Malware Analysis Report

2024-12-01 03:13

Sample ID 240426-jpbakaca9z
Target ChinhPhu.apk
SHA256 eb62670a5a838c0d7b086ff09f644f66f32245fbaa7805b07e864d8d6e12a2fb
Tags
golddigger
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

eb62670a5a838c0d7b086ff09f644f66f32245fbaa7805b07e864d8d6e12a2fb

Threat Level: Known bad

The file ChinhPhu.apk was found to be: Known bad.

Malicious Activity Summary

golddigger

GoldDigger payload

Golddigger family

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2024-04-26 07:50

Signatures

GoldDigger payload

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A

Golddigger family

golddigger

Analysis: behavioral1

Detonation Overview

Submitted

2024-04-26 07:50

Reported

2024-04-26 07:56

Platform

android-x86-arm-20240221-en

Max time network

169s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
GB 216.58.204.74:443 semanticlocation-pa.googleapis.com tcp
GB 142.250.200.14:443 tcp
GB 142.250.200.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp
GB 216.58.213.10:443 tcp

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-04-26 07:50

Reported

2024-04-26 07:53

Platform

debian12-armhf-20240221-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A