chameleon | 8f6155d6dbc67e71d35a6fc92d51132ff16eaafba99768c2b2ad3dc7c4249de1

Analysis

max time kernel
402105s
max time network
158s
platform
android_x64
resource
android-x64-20231023.1-en
resource tags

androidarch:x64arch:x86image:android-x64-20231023.1-enlocale:en-usos:android-10-x64system
submitted
28/11/2023, 22:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8f6155d6dbc67e71d35a6fc92d51132ff16eaafba99768c2b2ad3dc7c4249de1.apk
Size

3.7MB
MD5

9ed5d254c7987269c91803e1466a292e
SHA1

02430b162700ea121c7dfbc28b7ba935fa934125
SHA256

8f6155d6dbc67e71d35a6fc92d51132ff16eaafba99768c2b2ad3dc7c4249de1
SHA512

1a266045ad2b9bc4937636e8a3e3b61d6a5e64a8bdb2f910a4d694c4d1d5d2c9f7aab667addcfdd4abd33015e42d1354c9a1f70b5948cfa214b07871dc369fdb
SSDEEP

49152:Y1gpH1PPFP70FBB2HC+2ZPJ8m7eIfNoVU1ewoCK5bCVzSYtb7r+KQDEk:Y6PPh70FSHd2NPNoVGkFCIYZ7alIk

Score

10^/10

chameleon banker infostealer ransomware trojan

Malware Config

Signatures

Chameleon
Chameleon is an Android banking trojan first seen in 2023.
trojan infostealer banker chameleon

Chameleon payload 1 IoCs

resource	yara_rule
behavioral2/memory/5101-0.dex	family_chameleon

Loads dropped Dex/Jar 1 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.entry.misery/app_DynamicOptDex/jbnUZ.json	5101	com.entry.misery

Uses Crypto APIs (Might try to encrypt user data). 1 IoCs

ransomware

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.entry.misery

com.entry.misery
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data).
PID:5101

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.entry.misery/app_ACRA-unapproved/.stacktrace

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
/data/data/com.entry.misery/app_DynamicOptDex/jbnUZ.json

Filesize
811KB

MD5
b69262bd775845bb0572b6eabb976a40

SHA1
7e227f9fe38be7c43061569b10dc10bd70a4b5a6

SHA256
95196bb4fb9ba6ea77c06570003415a0bdb35806295ca76b757c5ca78a82c4fb

SHA512
db861408d446498b5d0f07a8e17340beeb8f6aa22dc2eb9e752d87d76579fc11a1bb18750b2213cdec22dc501a2ba49c067a3a3c6e6e6c8ef46f359b61addefa

Download Submit
/data/data/com.entry.misery/app_DynamicOptDex/jbnUZ.json

Filesize
811KB

MD5
0c38eed1beeae4e7fbf567e90ead7e20

SHA1
0c5f159b1d01ad4822ad6f55f6df5c3cb3a527cb

SHA256
b2f17a7c6d0f24f36c6cb415b977b90a6fe890931145de1885bfbf79d9baa53c

SHA512
354f435acdc912c96ab361fb9bb480b924a996b90ab5428641c3b9b8a046a76258ac1706b357cc96fa755b4acc30edd81745a339e96a58d63e7e4ad6120f253c

Download Submit
/data/user/0/com.entry.misery/app_DynamicOptDex/jbnUZ.json

Filesize
2.2MB

MD5
5d7a834419b53541cb8063463582c3c2

SHA1
fecdfdb146f3c8165ebc8ea2e21b136f2a7cb786

SHA256
816a4869bab9de2e0f5eea6b8d7d264a9be7a057768915cb56a7d38cc92531b5

SHA512
716bda4b5f710ecc3e0d8b095cc4059dc95265097d55c1cf01efe1146a6f1bebd98eb9f130bc3aa1c163fd032fe4e5b7a58d31829fab6a9a64524649ce4e99d3

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads