com.swm.counterthrust.compunctions
com.swm.counterthrust.compunctions
android.intent.action.MAIN
General
-
Target
bf39ff449d9f0478caa34551a599d0abc289807005e08beb408fd9cbfe1e0c9e.bin
-
Size
4.6MB
-
MD5
e8743dfbffad087665ed151ff395049c
-
SHA1
bb37641c0744133778f1c5fc98222ffbd14935d8
-
SHA256
bf39ff449d9f0478caa34551a599d0abc289807005e08beb408fd9cbfe1e0c9e
-
SHA512
48f2ad31c4d5d9fc5b7a21cb49895be84d1c6d8f3be5940a68690eccfac2da7a20802301e5538bdba3f4cf9d6531730ae93cf025529b689fba8c50d4adf47c37
-
SSDEEP
98304:QWyNh4SAXdV3Z08k0rjehBJi73+eiRORxiC1lKNOe:QtNGRRkM6/ZebRplKNOe
Score
10/10
Malware Config
Extracted
Family
godfather
C2
https://t.me/yazmozaramekos
Signatures
-
Godfather family
-
Declares services with permission to bind to the system 1 IoCs
-
Requests dangerous framework permissions 1 IoCs
Files
-
bf39ff449d9f0478caa34551a599d0abc289807005e08beb408fd9cbfe1e0c9e.bin
com.swm.counterthrust
com.swm.counterthrust.compunctions
-
up.apk
com.gastrochaena.ballpark
com.gastrochaena.ballpark.breeds
Android Permissions
bf39ff449d9f0478caa34551a599d0abc289807005e08beb408fd9cbfe1e0c9e.bin
Permissions
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.QUERY_ALL_PACKAGES