Overview

overview

10

Static

static

10

SharkBot (15).apk

android-10-x64

7

SharkBot (15).apk

android-11-x64

7

SharkBot (15).apk

android-13-x64

SharkBot (15).apk

android-9-x86

7

Resubmissions

02-04-2024 06:55

240402-hp2xvaad7v 10

24-11-2022 08:04

221124-jybmpaad66 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SharkBot (15).apk

  • Size

    14.9MB

  • MD5

    cfe82625d3db2378994554ef7a2eba2b

  • SHA1

    e511c4d99bfe0f8b47c32ea0c88b9d1024fbbd61

  • SHA256

    6f1eb9c21b026eecfd65459ec4cffe3954d24619010741e18722108d7bacf3d1

  • SHA512

    8742aab0ed45a1bc307a715d478acd7f6a37feb0029d4988496d27116c1907495476b4dfc98a997d0d3ae82971e44a20d2677861c0bede98c5806f2b2b78e27f

  • SSDEEP

    393216:RPI3MBmacX7X52NWdXJq2TN51XIwUpObrfum7X9:RPIiqgY5xSOLX9

Score
10/10
sharkbot

Malware Config

Extracted

Family

sharkbot

C2

http://mefika.me/

Attributes
  • target_apps

    com.example.creatersa

    com.barclays.android.barclaysmobilebanking

    com.bankofireland.mobilebanking

    com.cooperativebank.bank

    ftb.ibank.android

    com.nearform.ptsb

    uk.co.mbna.cardservices.android

    com.danskebank.mobilebank3.uk

    com.barclays.bca

    com.tescobank.mobile

    com.virginmoney.uk.mobile.android

    com.monitise.client.android.yorkshire

    com.monitise.client.android.clydesdale

    com.cooperativebank.smile

    com.starlingbank.android

    uk.co.metrobankonline.mobile.android.production

    uk.co.santander.santanderUK

    uk.co.hsbc.hsbcukmobilebanking

    uk.co.tsb.newmobilebank

    com.grppl.android.shell.BOS

    com.grppl.android.shell.halifax

    com.grppl.android.shell.CMBlloydsTSB73

    it.copergmps.rt.pf.android.sp.bmps

    it.extrabanca.mobile

    it.relaxbanking

    it.bnl.apps.banking

    it.bnl.apps.enterprise.hellobank

    it.ingdirect.app

    it.popso.SCRIGNOapp

    it.nogood.container

rc4.plain

Signatures

  • Sharkbot family
    sharkbot
  • Declares services with permission to bind to the system 1 IoCs
  • Requests dangerous framework permissions 8 IoCs

Files

  • SharkBot (15).apk
    .apk android

    com.sidalistudio.developer.app

    com.sidalistudio.developer.app.screen.splash.SplashActivity


Android Permissions

SharkBot (15).apk

Permissions

android.permission.INTERNET

android.permission.BLUETOOTH

android.permission.BLUETOOTH_ADMIN

android.permission.CHANGE_WIFI_STATE

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.FOREFGROUND_SERVICE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.WRITE_SYNC_SETTINGS

com.android.launcher.permission.INSTALL_SHORTCUT

android.permission.ACCESS_NOTIFICATION_POLICY

android.permission.REQUEST_DELETE_PACKAGES

android.permission.WAKE_LOCK

android.permission.GET_PACKAGE_SIZE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.QUICKBOOT_POWERON

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.CLEAR_APP_CACHE

android.permission.QUERY_ALL_PACKAGES

android.permission.WRITE_SETTINGS

android.permission.GET_TASKS

android.permission.PACKAGE_USAGE_STATS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.FOREGROUND_SERVICE

android.permission.ACCESS_NETWORK_STATE

android.permission.CAMERA

android.permission.USE_FINGERPRINT

android.permission.ACCESS_WIFI_STATE

android.permission.RECEIVE_USER_PRESENT

android.permission.CHANGE_NETWORK_STATE

android.permission.SET_WALLPAPER

android.permission.VIBRATE

android.permission.MANAGE_EXTERNAL_STORAGE