Overview

overview

10

Static

static

10

184356d900...2b.apk

android-9-x86

7

bookmarks.png

windows7-x64

3

bookmarks.png

windows10-2004-x64

3

feedback.html

windows7-x64

1

feedback.html

windows10-2004-x64

1

history.png

windows7-x64

3

history.png

windows10-2004-x64

3

linef.png

windows7-x64

3

linef.png

windows10-2004-x64

3

search.png

windows7-x64

3

search.png

windows10-2004-x64

3

Resubmissions

29-05-2023 01:09

230529-bhz2caha69 10

12-05-2023 04:55

230512-fj5ensea8z 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    184356d900a545a2d545ab96fa6dd7b46f881a1a80ed134db1c65225e8fa902b.zip

  • Size

    9.7MB

  • MD5

    ddb681de1d72fec97efc5c8ebd9f3c6f

  • SHA1

    688457cc77269fe300b310eddcc0c38ca7f5ef2f

  • SHA256

    0d9c7b40537e5a4d45ea7038bacc49a9af1fb01a0b0e9df226fe21edbd1b7d77

  • SHA512

    b9ae6efb9fdac12bb8b9c2d4a058197ea30ab016a1c0d9075d499d9ed5503f7dab8fdab625e7921f964b73930aa608c12aabdeabdd4f3cc633e510acc11ac871

  • SSDEEP

    196608:I/UwUjgmnsVnJN60e4oO0ZWtcUuYKo4xYBuaHaMZhDnQZN:T3MJVJN60ehWtcUvKgJaMnY

Score
10/10
daam

Malware Config

Extracted

Family

daam

C2

http://192.99.251.51:3000

Attributes
  • uri

    /socket.io

Signatures

  • Daam family
    daam
  • Requests dangerous framework permissions 15 IoCs

Files

  • 184356d900a545a2d545ab96fa6dd7b46f881a1a80ed134db1c65225e8fa902b.zip
    .zip

    Password: infected

  • 184356d900a545a2d545ab96fa6dd7b46f881a1a80ed134db1c65225e8fa902b
    .apk android arch:arm

    Password: infected

    com.psiphon3

    com.psiphon3.StatusActivity


  • bookmarks.png
    .png
  • feedback.html
    .js
  • history.png
    .png
  • linef.png
    .png
  • search.png
    .png