General
-
Target
1438798f76193cd32e8a6e002859b45b7ce0124c3a1e73b889583e64c395c872.bin
-
Size
298KB
-
Sample
240314-1wnynsge4x
-
MD5
827dc360d0d2923bc3929f888ab3ae0e
-
SHA1
a50879e30c4a18f5b4f4328787a621c5d0a8cb5f
-
SHA256
1438798f76193cd32e8a6e002859b45b7ce0124c3a1e73b889583e64c395c872
-
SHA512
e969bedddc38a4a91d937d4efbc4d2d53d5f853a3fc3fa9fa69208647509cc5ce64a40c208fbb7227f3ccfe00b1c99f33d94a994df2f87755dfaf08aada4f124
-
SSDEEP
6144:0mSAp15ol4cgZ3X0vzk8UbHpDddCOdNR8pbNGTszlk5p:0mSApXoGRN2g8mHpDddCOSpEslwp
Static task
static1
Behavioral task
behavioral1
Sample
1438798f76193cd32e8a6e002859b45b7ce0124c3a1e73b889583e64c395c872.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
1438798f76193cd32e8a6e002859b45b7ce0124c3a1e73b889583e64c395c872.apk
Resource
android-33-x64-arm64-20240229-en
Malware Config
Extracted
octo
https://2.57.149.238:7117/gate/
Targets
-
-
Target
1438798f76193cd32e8a6e002859b45b7ce0124c3a1e73b889583e64c395c872.bin
-
Size
298KB
-
MD5
827dc360d0d2923bc3929f888ab3ae0e
-
SHA1
a50879e30c4a18f5b4f4328787a621c5d0a8cb5f
-
SHA256
1438798f76193cd32e8a6e002859b45b7ce0124c3a1e73b889583e64c395c872
-
SHA512
e969bedddc38a4a91d937d4efbc4d2d53d5f853a3fc3fa9fa69208647509cc5ce64a40c208fbb7227f3ccfe00b1c99f33d94a994df2f87755dfaf08aada4f124
-
SSDEEP
6144:0mSAp15ol4cgZ3X0vzk8UbHpDddCOdNR8pbNGTszlk5p:0mSApXoGRN2g8mHpDddCOSpEslwp
-
Octo
Octo is a banking malware with remote access capabilities first seen in April 2022.
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Acquires the wake lock
-
Reads information about phone network operator.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-