General
-
Target
b49e391d44c9bad878103d3f72748cac1c6c2d253f394a05fa0bcf8b44b7f5e0.bin
-
Size
1.7MB
-
Sample
240301-1yzg7aec34
-
MD5
753ab4c3d1f766b47634381e5bb79399
-
SHA1
dacd90758a8efb2a5ec927436ec5e4a54a153149
-
SHA256
b49e391d44c9bad878103d3f72748cac1c6c2d253f394a05fa0bcf8b44b7f5e0
-
SHA512
23ff2cab7d97da484e75ed70536fb2ca76d5d65331d6bfbbfa1f039077bd977e48681524a308de2c6d2aa606e737c5b8bc87be946eb4f5121cdae62506335c3f
-
SSDEEP
49152:aZKJruj3D7Wq1jWvLXOc9AvBd7FkJmiZA3gwjTV:eKJrnvLT9gymiax
Static task
static1
Behavioral task
behavioral1
Sample
b49e391d44c9bad878103d3f72748cac1c6c2d253f394a05fa0bcf8b44b7f5e0.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
b49e391d44c9bad878103d3f72748cac1c6c2d253f394a05fa0bcf8b44b7f5e0.apk
Resource
android-33-x64-arm64-20240229-en
Malware Config
Extracted
octo
https://s322231232fdnsjds.top/OGYyZmMyZmVlMGI0/
Targets
-
-
Target
b49e391d44c9bad878103d3f72748cac1c6c2d253f394a05fa0bcf8b44b7f5e0.bin
-
Size
1.7MB
-
MD5
753ab4c3d1f766b47634381e5bb79399
-
SHA1
dacd90758a8efb2a5ec927436ec5e4a54a153149
-
SHA256
b49e391d44c9bad878103d3f72748cac1c6c2d253f394a05fa0bcf8b44b7f5e0
-
SHA512
23ff2cab7d97da484e75ed70536fb2ca76d5d65331d6bfbbfa1f039077bd977e48681524a308de2c6d2aa606e737c5b8bc87be946eb4f5121cdae62506335c3f
-
SSDEEP
49152:aZKJruj3D7Wq1jWvLXOc9AvBd7FkJmiZA3gwjTV:eKJrnvLT9gymiax
-
Octo
Octo is a banking malware with remote access capabilities first seen in April 2022.
-
Octo payload
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Acquires the wake lock
-
Reads information about phone network operator.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-