Overview

overview

8

Static

static

7

prog.apk

android-9-x86

8

prog.apk

android-10-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    prog.apk

  • Size

    20.5MB

  • Sample

    231001-chv8tshh22

  • MD5

    d13c66cdb5333d047cb1830536147e10

  • SHA1

    c62a9f77ad0e4249e9ad0eaf7a8e82b5fce0836e

  • SHA256

    1b40adeb96e1a73e51ff035ae28b26dfe9e4376f49bf57d3d19d44a8bbf91746

  • SHA512

    5eec681b7aa77b489cb943ec7a6a2d5527c6a23215e5514309374b7861a5d1e2d6c377422301433651349131808428e22065b9595f5e3b77026c2e9fb445a207

  • SSDEEP

    393216:hSKZsJA35z7A79L+eoT1mbgafiubczZPbrT9i/zVN2I+TXjtsKpPbNiRSKcs3Ja:hSvJA35z7c5k5mbBffc9Phi/zVN2IkTH

Score
8/10
androidbankerstealthtrojan

Malware Config

Targets

    • Target

      prog.apk

    • Size

      20.5MB

    • MD5

      d13c66cdb5333d047cb1830536147e10

    • SHA1

      c62a9f77ad0e4249e9ad0eaf7a8e82b5fce0836e

    • SHA256

      1b40adeb96e1a73e51ff035ae28b26dfe9e4376f49bf57d3d19d44a8bbf91746

    • SHA512

      5eec681b7aa77b489cb943ec7a6a2d5527c6a23215e5514309374b7861a5d1e2d6c377422301433651349131808428e22065b9595f5e3b77026c2e9fb445a207

    • SSDEEP

      393216:hSKZsJA35z7A79L+eoT1mbgafiubczZPbrT9i/zVN2I+TXjtsKpPbNiRSKcs3Ja:hSvJA35z7c5k5mbBffc9Phi/zVN2IkTH

    Score
    8/10
    bankerstealthtrojan

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).

      banker

    • Removes its main activity from the application launcher

      stealthtrojan

    • Acquires the wake lock.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries the unique device ID (IMEI, MEID, IMSI).

    • Requests cell location

      Uses Android APIs to to get current cell information.

    • Requests dangerous framework permissions

    • Reads information about phone network operator.

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks