General
-
Target
7e1ba933582adc8537364a20b0b763741789769548ea1d055bc5f09f27d72d0b.bin
-
Size
1.9MB
-
Sample
240310-1x4erada41
-
MD5
1b02d342e57a7380cc6bfd92975eb39d
-
SHA1
5b4305bcd976625979017776be2032e4fce79b8a
-
SHA256
7e1ba933582adc8537364a20b0b763741789769548ea1d055bc5f09f27d72d0b
-
SHA512
ff2dc683f6bf977cbafc4c83d5fd6c9b9d1b1b253e256d65caa223dea3b104be2a8ed3733f7aed99e5932b7538b2e57ad09f748bf53d40308596cca92acd1651
-
SSDEEP
24576:8sa7GhzpOwCxzgzrX0XICDS9yGQwhpoonKrOtllcFLZsKU4b0NUNJPMwF6:e7/Rgzz0XIkSiwhpP1tWs74b0NUNJUQ6
Static task
static1
Behavioral task
behavioral1
Sample
7e1ba933582adc8537364a20b0b763741789769548ea1d055bc5f09f27d72d0b.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
7e1ba933582adc8537364a20b0b763741789769548ea1d055bc5f09f27d72d0b.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
7e1ba933582adc8537364a20b0b763741789769548ea1d055bc5f09f27d72d0b.apk
Resource
android-x64-arm64-20240221-en
Malware Config
Extracted
eventbot
http://ora.studiolegalebasili.com/gate_cb8a5aea1ab302f0_c
http://ora.carlaarrabitoarchitetto.com/gate_cb8a5aea1ab302f0_c
Targets
-
-
Target
7e1ba933582adc8537364a20b0b763741789769548ea1d055bc5f09f27d72d0b.bin
-
Size
1.9MB
-
MD5
1b02d342e57a7380cc6bfd92975eb39d
-
SHA1
5b4305bcd976625979017776be2032e4fce79b8a
-
SHA256
7e1ba933582adc8537364a20b0b763741789769548ea1d055bc5f09f27d72d0b
-
SHA512
ff2dc683f6bf977cbafc4c83d5fd6c9b9d1b1b253e256d65caa223dea3b104be2a8ed3733f7aed99e5932b7538b2e57ad09f748bf53d40308596cca92acd1651
-
SSDEEP
24576:8sa7GhzpOwCxzgzrX0XICDS9yGQwhpoonKrOtllcFLZsKU4b0NUNJPMwF6:e7/Rgzz0XIkSiwhpP1tWs74b0NUNJUQ6
-
EventBot
A new Android banking trojan started to appear in March 2020.
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-