Overview

overview

10

Static

static

10

b2594a07e5...a4.apk

android-9-x86

4

b2594a07e5...a4.apk

android-10-x64

4

b2594a07e5...a4.apk

android-11-x64

4

i.apk

android-9-x86

8

i.apk

android-10-x64

8

i.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b2594a07e509fd84e8442f56d133da5f47187fadb1c5436e83837d9a2cb1daa4.bin

  • Size

    4.6MB

  • MD5

    a6f0df10975edd563e7643fc7b425e02

  • SHA1

    f8962ffc94e2095e523f5fd7be3ecec038ec5df0

  • SHA256

    b2594a07e509fd84e8442f56d133da5f47187fadb1c5436e83837d9a2cb1daa4

  • SHA512

    346b38aaff32dcd39746010d1c756efcb6f58561da2c13477178a73d3180cada15254e30ce02bdefd042651d21faa295a7746e54d1480df7e7e17d91e4c682b9

  • SSDEEP

    98304:DPO1mYfS4/qPxTV5YCEMaz9TZ9q5DxP0RYBSijwMCF2RxM:TYfryP/eCvaz9De10RYBwMCF2RxM

Score
10/10
godfather

Malware Config

Extracted

Family

godfather

C2

https://t.me/bavazarikopsared

Signatures

  • Godfather family
    godfather
  • Declares services with permission to bind to the system 1 IoCs
  • Requests dangerous framework permissions 1 IoCs

Files

  • b2594a07e509fd84e8442f56d133da5f47187fadb1c5436e83837d9a2cb1daa4.bin
    .apk android

    com.libellulid.postliterate

    com.libellulid.postliterate.rectos


  • i.apk
    .apk android

    com.wrack.renounceable

    com.wrack.renounceable.tinwoman


Android Permissions

b2594a07e509fd84e8442f56d133da5f47187fadb1c5436e83837d9a2cb1daa4.bin

Permissions

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.QUERY_ALL_PACKAGES