daam | 0d9c7b40537e5a4d45ea7038bacc49a9af1fb01a0b0e9df226fe21edbd1b7d77 | Triage

Resubmissions

29/05/2023, 01:09

230529-bhz2caha69 10

12/05/2023, 04:55

230512-fj5ensea8z 10

Sharing

General

Target

184356d900a545a2d545ab96fa6dd7b46f881a1a80ed134db1c65225e8fa902b.zip
Size

9.7MB
Sample

230512-fj5ensea8z
MD5

ddb681de1d72fec97efc5c8ebd9f3c6f
SHA1

688457cc77269fe300b310eddcc0c38ca7f5ef2f
SHA256

0d9c7b40537e5a4d45ea7038bacc49a9af1fb01a0b0e9df226fe21edbd1b7d77
SHA512

b9ae6efb9fdac12bb8b9c2d4a058197ea30ab016a1c0d9075d499d9ed5503f7dab8fdab625e7921f964b73930aa608c12aabdeabdd4f3cc633e510acc11ac871
SSDEEP

196608:I/UwUjgmnsVnJN60e4oO0ZWtcUuYKo4xYBuaHaMZhDnQZN:T3MJVJN60ehWtcUvKgJaMnY

Score

10^/10

daam android evasion

Malware Config

Extracted

Family

daam

C2

http://192.99.251.51:3000

Attributes

uri
/socket.io

Targets

- Target
  
  184356d900a545a2d545ab96fa6dd7b46f881a1a80ed134db1c65225e8fa902b
- Size
  
  11.4MB
- MD5
  
  99580a341b486a2f8b177f20dc6f782e
- SHA1
  
  bc826967c90acc08f1f70aa018f5d13f31521b92
- SHA256
  
  184356d900a545a2d545ab96fa6dd7b46f881a1a80ed134db1c65225e8fa902b
- SHA512
  
  d2cfbc281fe353b8018cb4e7a861a551f0ebfccb65aa03e964109db8f0caf424eace828f268f01d99d074c89990dc2e7091ba3971c513d781dd4792212463957
- SSDEEP
  
  196608:fJ3KuqWHMH+fOll0iiapsSxMGsLe/QLtdsoBnkUFH1apjp2pE9AhrVEnUqxVq+b:flK7WW+Ggii8sSxMGN/SdpvX8N2p9kXh
Score

7^/10

evasion
- Acquires the wake lock.
- Removes a system notification.
  evasion
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1