chameleon | 8f6155d6dbc67e71d35a6fc92d51132ff16eaafba99768c2b2ad3dc7c4249de1

Analysis

max time kernel
402070s
max time network
139s
platform
android_x86
resource
android-x86-arm-20231023-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231023-enlocale:en-usos:android-9-x86system
submitted
28/11/2023, 22:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8f6155d6dbc67e71d35a6fc92d51132ff16eaafba99768c2b2ad3dc7c4249de1.apk
Size

3.7MB
MD5

9ed5d254c7987269c91803e1466a292e
SHA1

02430b162700ea121c7dfbc28b7ba935fa934125
SHA256

8f6155d6dbc67e71d35a6fc92d51132ff16eaafba99768c2b2ad3dc7c4249de1
SHA512

1a266045ad2b9bc4937636e8a3e3b61d6a5e64a8bdb2f910a4d694c4d1d5d2c9f7aab667addcfdd4abd33015e42d1354c9a1f70b5948cfa214b07871dc369fdb
SSDEEP

49152:Y1gpH1PPFP70FBB2HC+2ZPJ8m7eIfNoVU1ewoCK5bCVzSYtb7r+KQDEk:Y6PPh70FSHd2NPNoVGkFCIYZ7alIk

Score

10^/10

chameleon banker infostealer ransomware trojan

Malware Config

Signatures

Chameleon
Chameleon is an Android banking trojan first seen in 2023.
trojan infostealer banker chameleon

Chameleon payload 1 IoCs

resource	yara_rule
behavioral1/memory/4309-0.dex	family_chameleon

Loads dropped Dex/Jar 1 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.entry.misery/app_DynamicOptDex/jbnUZ.json	4309	com.entry.misery

Uses Crypto APIs (Might try to encrypt user data). 1 IoCs

ransomware

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.entry.misery

com.entry.misery
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data).
PID:4309

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.entry.misery/app_ACRA-unapproved/.stacktrace

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
/data/data/com.entry.misery/app_DynamicOptDex/jbnUZ.json

Filesize
811KB

MD5
b69262bd775845bb0572b6eabb976a40

SHA1
7e227f9fe38be7c43061569b10dc10bd70a4b5a6

SHA256
95196bb4fb9ba6ea77c06570003415a0bdb35806295ca76b757c5ca78a82c4fb

SHA512
db861408d446498b5d0f07a8e17340beeb8f6aa22dc2eb9e752d87d76579fc11a1bb18750b2213cdec22dc501a2ba49c067a3a3c6e6e6c8ef46f359b61addefa

Download Submit
/data/data/com.entry.misery/app_DynamicOptDex/jbnUZ.json

Filesize
811KB

MD5
0c38eed1beeae4e7fbf567e90ead7e20

SHA1
0c5f159b1d01ad4822ad6f55f6df5c3cb3a527cb

SHA256
b2f17a7c6d0f24f36c6cb415b977b90a6fe890931145de1885bfbf79d9baa53c

SHA512
354f435acdc912c96ab361fb9bb480b924a996b90ab5428641c3b9b8a046a76258ac1706b357cc96fa755b4acc30edd81745a339e96a58d63e7e4ad6120f253c

Download Submit
/data/user/0/com.entry.misery/app_DynamicOptDex/jbnUZ.json

Filesize
2.2MB

MD5
e020f63b410ceaaa0d52f9d4f73cfc59

SHA1
8b6fd385d15c3072ab7cf7cf53108caa26488042

SHA256
2a2f63ae41c513df790adef88ed8aef5625d1cce636d6188077896a41a09f7dd

SHA512
54b92ec15381dbc03ffc63d49fed25d988828c2c3b1809c031076c1e7fb0aabd502d09835d1840c1e79bb109c2f3e5720ff5ccc80d6545a7bd6c5e21f0986e65

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads