Resubmissions

22-02-2023 18:58

230222-xmxmnsda29 10

22-02-2023 18:58

230222-xmgapaeh2s 10

22-02-2023 18:51

230222-xhqzbsch88 10

21-02-2023 09:58

230221-lzkcbsed34 10

21-02-2023 09:55

230221-lxwycaed27 10

General

  • Target

    a611d499b9528df337068120ad26aed967fad6c3fd1af7fd3f7473698760c612

  • Size

    10.4MB

  • MD5

    8726929725a0867495ee8a13ff7c01c3

  • SHA1

    283617c5b49633ccfb34dd4dc832f4baa54881c2

  • SHA256

    a611d499b9528df337068120ad26aed967fad6c3fd1af7fd3f7473698760c612

  • SHA512

    aba0985559fddd612826cf4c9e517693c646d4efdb5c2ea18ca5ff050e26fd6b5a0ef966d8492bc8f429e8acc0c3e994b90d38b2d39bb8665deecebd3303db3c

  • SSDEEP

    196608:msmSV4hd1UDWTUxeF1AO751JsLnaxSvnecPbA5PU70Gx+3liHjT:pefMWTUxKu65IOxSpPbAbXliDT

Score
10/10

Malware Config

Extracted

Family

gigabud

C2

http://adcf6.cc/x/command?token=

http://8.219.85.91:8888/push-streaming?id=1234

Signatures

  • Gigabud family
  • Requests dangerous framework permissions 9 IoCs

Files

  • a611d499b9528df337068120ad26aed967fad6c3fd1af7fd3f7473698760c612
    .apk android arch:arm

    ru.yandex.taxi

    com.mobilelive.showCommunity.activity.SplashActivity


Android Permissions

a611d499b9528df337068120ad26aed967fad6c3fd1af7fd3f7473698760c612

Permissions

android.permission.REQUEST_DELETE_PACKAGES

android.permission.QUERY_ALL_PACKAGES

android.permission.GET_INSTALLED_APPS

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_FRAME_BUFFER

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.INTERNET

android.permission.FOREGROUND_SERVICE

android.permission.READ_PHONE_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.CAMERA

android.permission.RECORD_AUDIO

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_NETWORK_STATE

android.permission.READ_SMS

android.permission.RECEIVE_SMS

android.permission.SEND_SMS

android.permission.SYSTEM_ALERT_WINDOW

android.permission.SYSTEM_OVERLAY_WINDOW

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.READ_EXTERNAL_STORAGE

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.WRITE_SETTINGS

android.permission.ACCESS_NOTIFICATION_POLICY