Overview

overview

10

Static

static

10

bc381d12a5...c1.apk

android-9-x86

4

bc381d12a5...c1.apk

android-10-x64

4

bc381d12a5...c1.apk

android-11-x64

4

i.apk

android-9-x86

8

i.apk

android-10-x64

8

i.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bc381d12a5c8ca86d373772da6bfa58eafa5e30bb23bd952b31e26d4822618c1.bin

  • Size

    4.6MB

  • MD5

    c4a3c4d3bb04f8675750fca3fdf40c64

  • SHA1

    7c0e4390ae1e0ba84170aa904004685e79642f18

  • SHA256

    bc381d12a5c8ca86d373772da6bfa58eafa5e30bb23bd952b31e26d4822618c1

  • SHA512

    14856b76160d0a6b9487bd0330fb07fefab1df0d18b406e0c9d8d608769479e7aa03e687cabcfba33ff2a5c8658826503de9e2e7316689c4f9416e938abf9501

  • SSDEEP

    98304:AhdkVsiMloo5itCn6RSCnx81UUEaX1fROLbphc4s:AD2silkn6RLx8vVpOLUr

Score
10/10
godfather

Malware Config

Extracted

Family

godfather

C2

https://t.me/napikozaremossod

Signatures

  • Godfather family
    godfather
  • Declares services with permission to bind to the system 1 IoCs
  • Requests dangerous framework permissions 1 IoCs

Files

  • bc381d12a5c8ca86d373772da6bfa58eafa5e30bb23bd952b31e26d4822618c1.bin
    .apk android

    com.strangely.taperfashion

    com.strangely.taperfashion.bulrushy


  • i.apk
    .apk android

    com.hobits.euphorias

    com.hobits.euphorias.unfascinating


Android Permissions

bc381d12a5c8ca86d373772da6bfa58eafa5e30bb23bd952b31e26d4822618c1.bin

Permissions

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.QUERY_ALL_PACKAGES