8b645ce2dadd4b594c552694fd85cd35acf622e53cb3bff9ca1870279da5f7e4 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

8b645ce2da...e4.apk

android-9-x86

8

8b645ce2da...e4.apk

android-10-x64

8

8b645ce2da...e4.apk

android-11-x64

8

Sharing

General

Target

8b645ce2dadd4b594c552694fd85cd35acf622e53cb3bff9ca1870279da5f7e4
Size

180KB
Sample

231220-g5wv4afecl
MD5

88304d543fc2b1274d7acab2a57b6877
SHA1

52d9571ee2d947c433d0495761ed21663e8d397f
SHA256

8b645ce2dadd4b594c552694fd85cd35acf622e53cb3bff9ca1870279da5f7e4
SHA512

8b4bd3cb14d5595ed6d9c9e6a2286b2bc34bb502949c8aa05f9eb1dfa6e3c0ab8e3fa0c7630aa05d410a94c4efaf06e7c775143e0c330e35cf6019d2f86743f4
SSDEEP

3072:P8vEukN4700pr75onSW9zUck0GmSlZTsIvRIEp9F6q5PQgy2LpATbKOW6FxYz:P8MLW70g75o/DIBF6SY51TbDH6

Score

8^/10

android banker stealth trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

8b645ce2dadd4b594c552694fd85cd35acf622e53cb3bff9ca1870279da5f7e4.apk

Resource

android-x86-arm-20231215-en

banker stealth trojan

android-9-x86

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

8b645ce2dadd4b594c552694fd85cd35acf622e53cb3bff9ca1870279da5f7e4.apk

Resource

android-x64-20231215-en

android-10-x64

2 signatures

150 seconds

Behavioral task

behavioral3

Sample

8b645ce2dadd4b594c552694fd85cd35acf622e53cb3bff9ca1870279da5f7e4.apk

Resource

android-x64-arm64-20231215-en

android-11-x64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  8b645ce2dadd4b594c552694fd85cd35acf622e53cb3bff9ca1870279da5f7e4
- Size
  
  180KB
- MD5
  
  88304d543fc2b1274d7acab2a57b6877
- SHA1
  
  52d9571ee2d947c433d0495761ed21663e8d397f
- SHA256
  
  8b645ce2dadd4b594c552694fd85cd35acf622e53cb3bff9ca1870279da5f7e4
- SHA512
  
  8b4bd3cb14d5595ed6d9c9e6a2286b2bc34bb502949c8aa05f9eb1dfa6e3c0ab8e3fa0c7630aa05d410a94c4efaf06e7c775143e0c330e35cf6019d2f86743f4
- SSDEEP
  
  3072:P8vEukN4700pr75onSW9zUck0GmSlZTsIvRIEp9F6q5PQgy2LpATbKOW6FxYz:P8MLW70g75o/DIBF6SY51TbDH6
Score

8^/10

banker stealth trojan
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker
- Removes its main activity from the application launcher
  stealth trojan
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bankerstealthtrojan

behavioral2

behavioral3

© 2018-2025

Terms | Privacy