Overview

overview

10

Static

static

10

844efceeee...cd.apk

android-9-x86

4

844efceeee...cd.apk

android-10-x64

7

844efceeee...cd.apk

android-11-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    844efceeeeff73da35ac13c217ad5723c456ecec01fada7f92b9203fc29e7dcd

  • Size

    15.7MB

  • Sample

    231220-e5qmzafbd8

  • MD5

    b87fea08d3fd6f9d0a4a46b18b5b3f8e

  • SHA1

    9d54231e93035fcde45851fcf26795d8fe366a7a

  • SHA256

    844efceeeeff73da35ac13c217ad5723c456ecec01fada7f92b9203fc29e7dcd

  • SHA512

    9c578e637a81c52a32a208d90ccf99ee63693c80278309115450f21427fe9b33c2f5fc0a0a1a9b649d08fe01e73663f2aa28b8311bdb95f65b3eed72f125f3f8

  • SSDEEP

    393216:v4irHAeHcBmacX7X52NWdXJq2TN51XcwnpObrfum7m:lg2CqgY5NpOLm

Score
10/10
sharkbotandroid

Malware Config

Extracted

Family

sharkbot

C2

http://mefika.me/

Attributes
  • target_apps

    com.example.creatersa

    com.barclays.android.barclaysmobilebanking

    com.bankofireland.mobilebanking

    com.cooperativebank.bank

    ftb.ibank.android

    com.nearform.ptsb

    uk.co.mbna.cardservices.android

    com.danskebank.mobilebank3.uk

    com.barclays.bca

    com.tescobank.mobile

    com.virginmoney.uk.mobile.android

    com.monitise.client.android.yorkshire

    com.monitise.client.android.clydesdale

    com.cooperativebank.smile

    com.starlingbank.android

    uk.co.metrobankonline.mobile.android.production

    uk.co.santander.santanderUK

    uk.co.hsbc.hsbcukmobilebanking

    uk.co.tsb.newmobilebank

    com.grppl.android.shell.BOS

    com.grppl.android.shell.halifax

    com.grppl.android.shell.CMBlloydsTSB73

    it.copergmps.rt.pf.android.sp.bmps

    it.extrabanca.mobile

    it.relaxbanking

    it.bnl.apps.banking

    it.bnl.apps.enterprise.hellobank

    it.ingdirect.app

    it.popso.SCRIGNOapp

    it.nogood.container

rc4.plain

Targets

    • Target

      844efceeeeff73da35ac13c217ad5723c456ecec01fada7f92b9203fc29e7dcd

    • Size

      15.7MB

    • MD5

      b87fea08d3fd6f9d0a4a46b18b5b3f8e

    • SHA1

      9d54231e93035fcde45851fcf26795d8fe366a7a

    • SHA256

      844efceeeeff73da35ac13c217ad5723c456ecec01fada7f92b9203fc29e7dcd

    • SHA512

      9c578e637a81c52a32a208d90ccf99ee63693c80278309115450f21427fe9b33c2f5fc0a0a1a9b649d08fe01e73663f2aa28b8311bdb95f65b3eed72f125f3f8

    • SSDEEP

      393216:v4irHAeHcBmacX7X52NWdXJq2TN51XcwnpObrfum7m:lg2CqgY5NpOLm

    Score
    7/10

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Acquires the wake lock

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks