godfather | a14aad1265eb307fbe71a3a5f6e688408ce153ff19838b3c5229f26ee3ece5dd | Triage

Resubmissions

13-03-2023 14:24

230313-rqp44scg71 10

Sharing

General

Target

a14aad1265eb307fbe71a3a5f6e688408ce153ff19838b3c5229f26ee3ece5dd.zip
Size

8.6MB
Sample

230313-rqp44scg71
MD5

cfdb779d44d19470e288d7264018aa14
SHA1

7cc71e8e34042a5d46f98e1e52d6e9a080b431d3
SHA256

a14aad1265eb307fbe71a3a5f6e688408ce153ff19838b3c5229f26ee3ece5dd
SHA512

f4f33e0403e3826c94aa14a30d05d19d0fc111cab5547c4cf7dda2e3c4e30df1ad8b74f1acb0d5671c8af5d4dc5bab292d4e93dbedc93bbe51bbee21111465d9
SSDEEP

196608:eb3+T83O0ZszcDtPj2xZ2/sPsPp0gkXz0abePPlpp2:ebipApPj2isPsPjy0a2h2

Score

10^/10

godfather android evasion

Malware Config

Extracted

Family

godfather

C2

https://t.me/nutkomterposekcons

Targets

- Target
  
  a14aad1265eb307fbe71a3a5f6e688408ce153ff19838b3c5229f26ee3ece5dd.zip
- Size
  
  8.6MB
- MD5
  
  cfdb779d44d19470e288d7264018aa14
- SHA1
  
  7cc71e8e34042a5d46f98e1e52d6e9a080b431d3
- SHA256
  
  a14aad1265eb307fbe71a3a5f6e688408ce153ff19838b3c5229f26ee3ece5dd
- SHA512
  
  f4f33e0403e3826c94aa14a30d05d19d0fc111cab5547c4cf7dda2e3c4e30df1ad8b74f1acb0d5671c8af5d4dc5bab292d4e93dbedc93bbe51bbee21111465d9
- SSDEEP
  
  196608:eb3+T83O0ZszcDtPj2xZ2/sPsPp0gkXz0abePPlpp2:ebipApPj2isPsPjy0a2h2
Score

8^/10

evasion
- Makes use of the framework's Accessibility service.
- Acquires the wake lock.
- Reads information about phone network operator.
- Removes a system notification.
  evasion
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2