Overview

overview

10

Static

static

10

72512e7de8...6e.apk

android-9-x86

7

72512e7de8...6e.apk

android-10-x64

7

72512e7de8...6e.apk

android-11-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    72512e7de8099e66beb9b4395b8c4a5c1dfd413c85977a31480ff8bd68b2ca6e

  • Size

    14.9MB

  • MD5

    72830ce590ffeb0994e35e9019abfce5

  • SHA1

    ba1d41348b44d9fda098a44ade23372dd0a3206a

  • SHA256

    72512e7de8099e66beb9b4395b8c4a5c1dfd413c85977a31480ff8bd68b2ca6e

  • SHA512

    d6e5e6bcda86eaf2d1e8f579ecd51103277525785fb56dfef00ebf501a85e7824cb26888c23fb7d7525471ff57837e03c304f615bb88cfeb7c2f296e9627e17c

  • SSDEEP

    393216:8HZUiBmacX7X52NWdXJq2TN5+dIwepObrfum7R:85BqgY5+AOLR

Score
10/10
sharkbot

Malware Config

Extracted

Family

sharkbot

C2

http://mefika.me/

Attributes
  • target_apps

    com.example.creatersa

    com.barclays.android.barclaysmobilebanking

    com.bankofireland.mobilebanking

    com.cooperativebank.bank

    ftb.ibank.android

    com.nearform.ptsb

    uk.co.mbna.cardservices.android

    com.danskebank.mobilebank3.uk

    com.barclays.bca

    com.tescobank.mobile

    com.virginmoney.uk.mobile.android

    com.monitise.client.android.yorkshire

    com.monitise.client.android.clydesdale

    com.cooperativebank.smile

    com.starlingbank.android

    uk.co.metrobankonline.mobile.android.production

    uk.co.santander.santanderUK

    uk.co.hsbc.hsbcukmobilebanking

    uk.co.tsb.newmobilebank

    com.grppl.android.shell.BOS

    com.grppl.android.shell.halifax

    com.grppl.android.shell.CMBlloydsTSB73

    it.copergmps.rt.pf.android.sp.bmps

    it.extrabanca.mobile

    it.relaxbanking

    it.bnl.apps.banking

    it.bnl.apps.enterprise.hellobank

    it.ingdirect.app

    it.popso.SCRIGNOapp

    it.nogood.container

rc4.plain

Signatures

  • Sharkbot family
    sharkbot
  • Declares services with permission to bind to the system 1 IoCs
  • Requests dangerous framework permissions 8 IoCs

Files

  • 72512e7de8099e66beb9b4395b8c4a5c1dfd413c85977a31480ff8bd68b2ca6e
    .apk android

    com.ltdevelopergroups.litecleaner.m

    com.ltdevelopergroups.litecleaner.m.screen.splash.SplashActivity


Android Permissions

72512e7de8099e66beb9b4395b8c4a5c1dfd413c85977a31480ff8bd68b2ca6e

Permissions

android.permission.BLUETOOTH

android.permission.BLUETOOTH_ADMIN

android.permission.CHANGE_WIFI_STATE

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.FOREFGROUND_SERVICE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.WRITE_SYNC_SETTINGS

com.android.launcher.permission.INSTALL_SHORTCUT

android.permission.ACCESS_NOTIFICATION_POLICY

android.permission.REQUEST_DELETE_PACKAGES

android.permission.WAKE_LOCK

android.permission.GET_PACKAGE_SIZE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.QUICKBOOT_POWERON

android.permission.CLEAR_APP_CACHE

android.permission.QUERY_ALL_PACKAGES

android.permission.WRITE_SETTINGS

android.permission.GET_TASKS

android.permission.PACKAGE_USAGE_STATS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.FOREGROUND_SERVICE

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.CAMERA

android.permission.USE_FINGERPRINT

android.permission.ACCESS_WIFI_STATE

android.permission.RECEIVE_USER_PRESENT

android.permission.CHANGE_NETWORK_STATE

android.permission.SET_WALLPAPER

android.permission.VIBRATE

android.permission.MANAGE_EXTERNAL_STORAGE