Analysis
-
max time kernel
2724557s -
max time network
156s -
platform
android_x64 -
resource
android-x64-20230831-en -
submitted
17-09-2023 09:07
Static task
static1
Behavioral task
behavioral1
Sample
85317f8dd8662c759a22b6290a35e7726ab78b897d42087a581e77825460162ebin_JC.apk
Resource
android-x86-arm-20230831-en
Behavioral task
behavioral2
Sample
85317f8dd8662c759a22b6290a35e7726ab78b897d42087a581e77825460162ebin_JC.apk
Resource
android-x64-20230831-en
General
-
Target
85317f8dd8662c759a22b6290a35e7726ab78b897d42087a581e77825460162ebin_JC.apk
-
Size
541KB
-
MD5
572d169d146cc552407673698da5577d
-
SHA1
c93ab37a0fc6e0598b15c7cac84c259def1c12be
-
SHA256
85317f8dd8662c759a22b6290a35e7726ab78b897d42087a581e77825460162e
-
SHA512
96841de9a2dd9128db321f3311018dd8d9aebba2a7434c2738e01e28f35c12cb3e25de2fa48471f928efc0c49593d1ea909b9550b7a235f2fd1a638c4aafbe1f
-
SSDEEP
12288:CoCXlaqBe5KIm+K4sXqNjdyaQw4WHeYnwEY5EpKgLdg7MqZjgByoAuwmj:PCX/YFqqNU5WjnwRUKgLdCjSP
Malware Config
Signatures
-
Octo
Octo is a banking malware with remote access capabilities first seen in April 2022.
-
Octo payload 3 IoCs
Processes:
resource yara_rule /data/data/com.hotfounde/cache/zukrstohbksvsu family_octo /data/user/0/com.hotfounde/cache/zukrstohbksvsu family_octo /data/user/0/com.hotfounde/cache/zukrstohbksvsu family_octo -
Loads dropped Dex/Jar 2 IoCs
Runs executable file dropped to the device during analysis.
Processes:
com.hotfoundeioc pid process /data/user/0/com.hotfounde/cache/zukrstohbksvsu 5041 com.hotfounde /data/user/0/com.hotfounde/cache/zukrstohbksvsu 5041 com.hotfounde
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
450KB
MD5965393330f77bb1426a5877f06d2ebd0
SHA17fcb36f4134e9bfd2e4a419c0758c2622c661173
SHA256b164207f9fe1c37f5e1edb090a4ccd27c4c37564960109e42192b8e399f59066
SHA512cf5ca338c9e0b228052210d4046f170b65c712685ff72924e3b9e6edec74d55620e617402ddb0ab0413da0881c5e2313f06602876b811d7551415e3abf12af24
-
Filesize
450KB
MD5965393330f77bb1426a5877f06d2ebd0
SHA17fcb36f4134e9bfd2e4a419c0758c2622c661173
SHA256b164207f9fe1c37f5e1edb090a4ccd27c4c37564960109e42192b8e399f59066
SHA512cf5ca338c9e0b228052210d4046f170b65c712685ff72924e3b9e6edec74d55620e617402ddb0ab0413da0881c5e2313f06602876b811d7551415e3abf12af24
-
Filesize
450KB
MD5965393330f77bb1426a5877f06d2ebd0
SHA17fcb36f4134e9bfd2e4a419c0758c2622c661173
SHA256b164207f9fe1c37f5e1edb090a4ccd27c4c37564960109e42192b8e399f59066
SHA512cf5ca338c9e0b228052210d4046f170b65c712685ff72924e3b9e6edec74d55620e617402ddb0ab0413da0881c5e2313f06602876b811d7551415e3abf12af24