaiw/shared_prefs/multidex.version.xml
    Filesize

    307B

    MD5

    7257f3d2d256490fbc95507462ce55e7

    SHA1

    371fda3fd3e4cd67e3c2ae0be362c058daa17df2

    SHA256

    e7eb975de23a70895c018453e585b05bf5a6303a0489b751ddc67c8b6e6aa34b

    SHA512

    ad85311904719c690d3ca0ad8f96815ffac397f5b7faaebf22be9cee70c37db8c805c9916351ecd1c25475181f965d4ade1e814ea36f7c27c9a11ce2c3e5b8b8

    Download Submit