Overview

overview

10

Static

static

7

c45b987069...JC.apk

android-9-x86

10

c45b987069...JC.apk

android-10-x64

10

Analysis

  • max time kernel
    1722545s
  • max time network
    163s
  • platform
    android_x64
  • resource
    android-x64-20230831-en
  • submitted
    05-09-2023 18:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c45b987069f923a8f7f354aeef18cebd_JC.apk

  • Size

    537KB

  • MD5

    c45b987069f923a8f7f354aeef18cebd

  • SHA1

    0726c6485a797b86635e984329a0dbe38e6ddd67

  • SHA256

    3bd547516cb01330543d9552d3bbd9013c7c875e3c0810575eca6f5aba310bb7

  • SHA512

    cb8946bc0c6bf740a48954d8231f323e65df7f1c98d27413b886159f50f697c8826f74116fa53a36789a76e0a30efd2004f651326c0e4644144c86fe0ec09766

  • SSDEEP

    12288:hRpXlVScNdDXJC0n2zYUW+KepIJMT7MHSpMf5udXxa8ee5Xb8C/r:hP7Scz7iz6leeCT76yMExbV5r8K

Score
10/10
octobankerinfostealerrattrojan

Malware Config

Signatures

  • Octo

    Octo is a banking malware with remote access capabilities first seen in April 2022.

    bankertrojaninfostealerratocto
  • Octo payload 3 IoCs
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • com.mooncome3
    1⤵
    • Loads dropped Dex/Jar
    PID:4982

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.mooncome3/cache/rralyppak
    Filesize

    449KB

    MD5

    5f2dd1e69365d01bd1c9cb7cb3837ddb

    SHA1

    c210ea6afb0c1cff07ce5b6db75075966cf20946

    SHA256

    5fa1f2a9482afffd37dd205a96c22284a8c0379fb4663b865f80e6f2b66e11df

    SHA512

    9a0784ca4a0942e7f8a3536e346fa1b105129b1f9697aad9aaf2f8624c0616b355e94e2fa1f4f8fad6dad21cd9fa05b2f1b8eb511a40222454a8159233b934db

    Download Submit

  • /data/user/0/com.mooncome3/cache/rralyppak
    Filesize

    449KB

    MD5

    5f2dd1e69365d01bd1c9cb7cb3837ddb

    SHA1

    c210ea6afb0c1cff07ce5b6db75075966cf20946

    SHA256

    5fa1f2a9482afffd37dd205a96c22284a8c0379fb4663b865f80e6f2b66e11df

    SHA512

    9a0784ca4a0942e7f8a3536e346fa1b105129b1f9697aad9aaf2f8624c0616b355e94e2fa1f4f8fad6dad21cd9fa05b2f1b8eb511a40222454a8159233b934db

    Download Submit

  • /data/user/0/com.mooncome3/cache/rralyppak
    Filesize

    449KB

    MD5

    5f2dd1e69365d01bd1c9cb7cb3837ddb

    SHA1

    c210ea6afb0c1cff07ce5b6db75075966cf20946

    SHA256

    5fa1f2a9482afffd37dd205a96c22284a8c0379fb4663b865f80e6f2b66e11df

    SHA512

    9a0784ca4a0942e7f8a3536e346fa1b105129b1f9697aad9aaf2f8624c0616b355e94e2fa1f4f8fad6dad21cd9fa05b2f1b8eb511a40222454a8159233b934db

    Download Submit