Overview
overview
10Static
static
7ChromeUpdate.apk
android-9-x86
10ChromeUpdate.apk
android-10-x64
10ad.html
windows7-x64
1ad.html
windows10-2004-x64
1aps-mraid.js
windows7-x64
1aps-mraid.js
windows10-2004-x64
1assign_lab...l.html
windows7-x64
1assign_lab...l.html
windows10-2004-x64
1blood_gluc...l.html
windows7-x64
1blood_gluc...l.html
windows10-2004-x64
1blood_gluc...l.html
windows7-x64
1blood_gluc...l.html
windows10-2004-x64
1blood_pres...l.html
windows7-x64
1blood_pres...l.html
windows10-2004-x64
1diabetes_r...l.html
windows7-x64
1diabetes_r...l.html
windows10-2004-x64
1dpr_report.html
windows7-x64
1dpr_report.html
windows10-2004-x64
1dtb-m.js
windows7-x64
1dtb-m.js
windows10-2004-x64
1edit_insul...l.html
windows7-x64
1edit_insul...l.html
windows10-2004-x64
1edit_label...l.html
windows7-x64
1edit_label...l.html
windows10-2004-x64
1edit_medic...l.html
windows7-x64
1edit_medic...l.html
windows10-2004-x64
1edit_track...l.html
windows7-x64
1edit_track...l.html
windows10-2004-x64
1fyb_iframe...l.html
windows7-x64
1fyb_iframe...l.html
windows10-2004-x64
1fyb_static...l.html
windows7-x64
1fyb_static...l.html
windows10-2004-x64
1General
-
Target
ChromeUpdate.apk
-
Size
1.4MB
-
Sample
230925-yhh46ace26
-
MD5
e8663d7b3eec9509ed49d5a85d0c39d1
-
SHA1
af654776384ece12c2274ae39acfebb6cc39f639
-
SHA256
846a04a5a04dad7129abe56d82b0578d4e2af6d6f73cfdf9de364c001d00c24d
-
SHA512
827f1c2de44bfc0c935f10223d93711ae592377f5c7ba4f9daba64f2d90f911f4f1a65990211a2b8e6a151d08c5fc840d6e2d8c26b6031d40f79c8963278b053
-
SSDEEP
24576:I+ldHt80bCRpsURse2h2q6oFU9Leazuoq/7t7gD09gFnCHzS+cNfS0:IYdH2aURQ2ZoALeAu1REw9fHO+cr
Static task
static1
Behavioral task
behavioral1
Sample
ChromeUpdate.apk
Resource
android-x86-arm-20230831-en
Behavioral task
behavioral2
Sample
ChromeUpdate.apk
Resource
android-x64-20230831-en
Behavioral task
behavioral3
Sample
ad.html
Resource
win7-20230831-en
Behavioral task
behavioral4
Sample
ad.html
Resource
win10v2004-20230915-en
Behavioral task
behavioral5
Sample
aps-mraid.js
Resource
win7-20230831-en
Behavioral task
behavioral6
Sample
aps-mraid.js
Resource
win10v2004-20230915-en
Behavioral task
behavioral7
Sample
assign_labels_local.html
Resource
win7-20230831-en
Behavioral task
behavioral8
Sample
assign_labels_local.html
Resource
win10v2004-20230915-en
Behavioral task
behavioral9
Sample
blood_glucose_entry_local.html
Resource
win7-20230831-en
Behavioral task
behavioral10
Sample
blood_glucose_entry_local.html
Resource
win10v2004-20230915-en
Behavioral task
behavioral11
Sample
blood_glucose_local.html
Resource
win7-20230831-en
Behavioral task
behavioral12
Sample
blood_glucose_local.html
Resource
win10v2004-20230915-en
Behavioral task
behavioral13
Sample
blood_pressure_entry_local.html
Resource
win7-20230831-en
Behavioral task
behavioral14
Sample
blood_pressure_entry_local.html
Resource
win10v2004-20230915-en
Behavioral task
behavioral15
