godfather | f062fbbd5f8f13fc2055f2395510160aad665250edb0777d84ed290470858bea | Triage

Sharing

General

Target

f062fbbd5f8f13fc2055f2395510160aad665250edb0777d84ed290470858bea.bin
Size

3.7MB
Sample

240719-12sttaselr
MD5

05e92d583b6aeb03d4b32b69621a031f
SHA1

4980438ef73b6d7638fa642e4e7e2915e814bda1
SHA256

f062fbbd5f8f13fc2055f2395510160aad665250edb0777d84ed290470858bea
SHA512

0d6e28ed4d01736b904dce1b2050f2c55939e81ff55b7bda982321200c1fd114b5ce5e6cdfe2a98bdcfec89014f7de04d1646b8758dc024b3dc1065f904c1ed8
SSDEEP

98304:mUM/iZqMh7w2sEIdqGJM3CQxY0Mu4KXKpTX5zKeloXjH9ks0LgZ:fMM7wVE4wCkV4keloXj90Le

Score

10^/10

godfather android evasion impact persistence

Malware Config

Extracted

Family

godfather

C2

https://t.me/mazokoveraser

Targets

- Target
  
  f062fbbd5f8f13fc2055f2395510160aad665250edb0777d84ed290470858bea.bin
- Size
  
  3.7MB
- MD5
  
  05e92d583b6aeb03d4b32b69621a031f
- SHA1
  
  4980438ef73b6d7638fa642e4e7e2915e814bda1
- SHA256
  
  f062fbbd5f8f13fc2055f2395510160aad665250edb0777d84ed290470858bea
- SHA512
  
  0d6e28ed4d01736b904dce1b2050f2c55939e81ff55b7bda982321200c1fd114b5ce5e6cdfe2a98bdcfec89014f7de04d1646b8758dc024b3dc1065f904c1ed8
- SSDEEP
  
  98304:mUM/iZqMh7w2sEIdqGJM3CQxY0Mu4KXKpTX5zKeloXjH9ks0LgZ:fMM7wVE4wCkV4keloXj90Le
Score

6^/10

evasion impact persistence
- Acquires the wake lock
- Makes use of the framework's foreground persistence service
  Application may abuse the framework's foreground service to continue running in the foreground.
  evasion persistence
- Performs UI accessibility actions on behalf of the user
  Application may abuse the accessibility service to prevent their removal.
  evasion
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Foreground Persistence

Privilege Escalation

Defense Evasion

Foreground Persistence

Impair Defenses

Prevent Application Removal

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Tasks

static1

behavioral1

evasionimpactpersistence

behavioral2

evasionimpactpersistence

behavioral3

evasionimpactpersistence