Overview

overview

10

Static

static

10

184356d900...2b.apk

android-10-x64

184356d900...2b.apk

android-11-x64

7

184356d900...2b.apk

android-9-x86

7

Resubmissions

04/12/2023, 23:28

231204-3gfpvsgb7y 10

13/06/2023, 19:55

230613-ynlr8sbh2t 10

02/06/2023, 09:08

230602-k358jabb2y 10

01/06/2023, 00:07

230601-aepwjacb2s 10

31/05/2023, 21:48

230531-1n57zsbf7v 10

29/05/2023, 18:41

230529-xbwk8sdd91 10

Sharing

Copy URL Twitter E-mail

General

  • Target

    184356d900a545a2d545ab96fa6dd7b46f881a1a80ed134db1c65225e8fa902b.zip

  • Size

    9.7MB

  • MD5

    d10f27218bb050197ce23aefc6b8652d

  • SHA1

    bb695a318e6b2b6f79baa6a6829939a0a993a159

  • SHA256

    ac9e27cd229e193e142e8e3800f34a2315936e65dc24c645663ddef07d463c2e

  • SHA512

    a9a27f8eb6a8bbbb92945714a659c8cedc3fd3cea14c150453bc876f465fc720009a5a83ce94f2bf38fc7a73a79a935535536e4af14842c84015adac63547149

  • SSDEEP

    196608:iOyFlPjhYCr8Xc4FIHpmb6JOdHitA19rZ9RyGrVEDYyWe22utSxD:iOyFl7apc8N+JO01DTWexutSt

Score
10/10
daam

Malware Config

Extracted

Family

daam

C2

http://192.99.251.51:3000

Attributes
  • uri

    /socket.io

Signatures

  • Daam family
    daam
  • Requests dangerous framework permissions 15 IoCs

Files

  • 184356d900a545a2d545ab96fa6dd7b46f881a1a80ed134db1c65225e8fa902b.zip
    .zip

    Password: infected

  • 184356d900a545a2d545ab96fa6dd7b46f881a1a80ed134db1c65225e8fa902b
    .apk android arch:arm

    Password: infected

    com.psiphon3

    com.psiphon3.StatusActivity


  • bookmarks.png
    .png
  • feedback.html
    .js
  • history.png
    .png
  • linef.png
    .png
  • search.png
    .png