General
-
Target
32013ed3262b04ebe8c6d955143453ead993241d2fb2b074d34678552820b7d8.bin
-
Size
298KB
-
Sample
240224-1w8cbafe26
-
MD5
c722f88802c3e071c147af967564e4c3
-
SHA1
cb2da9a80fe8d26a44efc195932c443d592eaabf
-
SHA256
32013ed3262b04ebe8c6d955143453ead993241d2fb2b074d34678552820b7d8
-
SHA512
3de6a50e5607ad039ee3feae0a6a6aa57cd9e75ecf2be678183258ecff5daca297fadfa09b07eede923012414814d1e7773ff19e5da8fa7ab5415815de6228f4
-
SSDEEP
6144:0g4SEL/6Rg0JgW3PahNU5kdlOW/bgQNzS2jqiZmer9szlzEoS4:J4SEkg0mBhN3dpbgQNzQS9sl4e
Static task
static1
Behavioral task
behavioral1
Sample
32013ed3262b04ebe8c6d955143453ead993241d2fb2b074d34678552820b7d8.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
32013ed3262b04ebe8c6d955143453ead993241d2fb2b074d34678552820b7d8.apk
Resource
android-x64-20240221-en
Malware Config
Extracted
octo
https://45.93.20.69:7117/gate/
Targets
-
-
Target
32013ed3262b04ebe8c6d955143453ead993241d2fb2b074d34678552820b7d8.bin
-
Size
298KB
-
MD5
c722f88802c3e071c147af967564e4c3
-
SHA1
cb2da9a80fe8d26a44efc195932c443d592eaabf
-
SHA256
32013ed3262b04ebe8c6d955143453ead993241d2fb2b074d34678552820b7d8
-
SHA512
3de6a50e5607ad039ee3feae0a6a6aa57cd9e75ecf2be678183258ecff5daca297fadfa09b07eede923012414814d1e7773ff19e5da8fa7ab5415815de6228f4
-
SSDEEP
6144:0g4SEL/6Rg0JgW3PahNU5kdlOW/bgQNzS2jqiZmer9szlzEoS4:J4SEkg0mBhN3dpbgQNzQS9sl4e
-
Octo
Octo is a banking malware with remote access capabilities first seen in April 2022.
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Acquires the wake lock
-
Reads information about phone network operator.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-