Overview

overview

10

Static

static

10

Magisk-v27.0.apk

android-9-x86

4

Magisk-v27.0.apk

android-13-x64

10

main.apk

android-9-x86

main.apk

android-10-x64

main.apk

android-11-x64

stub.apk

android-9-x86

6

stub.apk

android-10-x64

6

stub.apk

android-11-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Magisk-v27.0.apk

  • Size

    11.9MB

  • Sample

    240710-n7eg6awgmk

  • MD5

    4475064c5f6a5474e31f2f3dfafc22ed

  • SHA1

    872199f3781706f51b84d8a89c1d148d26bcdbad

  • SHA256

    f511bd33d3242911d05b0939f910a3133ef2ba0e0ff1e098128f9f3cd0c16610

  • SHA512

    cf6095f2d93e078f42d26265699deed377af12f304dd83179140d32a69a034639d4e07b83b8bb999d503f6d8dc6ced46b6b88741ed39771eed6a12411648e4bc

  • SSDEEP

    196608:tHkjVWApVgQBoMrdr+TnhpPsOz0VbMtiquy/WP0SxqdHgCg2RNB2KNcjktbs1:tHYGQBpdqpibWDe0SuH6WNBrba

Score
10/10
antidotandroidbankerdiscoveryevasionexecutioninfostealerpersistencetrojan

Malware Config

Targets

    • Target

      Magisk-v27.0.apk

    • Size

      11.9MB

    • MD5

      4475064c5f6a5474e31f2f3dfafc22ed

    • SHA1

      872199f3781706f51b84d8a89c1d148d26bcdbad

    • SHA256

      f511bd33d3242911d05b0939f910a3133ef2ba0e0ff1e098128f9f3cd0c16610

    • SHA512

      cf6095f2d93e078f42d26265699deed377af12f304dd83179140d32a69a034639d4e07b83b8bb999d503f6d8dc6ced46b6b88741ed39771eed6a12411648e4bc

    • SSDEEP

      196608:tHkjVWApVgQBoMrdr+TnhpPsOz0VbMtiquy/WP0SxqdHgCg2RNB2KNcjktbs1:tHYGQBpdqpibWDe0SuH6WNBrba

    Score
    10/10
    persistenceantidotbankerevasionexecutioninfostealertrojan

    • Antidot

      Antidot is an Android banking trojan first seen in May 2024.

      bankertrojaninfostealerantidot

    • Antidot payload

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Legitimate hosting services abused for malware hosting/C2

    • Requests dangerous framework permissions

    behavioral1behavioral2

    • Target

      main.jar

    • Size

      3KB

    • MD5

      803d520477442e45318b1b0fc76c6c15

    • SHA1

      68e0102a3a91f7a050cda807889b3ffa0e25ba18

    • SHA256

      4efaf47682fe8bf49c1aaa9ee7b907ced7246277ca996086da2284324fc8a9ab

    • SHA512

      2523395f82258842bce3edd4033af92c0b1e10d664ad8817f6622b9ea701851ca0ba03bb2c06b9bc956f5e8ee988eacd41e9042e5873045449dabe78d6dcd913

    Score
    1/10
    behavioral3behavioral4behavioral5

    • Target

      stub.apk

    • Size

      32KB

    • MD5

      2e705f24df00d854a7343bc3f7d692fb

    • SHA1

      f352b6e27dd1daf86f3d541707c4cf75d26f81ef

    • SHA256

      7b6388c2574a3b320a7d086ff3464ed816f0ab1b14ce07ecc9e96760ed08e22b

    • SHA512

      f1a19c62aabb8ed08ee0dc7d77f143664f2e163cf895bdbeb27eed47af5cf6b7f66bacc3dbd2d01cf0483459917d6fdff456e4598bb9cd57f117ad2076b2f89f

    • SSDEEP

      768:Kaal8GFhIIakOtx1HAljy4kW0hIHF/bqt8CjfcPnd:ASGZO71FWwgofQd

    Score
    6/10
    discovery

    • Queries information about active data network

      discovery

    • Requests dangerous framework permissions

    behavioral6behavioral7behavioral8

MITRE ATT&CK Enterprise v15

MITRE ATT&CK Mobile v15

Tasks