Analysis
-
max time kernel
3462734s -
max time network
138s -
platform
android_x64 -
resource
android-x64-20230831-en -
submitted
25-09-2023 22:02
Static task
static1
Behavioral task
behavioral1
Sample
8f0284b41c15c0c6745aa86b340f31b5c3f7d5ebc18017eaced95301d39f98d7.apk
Resource
android-x86-arm-20230831-en
Behavioral task
behavioral2
Sample
8f0284b41c15c0c6745aa86b340f31b5c3f7d5ebc18017eaced95301d39f98d7.apk
Resource
android-x64-20230831-en
General
-
Target
8f0284b41c15c0c6745aa86b340f31b5c3f7d5ebc18017eaced95301d39f98d7.apk
-
Size
541KB
-
MD5
c5b77da398a9234ec7a8137fb49981d7
-
SHA1
27ead5af5ecc90dec8481c645ab317c5dcf23655
-
SHA256
8f0284b41c15c0c6745aa86b340f31b5c3f7d5ebc18017eaced95301d39f98d7
-
SHA512
9e15a105e5ee65ce9df8716d8e7fc3390dff77d04fb97e05748922572c6a37f8639f37d4e41f464006a839643422fc796583efe251761a7987e52644219b46d8
-
SSDEEP
12288:+kOkEiUWX4/jo/Ib54fejzv70xB0KiaDMtr+cY49nJ:Cni5X4/joQtXjKiJ1+z0nJ
Malware Config
Signatures
-
Octo
Octo is a banking malware with remote access capabilities first seen in April 2022.
-
Octo payload 3 IoCs
Processes:
resource yara_rule /data/data/com.simplesun4/cache/zpaofggcurnjq family_octo /data/user/0/com.simplesun4/cache/zpaofggcurnjq family_octo /data/user/0/com.simplesun4/cache/zpaofggcurnjq family_octo -
Loads dropped Dex/Jar 2 IoCs
Runs executable file dropped to the device during analysis.
Processes:
com.simplesun4ioc pid process /data/user/0/com.simplesun4/cache/zpaofggcurnjq 5000 com.simplesun4 /data/user/0/com.simplesun4/cache/zpaofggcurnjq 5000 com.simplesun4
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
449KB
MD55712cd19b2532170ea43b9248e0f7582
SHA10dc98b341312ad0bbeae349e0c93b08201f56fe5
SHA2564f99c72a25b0cb7442a512768635f0b03bb0a1e28e07663d1b69dd955df872f6
SHA512f9a7c754b4992fdb1c1ba2db9dbf89c9652a07ecaf90335ebbafce269f3f5cca7e7fd9671243e70f368dab95553688cb42cd81807e886e1a8939e9e1cd866784
-
Filesize
449KB
MD55712cd19b2532170ea43b9248e0f7582
SHA10dc98b341312ad0bbeae349e0c93b08201f56fe5
SHA2564f99c72a25b0cb7442a512768635f0b03bb0a1e28e07663d1b69dd955df872f6
SHA512f9a7c754b4992fdb1c1ba2db9dbf89c9652a07ecaf90335ebbafce269f3f5cca7e7fd9671243e70f368dab95553688cb42cd81807e886e1a8939e9e1cd866784
-
Filesize
449KB
MD55712cd19b2532170ea43b9248e0f7582
SHA10dc98b341312ad0bbeae349e0c93b08201f56fe5
SHA2564f99c72a25b0cb7442a512768635f0b03bb0a1e28e07663d1b69dd955df872f6
SHA512f9a7c754b4992fdb1c1ba2db9dbf89c9652a07ecaf90335ebbafce269f3f5cca7e7fd9671243e70f368dab95553688cb42cd81807e886e1a8939e9e1cd866784