Overview

overview

10

Static

static

10

d98ca95aa3...8c.apk

android-9-x86

4

d98ca95aa3...8c.apk

android-10-x64

4

d98ca95aa3...8c.apk

android-11-x64

4

up.apk

android-9-x86

6

up.apk

android-10-x64

7

up.apk

android-11-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d98ca95aa3d9fa64abbf271087db89145d2fc24010000c8e48374bfd04942b8c.bin

  • Size

    4.5MB

  • MD5

    1ffaad683dfb2827e47f00a5d4bf3091

  • SHA1

    529f917e524040cf2addc9cb5c45694d0c3296ba

  • SHA256

    d98ca95aa3d9fa64abbf271087db89145d2fc24010000c8e48374bfd04942b8c

  • SHA512

    c061e976560fab9071cc2e255d8d3724c4700dd13860249f07f5808974d1f3a1fb421f2cbe46c419dc4d90b04bd6de1304faa5afbad3f2b10762ad66df0dfa56

  • SSDEEP

    98304:T05cTW9eh3x4s/M5MCIqNV10+ug5P8oibdriaaOqgOLbXJ/pTiZFga:ccTW9ehuIIHIcC+p1ibYLaA/Ji7ga

Score
10/10
godfather

Malware Config

Extracted

Family

godfather

C2

https://t.me/mazokoveraser

Signatures

  • Godfather family
    godfather
  • Declares services with permission to bind to the system 1 IoCs
  • Requests dangerous framework permissions 1 IoCs

Files

  • d98ca95aa3d9fa64abbf271087db89145d2fc24010000c8e48374bfd04942b8c.bin
    .apk android

    com.reroller.autoboat

    com.reroller.autoboat.orthographer


  • up.apk
    .apk android

    com.overaddiction.overfavor

    com.overaddiction.overfavor.unloosening


Android Permissions

d98ca95aa3d9fa64abbf271087db89145d2fc24010000c8e48374bfd04942b8c.bin

Permissions

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.QUERY_ALL_PACKAGES