General
-
Target
304c57352f21614b7a91a0f79ae2e052f61fb9342a3a937969e8f61b10b0857b.bin
-
Size
196KB
-
Sample
240224-1x42aafe49
-
MD5
7af994dad8386723cff43194e11704ca
-
SHA1
2b3600b953df786dd748fb05e1fffd270583b350
-
SHA256
304c57352f21614b7a91a0f79ae2e052f61fb9342a3a937969e8f61b10b0857b
-
SHA512
db8f4f866038a6bf65075e6b025adf28435d69cd9c2520e77116470e88a87da218f502587793a13ab25f5f7663cce7a0f4b83152ae33c053e7a9cfd4ce5c855d
-
SSDEEP
6144:cvYCXPkUEWPeEcodoQLa30l5BPn+slOPfJEe/vbY7:xSMUPlcoBG0plOPfOes7
Behavioral task
behavioral1
Sample
304c57352f21614b7a91a0f79ae2e052f61fb9342a3a937969e8f61b10b0857b.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
304c57352f21614b7a91a0f79ae2e052f61fb9342a3a937969e8f61b10b0857b.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
304c57352f21614b7a91a0f79ae2e052f61fb9342a3a937969e8f61b10b0857b.apk
Resource
android-x64-arm64-20240221-en
Malware Config
Extracted
octo
https://193.233.254.67:7117/gate/
Targets
-
-
Target
304c57352f21614b7a91a0f79ae2e052f61fb9342a3a937969e8f61b10b0857b.bin
-
Size
196KB
-
MD5
7af994dad8386723cff43194e11704ca
-
SHA1
2b3600b953df786dd748fb05e1fffd270583b350
-
SHA256
304c57352f21614b7a91a0f79ae2e052f61fb9342a3a937969e8f61b10b0857b
-
SHA512
db8f4f866038a6bf65075e6b025adf28435d69cd9c2520e77116470e88a87da218f502587793a13ab25f5f7663cce7a0f4b83152ae33c053e7a9cfd4ce5c855d
-
SSDEEP
6144:cvYCXPkUEWPeEcodoQLa30l5BPn+slOPfJEe/vbY7:xSMUPlcoBG0plOPfOes7
-
Octo
Octo is a banking malware with remote access capabilities first seen in April 2022.
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Acquires the wake lock
-
Reads information about phone network operator.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-