General
-
Target
3d51aedc7a2dbc0b8dbbfd448b59cf19ed8363ebab123d4ef58e3dfe095c5e3a.bin
-
Size
4.6MB
-
Sample
240509-1w4n5acb26
-
MD5
f3d68e61140ea6b16bdaa2454cb394c4
-
SHA1
230b0580f0111a7885328c6b4a643d112e8d37a0
-
SHA256
3d51aedc7a2dbc0b8dbbfd448b59cf19ed8363ebab123d4ef58e3dfe095c5e3a
-
SHA512
5b431aa71d7caadf0b7cfebfd451a6238e768f7a64069752d1a5849674e4289d7552a0d9f32dedae6f4c36943276581127bdb69543f1a6864f7a489ad1830586
-
SSDEEP
98304:wS/XUb3iQGCkY5NE+rycrCuS0cA2+kMcvA1PsZKq5yI:wScO7mE2+uDN2+kMcY1kR5yI
Malware Config
Extracted
godfather
https://t.me/tumonokasiperake
Targets
-
-
Target
3d51aedc7a2dbc0b8dbbfd448b59cf19ed8363ebab123d4ef58e3dfe095c5e3a.bin
-
Size
4.6MB
-
MD5
f3d68e61140ea6b16bdaa2454cb394c4
-
SHA1
230b0580f0111a7885328c6b4a643d112e8d37a0
-
SHA256
3d51aedc7a2dbc0b8dbbfd448b59cf19ed8363ebab123d4ef58e3dfe095c5e3a
-
SHA512
5b431aa71d7caadf0b7cfebfd451a6238e768f7a64069752d1a5849674e4289d7552a0d9f32dedae6f4c36943276581127bdb69543f1a6864f7a489ad1830586
-
SSDEEP
98304:wS/XUb3iQGCkY5NE+rycrCuS0cA2+kMcvA1PsZKq5yI:wScO7mE2+uDN2+kMcY1kR5yI
Score4/10 -
-
-
Target
i.apk
-
Size
3.9MB
-
MD5
72bad3bef6ee92412e4eda5cbfbc697e
-
SHA1
5fd49ffb15a64fc97557767fd82848432c36fb48
-
SHA256
d6cf5a3356359f59755b95c00394d3c41b992d1b52c5f25c6a8f759d9abdee08
-
SHA512
41e67b5b00e303d55ec0da960a8a96b2c1c6c1153805cdad12db8c703801fbe72b2a8c3415e2e9a4d233d24f4c0cf41e62908090bbe8213bf8a10b4632818330
-
SSDEEP
98304:GjtgxuG/UbOkN2uj1FDYZhk0mixcos+OF2ewCEPtqrXw46qa:GjtO3MNJDMkeSol02ewCIqM46qa
Score8/10-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Acquires the wake lock
-