Sample
diabetes_reports_local.html
Resource
win7-20230831-en
Behavioral task
behavioral16
Sample
diabetes_reports_local.html
Resource
win10v2004-20230915-en
Behavioral task
behavioral17
Sample
dpr_report.html
Resource
win7-20230831-en
Behavioral task
behavioral18
Sample
dpr_report.html
Resource
win10v2004-20230915-en
Behavioral task
behavioral19
Sample
dtb-m.js
Resource
win7-20230831-en
Behavioral task
behavioral20
Sample
dtb-m.js
Resource
win10v2004-20230915-en
Behavioral task
behavioral21
Sample
edit_insulin_local.html
Resource
win7-20230831-en
Behavioral task
behavioral22
Sample
edit_insulin_local.html
Resource
win10v2004-20230915-en
Behavioral task
behavioral23
Sample
edit_labels_local.html
Resource
win7-20230831-en
Behavioral task
behavioral24
Sample
edit_labels_local.html
Resource
win10v2004-20230915-en
Behavioral task
behavioral25
Sample
edit_medication_local.html
Resource
win7-20230831-en
Behavioral task
behavioral26
Sample
edit_medication_local.html
Resource
win10v2004-20230915-en
Behavioral task
behavioral27
Sample
edit_tracker_local.html
Resource
win7-20230831-en
Behavioral task
behavioral28
Sample
edit_tracker_local.html
Resource
win10v2004-20230915-en
Behavioral task
behavioral29
Sample
fyb_iframe_endcard_tmpl.html
Resource
win7-20230831-en
Behavioral task
behavioral30
Sample
fyb_iframe_endcard_tmpl.html
Resource
win10v2004-20230915-en
Behavioral task
behavioral31
Sample
fyb_static_endcard_tmpl.html
Resource
win7-20230831-en
Behavioral task
behavioral32
Sample
fyb_static_endcard_tmpl.html
Resource
win10v2004-20230915-en
Malware Config
Extracted
octo
https://zaglefolki1.info/MTU2OWE0NzJjNGY5/
https://passajire555.live/MTU2OWE0NzJjNGY5/
https://majestike8ca.top/MTU2OWE0NzJjNGY5/
https://jikugac818v.vip/MTU2OWE0NzJjNGY5/
https://f2kic1nam25n81k.cc/MTU2OWE0NzJjNGY5/
https://cleverk21da912mca.live/MTU2OWE0NzJjNGY5/
https://zazarazgok7215vor1.pro/MTU2OWE0NzJjNGY5/
https://juf18ki1ca15ca1la.info/MTU2OWE0NzJjNGY5/
Targets
-
-
Target
ChromeUpdate.apk
-
Size
1.4MB
-
MD5
e8663d7b3eec9509ed49d5a85d0c39d1
-
SHA1
af654776384ece12c2274ae39acfebb6cc39f639
-
SHA256
846a04a5a04dad7129abe56d82b0578d4e2af6d6f73cfdf9de364c001d00c24d
-
SHA512
827f1c2de44bfc0c935f10223d93711ae592377f5c7ba4f9daba64f2d90f911f4f1a65990211a2b8e6a151d08c5fc840d6e2d8c26b6031d40f79c8963278b053
-
SSDEEP
24576:I+ldHt80bCRpsURse2h2q6oFU9Leazuoq/7t7gD09gFnCHzS+cNfS0:IYdH2aURQ2ZoALeAu1REw9fHO+cr
-
Octo
Octo is a banking malware with remote access capabilities first seen in April 2022.
-
Octo payload
-
Makes use of the framework's Accessibility service.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
-
Acquires the wake lock.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Reads information about phone network operator.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-
Removes a system notification.
-
Uses Crypto APIs (Might try to encrypt user data).
-
-
-
Target
ad.html
-
Size
15KB
-
MD5
52c368fc009579446f8dc67daf8dca87
-
SHA1
fc52b078a9a02847efbf85d10f41b961c85fa459
-
SHA256
9b6cfb0e52c7f7dc99d5f5b7e2a6142fa3ad82d1333f42877eed3d29b0561579
-
SHA512
c80bcefe98c2eab09d4a831e788cd50563c62333d4c8aa81046df2acc9888c5a87da45546c1ee7d40bc7a9d7148075e3029e09e4b086406f6143a589111d1cb8
-
SSDEEP
192:xMejgzfCtmdyPfojYA5D5zniVkG4zhxm45IqTbTD5qRSwpcPt6FLYFieRO6shWUh:flqiO5RrD5qBpWt6FAieRahW6X
Score1/10 -
-
-
Target
aps-mraid.js
-
Size
10KB
-
MD5
7eb2e0ad4328a0c303ba8a0a77fbbcee
-
SHA1
fba9f141cd195378cbb266228b2c3abe6f1a2319
-
SHA256
5786e5ec3a9425ea2297eccf7b5629491a7c58bdd5877f5a0edadac073ed532d
-
SHA512
7cbebf9395e4ee3624c3ab84948d98a9b6592946221409681e3ade83f1f2831d0213ba20052f98e71230b9ef7e072e6b0b816534b777bfb512053100bbd0098c
-
SSDEEP
192:RiCYiIp5RsHMSP2io9SyKMnbCXnBtdyvgVHGlzjTSWiwvi/:RJ6VsHVP2io2MnUjyvgVkzP3i3
Score1/10 -
-
-
Target
assign_labels_local.html
-
Size
1KB
-
MD5
b152537ba127d8460bb68e6c654440b1
-
SHA1
ce3cc1561c9791352d6483b814eea034f3744625
-
SHA256
2d019088a023dc89232b03863c4a587ef10b9a7d70859db05b6faa754f366c2b
-
SHA512
d31c69b08d80b740f010e0e911e2abf851f897d4068d99cf5a3e9ec05adff8b47db880996f7ee9a7bb00f37468bb133c2367207069d54baf54872573985a960a
Score1/10 -
-
-
Target
blood_glucose_entry_local.html
-
Size
1KB
-
MD5
3189fa9ee5e017a8594ea3bfd6b979c9
-
SHA1
36abf30ffc1fa35bafe1151234e3a9196320452c
-
SHA256
b34900c40fe1d76a24c116b4c2c1dff4b983a3ca6c355c1d3c94c7a088f7f2f3
-
SHA512
2a0ec7f8d35f40cdb7120b70d74064ce4272fc75499d5fe74fd839e25b4d9bc979a826c69311b49fe2b3647355bfd86d583e879637645e58d4c11c1d3c848119
Score1/10 -
-
-
Target
blood_glucose_local.html
-
Size
1KB
-
MD5
bf57710afa315efd25ec6a7a691880ab
-
SHA1
0143d6261505b4e19173d67cac2727e82b5bfe3e
-
SHA256
6b7fdea002cd0b8ed8b38fcc500987c39c679a27a84aef2faf58c2e0772498ba
-
SHA512
fc2808557caed6ada3a82529ca756fb94ee88931de032cd314f01fa675a450719f02c7ade9feb2a0af8a64a3b2dc537cd1cc33e226173424f081a441315706c4
Score1/10 -
-
-
Target
blood_pressure_entry_local.html
-
Size
2KB
-
MD5
1cdeabe6877fd1045588c42a174a7e01
-
SHA1
376b5eec8b187c05c562e65dea56622501840f77
-
SHA256
2f1b3beb96e982fc3a873335c5117682f212f870d5fc4ee6e0e9c2f9e861f2db
-
SHA512
b3ff351f1ab2a406f8f1b01d6f8ce58052f5edc5307d84c331febe2c972fa3354ecaae2da9f97e278666692ff56a80d020d49c587b184307557b8adfcff234be
Score1/10 -
-
-
Target
diabetes_reports_local.html
-
Size
1KB
-
MD5
82c943f3825b6c0ad53ea5a928f545bd
-
SHA1
626e445dfcd1c8fa70a3ee779b6d9f484e36cceb
-
SHA256
c108fb2c8544a1f2faf5fb450db095df0231cd876aac67e944325bdd74bd3ddd
-
SHA512
72618f9545d4533e9e0aa6adffecc009928585eb84950ba2b3d3e5610e2ae20259f2b39911bbeaa60230a490e8ced334b0b3fb9501ffebfc930ccd3cc8b27cee
Score1/10 -
-
-
Target
dpr_report
-
Size
1KB
-
MD5
054e373de9f9a37790eaa1769b2ab108
-
SHA1
6305078cad8cfb75a4c79066c03a742601be7f45
-
SHA256
f9689be3f17411447ea7ac066654cc65271d5552edc55b186b33797af5e6813a
-
SHA512
3f7c13292d3ccb5cdfec2892c6e3c2f1746614ffeb71a1b1b07564082bc6377dd655ed315fcd4ab5c67161e242c5ae2a4bff669b7e029a66eae99039c156353e
Score1/10 -
-
-
Target
dtb-m.js
-
Size
33KB
-
MD5
2958b7dce738e82e3f9edac9408f0218
-
SHA1
1a736dd5a5f87ebab2ba3bbc557a12487eef2df6
-
SHA256
d6e2d6da7fa58b8d53828b1dac654d57d656fe47fa9898c0aae84cbcf3b8fc61
-
SHA512
3c7612232f1f8ec8a51745fa3593bae9e8351849bee1de34ff341c33583c7e39a6313ea28260797a97c4c64cad781931f80965ea0fd1c05b772a1d6b00332d8c
-
SSDEEP
768:cM85TLOVEVU3SGgmAms+SBED+tSklU+EF:c1JO6VU3ZymWBUP
Score1/10 -
-
-
Target
edit_insulin_local.html
-
Size
1KB
-
MD5
bd79c33de563833c2964df05bf71082f
-
SHA1
5de4fb1397af8410b28696572cb0e7260d266003
-
SHA256
a5e73c51212b21c1046a77882673f0c2cce8c5851f78ea6dd4924ca7d1ee566f
-
SHA512
5b3e3be332146401133d43574021c7cd28b52fe6660f5b6877b6db449c0ec208fc7ad3d4661ed4c88f63ee28dd8d8dbd2415bca40c62eb5ee18fa40040a077a6
Score1/10 -
-
-
Target
edit_labels_local.html
-
Size
1KB
-
MD5
d3f96ad2d65e65ddccd0ebc7b31734fd
-
SHA1
ade1b020eb11ab2ad5935c1ea6e311ecd27756a2
-
SHA256
2697e2d2abec0dfb176a9f3d0664d8a2df1867e503cc8739ef01c467a6572bb6
-
SHA512
11e085c5f202053d767a1bede4c32f711f8f77e67f86d3f63d560ebdb9232e2c1feb3ac4a0b525253e4d54a557a346850bb9c4335e2fabc76b8f58c5c9c809ba
Score1/10 -
-
-
Target
edit_medication_local.html
-
Size
1KB
-
MD5
601fbf21cb68f72f9c04f46e8047c31f
-
SHA1
0ee7e08f3c0c86056bcfb9417cf37a2a62ac922e
-
SHA256
0bcfdeb14fb71a4bb5e13db233faa1792ac4b18f1c769634cf9791dda4f87db4
-
SHA512
739922a1171f3ee40cc6cf8b0f8d293962fa376bc02bb3f713976b0815fcc8ec44a2b25e92ec60eaef35dfc50c16331672560c4fc606eaf37d5e664257b5f6da
Score1/10 -
-
-
Target
edit_tracker_local.html
-
Size
1KB
-
MD5
829e307fee543203f205da867683e4d8
-
SHA1
c93c4c81b6bf30ec3e4fe7c0da4a550ba29e5fd6
-
SHA256
61a79942092e1d3685ca18930e82cc56697e81e432a185a0298fde79fcfe396b
-
SHA512
61007e65a212858c355c9cff799fea23cf0032f5cefb31a3a45080463e707e34da0dc14cd51b6a099ebcec9c1b718aa2a749550864c04c2e25f3a7e02f6c6753
Score1/10 -
-
-
Target
fyb_iframe_endcard_tmpl.html
-
Size
521B
-
MD5
331ab67d131439c4c50e02a3d7445008
-
SHA1
675ac8d91e0a2fe211d49a8e42f20f018c4bd50c
-
SHA256
efdac80cdb4576d2e0d93512348e9dbdb06e69e23a1db81838dc5e40a16715d9
-
SHA512
eba60283d7d5562d3e27a9d5f9f382de621474796e68c4c7b8bf06fd20b081f5aa657ab58d988f40e76883eb8459e3b44f8f31f10424f6d181bffc3c28041e04
Score1/10 -
-
-
Target
fyb_static_endcard_tmpl.html
-
Size
3KB
-
MD5
d18fb1787ce0e84567496b8564e452aa
-
SHA1
007033d0824685600611af6992060577e127dd23
-
SHA256
2ae5e0576febb1a1cd63b10bf71644f99fcfd0fe7fb1f2d19525594165294e51
-
SHA512
ba5225a80941e3ee4ff18401b910968a6cab47634914ecb68213599b96fd4b39c8722e82bf2883faf355d9416a6f2acaa36151a5d8969079cfcd4c6795f6003b
Score1/10 -