Overview

overview

10

Static

static

10

c66b09e302...80.apk

android-9-x86

4

c66b09e302...80.apk

android-10-x64

4

c66b09e302...80.apk

android-11-x64

4

up.apk

android-9-x86

7

up.apk

android-10-x64

6

up.apk

android-11-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    c66b09e3021050f080e06c9aad6358a351b5a371328b131e8c7b08a555786c80.bin

  • Size

    4.4MB

  • MD5

    afc4b2c7772ab99dc168b8b1881e119b

  • SHA1

    4484b5149b3c40780d718e7c7a778ce2d243fea2

  • SHA256

    c66b09e3021050f080e06c9aad6358a351b5a371328b131e8c7b08a555786c80

  • SHA512

    54e6f5d29a1c21095db5fd0c1b5f75209de70bfc9e4805cf26a09b41c7aa99cd7334ba61f1893385b8e6cc27e74ec76a108140f05f8d8c0abb2a9850d05f6761

  • SSDEEP

    98304:YB9ANsYfV+T3oxe0piCldK3SFnTnSvMEcauNUnif2QjWlj9Egz:YB92sYfGhAHGYIFBuN+j9Egz

Score
10/10
godfather

Malware Config

Extracted

Family

godfather

C2

https://t.me/insgaramerbosake

Signatures

  • Godfather family
    godfather
  • Declares services with permission to bind to the system 1 IoCs
  • Requests dangerous framework permissions 1 IoCs

Files

  • c66b09e3021050f080e06c9aad6358a351b5a371328b131e8c7b08a555786c80.bin
    .apk android

    com.jumentous.camelias

    com.jumentous.camelias.racketing


  • up.apk
    .apk android

    com.tubicolae.unnumbered

    com.tubicolae.unnumbered.rerun


Android Permissions

c66b09e3021050f080e06c9aad6358a351b5a371328b131e8c7b08a555786c80.bin

Permissions

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.QUERY_ALL_PACKAGES