General
-
Target
d9ec1a877a90506094f843c8788580c18b55a92b230ffaef2c6191c4c7afeaa4.bin
-
Size
3.4MB
-
Sample
240304-1zmvsaeh4z
-
MD5
8edbdb50c35be3f59510943ef87a6f2a
-
SHA1
3f2e7ec65441c2fefcd3db4243e0f6eb4716593a
-
SHA256
d9ec1a877a90506094f843c8788580c18b55a92b230ffaef2c6191c4c7afeaa4
-
SHA512
5a30de1f128bf062b016128ecc2165f0669f33a90082eb790f1ae6d64e8c93defbf29cc9f29dec63df09a0e463cf170784b2eea6a152e40502ef4168fa085019
-
SSDEEP
98304:cD7Pe+8wptAw6enEDqZyXD8mfigpEIw+TpdY5Lw:cfv/fH0qAQe8+tT
Malware Config
Extracted
sharkbot
http://yaseka.me/
-
target_apps
com.example.creatersa
com.barclays.android.barclaysmobilebanking
com.bankofireland.mobilebanking
com.cooperativebank.bank
ftb.ibank.android
com.nearform.ptsb
uk.co.mbna.cardservices.android
com.danskebank.mobilebank3.uk
com.barclays.bca
com.tescobank.mobile
com.virginmoney.uk.mobile.android
com.monitise.client.android.yorkshire
com.monitise.client.android.clydesdale
com.cooperativebank.smile
com.starlingbank.android
uk.co.metrobankonline.mobile.android.production
uk.co.santander.santanderUK
uk.co.hsbc.hsbcukmobilebanking
uk.co.tsb.newmobilebank
com.grppl.android.shell.BOS
com.grppl.android.shell.halifax
com.grppl.android.shell.CMBlloydsTSB73
Targets
-
-
Target
d9ec1a877a90506094f843c8788580c18b55a92b230ffaef2c6191c4c7afeaa4.bin
-
Size
3.4MB
-
MD5
8edbdb50c35be3f59510943ef87a6f2a
-
SHA1
3f2e7ec65441c2fefcd3db4243e0f6eb4716593a
-
SHA256
d9ec1a877a90506094f843c8788580c18b55a92b230ffaef2c6191c4c7afeaa4
-
SHA512
5a30de1f128bf062b016128ecc2165f0669f33a90082eb790f1ae6d64e8c93defbf29cc9f29dec63df09a0e463cf170784b2eea6a152e40502ef4168fa085019
-
SSDEEP
98304:cD7Pe+8wptAw6enEDqZyXD8mfigpEIw+TpdY5Lw:cfv/fH0qAQe8+tT
Score6/10-
Reads information about phone network operator.
-