General
-
Target
1.apk.zip
-
Size
518KB
-
Sample
240313-118hwacf84
-
MD5
1b673ceed99a37464cfd78f224a141f3
-
SHA1
c3afcf8bf0a7854ada8f7721602d368f429ee94a
-
SHA256
d677d39c12a49cab629c518d8551020406eab7a995e5d7ae51514c0351358b07
-
SHA512
4bf8faab1b2d96ffdde9f9a4789befa3671efba278ccce25e078e0ed3f074e4d717d61bd9d175e615ac76b562b393d6eb1a64919f6c95a7694165ba934538206
-
SSDEEP
12288:/Ie9rca75GhFg7yUmfJsjK1GwSnTvDZxz2qGdlzKwzBvhb6B:we9rdtyUmfJlGTvlpY51vhmB
Static task
static1
Behavioral task
behavioral1
Sample
1.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
1.apk
Resource
android-33-x64-arm64-20240229-en
Malware Config
Extracted
octo
s:https://31.41.244.77/o2test/
Targets
-
-
Target
1.apk
-
Size
525KB
-
MD5
0667d65c7bed97a450e322223ca31c1a
-
SHA1
6f1e791fbf59410bc23e79479500f8e52e5e1686
-
SHA256
824e35d8dd11acdcb3c48d8c66114eccb25c2fff2d8cb047cd5b4b6c22c481a7
-
SHA512
37b457e1c35144efe9b6d469a9056cb89cdf10ba1e318438b59fd7070ecf7bd6b6708c645787103a1a26c870c36e7c75096f7bd14c4372532638e31f8245c389
-
SSDEEP
12288:je3vs2mwDBDuhsqP4Gshblm6OAQmWSj/sx4DWCNYO:je3UnwDB44Gwlm6OAQm7sbGz
-
Octo
Octo is a banking malware with remote access capabilities first seen in April 2022.
-
Octo payload
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Requests enabling of the accessibility settings.
-
Acquires the wake lock
-
Reads information about phone network operator.
-