Overview

overview

10

Static

static

10

72512e7de8...6e.apk

android-9-x86

7

72512e7de8...6e.apk

android-10-x64

7

72512e7de8...6e.apk

android-11-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    72512e7de8099e66beb9b4395b8c4a5c1dfd413c85977a31480ff8bd68b2ca6e

  • Size

    14.9MB

  • Sample

    231220-agdw2sbabq

  • MD5

    72830ce590ffeb0994e35e9019abfce5

  • SHA1

    ba1d41348b44d9fda098a44ade23372dd0a3206a

  • SHA256

    72512e7de8099e66beb9b4395b8c4a5c1dfd413c85977a31480ff8bd68b2ca6e

  • SHA512

    d6e5e6bcda86eaf2d1e8f579ecd51103277525785fb56dfef00ebf501a85e7824cb26888c23fb7d7525471ff57837e03c304f615bb88cfeb7c2f296e9627e17c

  • SSDEEP

    393216:8HZUiBmacX7X52NWdXJq2TN5+dIwepObrfum7R:85BqgY5+AOLR

Score
10/10
sharkbotandroid

Malware Config

Extracted

Family

sharkbot

C2

http://mefika.me/

Attributes
  • target_apps

    com.example.creatersa

    com.barclays.android.barclaysmobilebanking

    com.bankofireland.mobilebanking

    com.cooperativebank.bank

    ftb.ibank.android

    com.nearform.ptsb

    uk.co.mbna.cardservices.android

    com.danskebank.mobilebank3.uk

    com.barclays.bca

    com.tescobank.mobile

    com.virginmoney.uk.mobile.android

    com.monitise.client.android.yorkshire

    com.monitise.client.android.clydesdale

    com.cooperativebank.smile

    com.starlingbank.android

    uk.co.metrobankonline.mobile.android.production

    uk.co.santander.santanderUK

    uk.co.hsbc.hsbcukmobilebanking

    uk.co.tsb.newmobilebank

    com.grppl.android.shell.BOS

    com.grppl.android.shell.halifax

    com.grppl.android.shell.CMBlloydsTSB73

    it.copergmps.rt.pf.android.sp.bmps

    it.extrabanca.mobile

    it.relaxbanking

    it.bnl.apps.banking

    it.bnl.apps.enterprise.hellobank

    it.ingdirect.app

    it.popso.SCRIGNOapp

    it.nogood.container

rc4.plain

Targets

    • Target

      72512e7de8099e66beb9b4395b8c4a5c1dfd413c85977a31480ff8bd68b2ca6e

    • Size

      14.9MB

    • MD5

      72830ce590ffeb0994e35e9019abfce5

    • SHA1

      ba1d41348b44d9fda098a44ade23372dd0a3206a

    • SHA256

      72512e7de8099e66beb9b4395b8c4a5c1dfd413c85977a31480ff8bd68b2ca6e

    • SHA512

      d6e5e6bcda86eaf2d1e8f579ecd51103277525785fb56dfef00ebf501a85e7824cb26888c23fb7d7525471ff57837e03c304f615bb88cfeb7c2f296e9627e17c

    • SSDEEP

      393216:8HZUiBmacX7X52NWdXJq2TN5+dIwepObrfum7R:85BqgY5+AOLR

    Score
    7/10

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks