chameleon

Sharing

Copy URL Twitter E-mail

General

Target

malware_JC.apk
Size

3.6MB
Sample

230902-p31ehadd83
MD5

382e4022f901ebc2fa15a168a8dc5a20
SHA1

a8afa19a4aa30b144387101a58e7f52335f24eeb
SHA256

153410238d01773e5c705c6d18955793bd61cb2e82c5c7656e74563bb43b3ffa
SHA512

891b38c568d56325a51394c8676e9553534dc470b8272cdbe610ff530f63ca15b03436143f4af23141ef9580a9a90ec4d6fd1448ed5ec93130290de242162c4a
SSDEEP

49152:0CEMb7Wdu21EpCPOzbGHYBLJ/Oys84q9rsljigY2a1WQOqvauFOJ+AIibJWhL9Bt:FXb/VUP2GHYBJOyI3l2WaUqCKYSKJLRE

Score

10^/10

Malware Config

Targets

- Target
  
  malware_JC.apk
- Size
  
  3.6MB
- MD5
  
  382e4022f901ebc2fa15a168a8dc5a20
- SHA1
  
  a8afa19a4aa30b144387101a58e7f52335f24eeb
- SHA256
  
  153410238d01773e5c705c6d18955793bd61cb2e82c5c7656e74563bb43b3ffa
- SHA512
  
  891b38c568d56325a51394c8676e9553534dc470b8272cdbe610ff530f63ca15b03436143f4af23141ef9580a9a90ec4d6fd1448ed5ec93130290de242162c4a
- SSDEEP
  
  49152:0CEMb7Wdu21EpCPOzbGHYBLJ/Oys84q9rsljigY2a1WQOqvauFOJ+AIibJWhL9Bt:FXb/VUP2GHYBJOyI3l2WaUqCKYSKJLRE
Score

10^/10

chameleon banker infostealer ransomware trojan
- Chameleon
  Chameleon is an Android banking trojan first seen in 2023.
  trojan infostealer banker chameleon
- Chameleon payload
- Checks Android system properties for emulator presence.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1 behavioral2
- Target
  
  chartjs-plugin-zoom.min.js
- Size
  
  8KB
- MD5
  
  6182d3e89efa6e8829db2b95c7fc9619
- SHA1
  
  113b1c86ebfebef505faa5defd3f2f366d50416d
- SHA256
  
  620e92db82fcd34cb3e5ca35349d9dc3ac4518ae0ccfbc5081bf9c158db64d4d
- SHA512
  
  6b58a8102b1c5a879c6ff80cb19017d8a00e9bcf0c941e2eb8d5cd5cc8c021234bff18c8eecfdf2f7892c166e66e971364614d507990184478b77c0a31ab457e
- SSDEEP
  
  192:e+awl8ze/+YruqARRY+j2FtuOSmaZHm1xa4j2MGx++yXVUYD/h:xll8CtTikaVuTjJ5
Score

1^/10
behavioral3 behavioral4
- Target
  
  hammerjs.js
- Size
  
  20KB
- MD5
  
  ba3c8e74eaad26674534502bd676b0e5
- SHA1
  
  64d6dfa0dc3cdaec3cea91fdab00cb2a418e3c3f
- SHA256
  
  6bbdfdd7190ead65a89cae52f7129d13cec4bdaa5f1f8cd180ce75231b3ab4d4
- SHA512
  
  430281a08d88c85eadc65fd434c3096ef7f1e5c5b76caec3bf35a763457f0e27d3cea507b804aef8ea6ed4cc65a4dfd2d3ce182069129733286f068fa2df85eb
- SSDEEP
  
  384:mb5vj+l3jfaksTAAvNWUwLATFqACns+CSHDJDLrp:i5vj+5jfSTtrTFqACs+CSHtDx
Score

1^/10
behavioral5 behavioral6
- Target
  
  jquery-3.4.1.min.js
- Size
  
  86KB
- MD5
  
  220afd743d9e9643852e31a135a9f3ae
- SHA1
  
  88523924351bac0b5d560fe0c5781e2556e7693d
- SHA256
  
  0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
- SHA512
  
  6e722fce1e8553be592b1a741972c7f5b7b0cdafce230e9d2d587d20283482881c96660682e4095a5f14df45a96ec193a9b222030c53b1b7bbe8312b2eae440d
- SSDEEP
  
  1536:yTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPma:ygZm0H5HO5+gCKWZyPmHQ47GKe
Score

1^/10
behavioral7 behavioral8
- Target
  
  library.swf
- Size
  
  589B
- MD5
  
  65487c9b50a497495c726b5a940022df
- SHA1
  
  adb71c8d34062aee546d056f0b230fe9b222f0a7
- SHA256
  
  4cfaafa063db5854aef5d34109b2d5c34562298f218d118cdd9254422fb64cb2
- SHA512
  
  ee264e27bef4cab29378c188841b52e00a72b3194fa46269c284c8955568520b6505ae20d4ca0d335ae780baf7c4633a2325bc730fd153c8684bc168e369b14f
Score

3^/10
behavioral10 behavioral9
- Target
  
  com/google/android/gms/dynamite/descriptors/com/google/android/gms/measurement/dynamite/ModuleDescriptor.class
- Size
  
  589B
- MD5
  
  d44f1336257a0e9e8ccd1eef110a574a
- SHA1
  
  f357328756b0ed4d91bcad95985d32eeaed88ace
- SHA256
  
  22a05e1d100af989d58cebefa51b3c74bb0979bea69b04082b02a4c1d9d49e2d
- SHA512
  
  e787f7b627305cdca6fa5ef28144e575b1fa057f24786dd7426d21e55f76f48f83a4be2004a12999c72725966121e1e46fea3c13ad4a25fcbcbf6d4b88f4d3d0
Score

3^/10
behavioral11 behavioral12
- Target
  
  com/google/android/gms/measurement/internal/AppMeasurementDynamiteService$zza.class
- Size
  
  1KB
- MD5
  
  06606f5952d05bd3f3a5deda2ce5288e
- SHA1
  
  27b6903c5333a327f4d0685f013d86a509c244e7
- SHA256
  
  e68f693838b03ba2a03f91445b3382dc2d3bfd25316227c4c3d533219298b250
- SHA512
  
  87dfeb28d9d4964eba67c516dd51848b29e418e8d6d3fa4f029f06d20ea12c0e587e44ce4cda47386eebf20c9270dec46efa5a2eecc2b6ed5bd120bb5de497f3
Score

3^/10
behavioral13 behavioral14
- Target
  
  com/google/android/gms/measurement/internal/AppMeasurementDynamiteService$zzb.class
- Size
  
  1KB
- MD5
  
  f5604278b0d7aeba5aba3c413663623a
- SHA1
  
  f1c4fb18990204272b9ac5e75ec5b9a337740192
- SHA256
  
  80bb1e79213073bbba15a967ab15659d2e7c7699326937370e6f61b692d04d7a
- SHA512
  
  d84b146833bb4527416f9d3ec439bb1c8d3f4a946b9325f58e0126580dfe17b4c336ed5d96db7f0724076b7a19a4267bbfcb253dcc5f8dff4decceca068f5746
Score

3^/10
behavioral15 behavioral16
- Target
  
  com/google/android/gms/measurement/internal/AppMeasurementDynamiteService.class
- Size
  
  13KB
- MD5
  
  459e9441dc9b49fbc1012883be4399ca
- SHA1
  
  4354e2de79074366a5f843147616b3eaafb0fddf
- SHA256
  
  3e694bbbb060c941548b636598c89e7bc9f65e2bb8940494232cae05d3ac909e
- SHA512
  
  9c9794b7f82be0f20681c94c4eaa2501b4bc04dc9fe7c4af6b6a04569ab7fd6aa554997ad4d2e3791b24262134de377a7da0d4141b435d4148b6dc46788314cf
- SSDEEP
  
  192:vkwIFlw+UOIL3CyYWuQTJ3txzfXLJZ5/nW:vkbO+gC3eJ3txzv9Z5O
Score

3^/10
behavioral17 behavioral18
- Target
  
  com/google/android/gms/measurement/internal/zzh.class
- Size
  
  1015B
- MD5
  
  555fb336ab6df58e78069fe40a13a2b8
- SHA1
  
  31d5feb1ec4f8a115cc1e5d86d10dcab5347f901
- SHA256
  
  f438b7c052206a10b45fd8e5e4474c5393f05898fc80e2b646543b7b0c7a73b3
- SHA512
  
  50dccf5d7d388e1a8d0148ee60c6002b6bb6f17c8655a9188fbbd6e2fa14129990f06946beee8d88df378cbbf62cf7df5a806ac452ee5ada91e23df32c699483
Score

3^/10
behavioral19 behavioral20
- Target
  
  com/google/android/gms/measurement/internal/zzi.class
- Size
  
  1KB
- MD5
  
  235863387a180dadf3e2575d6847b408
- SHA1
  
  a19f7f9a832b3eab6fbd8dce97c94fda9e9f190d
- SHA256
  
  f66e0fa4c898292118dd07a3b6a0d060db2210254752d9f64d0caa19b4724c9d
- SHA512
  
  67886456410e8ccfbb7be7657061b0df4c474938be599f15cf07b6d0aae4cff23ad7db42bb460b936395d1d20965f71ef7a527a0d523a51de0ca5b44da654332
Score

3^/10
behavioral21 behavioral22
- Target
  
  com/google/android/gms/measurement/internal/zzj.class
- Size
  
  1KB
- MD5
  
  9cede11490aa7e647e1ef3e9ac04f0b0
- SHA1
  
  d0a7d9b22cbd3387f92004ce9bf4144907c3780e
- SHA256
  
  8a939eb316e6cca26c25b3f44a13bf7069cdca64b0f9d56c3f89db2885ac8b70
- SHA512
  
  8eb26ca06d7b8302b724e7f1e7d6e7d8e45663d0ef8a2902eca78e625a06da54cf447a7123caff7d968c0f4ef1400a307495973ba28fb9c8ac09c898ea9d3fd7
Score

3^/10
behavioral23 behavioral24
- Target
  
  com/google/android/gms/measurement/internal/zzk.class
- Size
  
  1KB
- MD5
  
  d18c0624897134d4ae642aea5931fff6
- SHA1
  
  56be326f444f67e72ade968322731d278d3dbdba
- SHA256
  
  43757a315704885a384a17e368d5fbca7a7d1d37a7cdbff07e0e3b4df0829f00
- SHA512
  
  4d3650c7acb04962e26aeb5e6ffb4576aedba4e1e60555ed58edaba58db45a2f26d64e5c1225a5c45f8b5b51692409d0da7cc8926b5707d8a44e912b2c261646
Score

3^/10
behavioral25 behavioral26
- Target
  
  com/google/android/gms/measurement/internal/zzl.class
- Size
  
  1KB
- MD5
  
  166e2ad93d2ad19d27f818d39c53a8d6
- SHA1
  
  8fdb039021c3566cc3418191a89a35424b43cabd
- SHA256
  
  8124d046e45c7669fafd6bb564407913a1385185981f64092b60eb098d7b333c
- SHA512
  
  1bf5087ecee1daf1c8e02e5ef37759f0501eafc2a05c79206c213c455a9478a828a3ed8c1f81376155769455e9dee2b6470c7cd7c75a3ad40536cc0f2f2908cb
Score

3^/10
behavioral27 behavioral28
- Target
  
  template.js
- Size
  
  284KB
- MD5
  
  53278962de829f69a7198dcfefc508b7
- SHA1
  
  67c101a8ae6c80cf8477ad882ef7c32aa35cff78
- SHA256
  
  7be6b4feb3fbb34bbbca50d38228a02277969355d03f588f8316cd5954f3683d
- SHA512
  
  d1474c6a097de8a113459a9b2e3e3a2013fb0969ef7a10d29b6c18b4f18d60851899421ed2e02bc9853e66ba38f8c2124d883c984ef9ff0ad4f9e804bcd93199
- SSDEEP
  
  3072:FY1UCly6CkCYJT5BdPAUfBUlVQZbU8CB24iQqSNBYTsXNV0QnK3HwbNMFg:ElvCkCoB1AU+lVQZbUj7iQNNBaXgMFg
Score

1^/10
behavioral29 behavioral30

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Chameleon payload

Checks Android system properties for emulator presence.

Loads dropped Dex/Jar

Uses Crypto APIs (Might try to encrypt user data).

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30