com.guigne.barbless.thornbound
com.guigne.barbless.thornbound
android.intent.action.MAIN
General
-
Target
05373db5a137db1a51131fdc8f1fef981b7c504e816cbf76cb06a7b02f8f66d0.bin
-
Size
4.7MB
-
MD5
6ac64c45280441ae30299b1fcf951a55
-
SHA1
59602192d0ed3a84b577dc7adbb1911a36b44980
-
SHA256
05373db5a137db1a51131fdc8f1fef981b7c504e816cbf76cb06a7b02f8f66d0
-
SHA512
e133e15b0569b82f50ce54f69a672753623e660f086b6f265bbef5da81b07f04e15a028a13b3670800d7cba96e9941326a59eb24424082db447a93ef1e49c460
-
SSDEEP
98304:ZwZa90v+A03qwv9h2UZmBiImbiQdDMqQAChwzvT7idW7E3:6+jJ2LBioqDMqQAChw/No3
Score
10/10
Malware Config
Extracted
Family
godfather
C2
https://t.me/intpravitokasero
Signatures
-
Godfather family
-
Declares services with permission to bind to the system 1 IoCs
-
Requests dangerous framework permissions 1 IoCs
Files
-
05373db5a137db1a51131fdc8f1fef981b7c504e816cbf76cb06a7b02f8f66d0.bin
com.guigne.barbless
com.guigne.barbless.thornbound
-
i.apk
com.tasc.brucin
com.tasc.brucin.sandspit
Android Permissions
05373db5a137db1a51131fdc8f1fef981b7c504e816cbf76cb06a7b02f8f66d0.bin
Permissions
android.permission.INTERNET
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.QUERY_ALL_PACKAGES