Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

6

CoinSpot.apk

android-10-x64

10

CoinSpot.apk

android-11-x64

10

CoinSpot.apk

android-13-x64

10

CoinSpot.apk

android-9-x86

10

Resubmissions

02/04/2024, 07:18

240402-h5dvysbc72 10

13/04/2023, 13:04

230413-qaxzcach6w 7

Analysis

  • max time kernel
    8s
  • max time network
    311s
  • platform
    android_x64
  • resource
    android-33-x64-arm64-20240229-en
  • resource tags

    androidarch:arm64arch:x64image:android-33-x64-arm64-20240229-enlocale:en-usos:android-13-x64system
  • submitted
    02/04/2024, 07:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    CoinSpot.apk

  • Size

    3.6MB

  • MD5

    382e4022f901ebc2fa15a168a8dc5a20

  • SHA1

    a8afa19a4aa30b144387101a58e7f52335f24eeb

  • SHA256

    153410238d01773e5c705c6d18955793bd61cb2e82c5c7656e74563bb43b3ffa

  • SHA512

    891b38c568d56325a51394c8676e9553534dc470b8272cdbe610ff530f63ca15b03436143f4af23141ef9580a9a90ec4d6fd1448ed5ec93130290de242162c4a

  • SSDEEP

    49152:0CEMb7Wdu21EpCPOzbGHYBLJ/Oys84q9rsljigY2a1WQOqvauFOJ+AIibJWhL9Bt:FXb/VUP2GHYBJOyI3l2WaUqCKYSKJLRE

Score
10/10
chameleonbankerevasioninfostealertrojan

Malware Config

Signatures

  • Chameleon

    Chameleon is an Android banking trojan first seen in 2023.

    trojaninfostealerbankerchameleon
  • Chameleon payload 1 IoCs
  • Checks Android system properties for emulator presence. 1 TTPs 1 IoCs
    evasion
  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.top.omit
    1⤵
    • Checks Android system properties for emulator presence.
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4309

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.top.omit/app_DynamicOptDex/dmW.json
    Filesize

    483KB

    MD5

    31bedfbe6acc616a38ef5c08b2b29c76

    SHA1

    6feb176ee8b54b3fa606aa93818136709b02f20d

    SHA256

    eafd620325f0b290f69d1e2c6a3aa443a253bd2f7906ee7ff0c17fa702c7dbed

    SHA512

    2c43e9219dc7d69d19bb7a5a5757f9c697d17b7ec15908952ea7b84cc42760ca85dcc56fa2c6cea972fcbba59b4d6b0476094916dae699e3d728984133220f11

    Download Submit

  • /data/user/0/com.top.omit/app_DynamicOptDex/dmW.json
    Filesize

    483KB

    MD5

    f5c6afc2a23dcac894a089599272465d

    SHA1

    28b389e3251b2b67e7f5f13601b65422f8f56711

    SHA256

    f7dc169d8656cc32cb9579ee2e6ebeabad85bff5f5787c7015b67106e57aa05a

    SHA512

    410aeb6ab2ab0a8b65db0ba6a8ca94d33cc9c3fac6a1b5fb46f56d6605bf8f5235a7bce2e0f53ae48464f5e91c49dbf54a15cac81da424c754994659edc1ecc1

    Download Submit

  • /data/user/0/com.top.omit/app_DynamicOptDex/dmW.json
    Filesize

    1.2MB

    MD5

    0e6e8f70702bceb278745e19c2ac2b14

    SHA1

    e6ea5dba97c3c1851882e120d13e43460385de01

    SHA256

    9e1417946a05655869642d9c560605fb8cad248f86e276f894ab0744bd428f7a

    SHA512

    13382ce1800d5a658a159c07c81afa5cd595db812e265d218272b26e6822f1d5975c9bfa8212d6dc11e42c406bf2bca35729eb2d18415b820fd5b7cf12179c3c

    Download Submit