General
-
Target
chrome-update23454.apk
-
Size
1.9MB
-
Sample
240302-p4kensde41
-
MD5
91443f1c7db27ecf09b291172a960622
-
SHA1
94e791a4ba4c77921a8ebd74b4300b82eab279dd
-
SHA256
2af606a1fd9b5f70f2495cdc484e7ecc8004d754f12ac6945bb30eaba3d8446f
-
SHA512
2ee0648714403385c59a490f58db2adccc4877dad75f2d3d479196d5cab67f050b2f6682ba9449f1e863233e0b96f92c5b31ccfdd0697312267c4fa50907cb11
-
SSDEEP
49152:xXMIax35+0h26zjON4lrnESt9X6ZGZbmqNSscAE4KoSe:KdRg3NI/3X6ZQ/NdH
Static task
static1
Behavioral task
behavioral1
Sample
chrome-update23454.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
chrome-update23454.apk
Resource
android-33-x64-arm64-20240229-en
Malware Config
Extracted
octo
https://caramiliudj16.live/MTU2OWE0NzJjNGY5/
https://boodycookies41.info/MTU2OWE0NzJjNGY5/
https://smoorfikimv.pro/MTU2OWE0NzJjNGY5/
https://alimavij72.vip/MTU2OWE0NzJjNGY5/
https://5a9udxg6l6gd.su/MTU2OWE0NzJjNGY5/
Targets
-
-
Target
chrome-update23454.apk
-
Size
1.9MB
-
MD5
91443f1c7db27ecf09b291172a960622
-
SHA1
94e791a4ba4c77921a8ebd74b4300b82eab279dd
-
SHA256
2af606a1fd9b5f70f2495cdc484e7ecc8004d754f12ac6945bb30eaba3d8446f
-
SHA512
2ee0648714403385c59a490f58db2adccc4877dad75f2d3d479196d5cab67f050b2f6682ba9449f1e863233e0b96f92c5b31ccfdd0697312267c4fa50907cb11
-
SSDEEP
49152:xXMIax35+0h26zjON4lrnESt9X6ZGZbmqNSscAE4KoSe:KdRg3NI/3X6ZQ/NdH
-
Octo
Octo is a banking malware with remote access capabilities first seen in April 2022.
-
Octo payload
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Acquires the wake lock
-
Reads information about phone network operator.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-