General

  • Target

    28c9db4769809b56f1814cc298500d873cd1e461cbfd88c6296ed432bb1d1401.bin

  • Size

    3.7MB

  • MD5

    79b10992cca9bd20b1512c87f4625ef3

  • SHA1

    fddaae066aba87524c79dfd46f377eebc4fcc069

  • SHA256

    28c9db4769809b56f1814cc298500d873cd1e461cbfd88c6296ed432bb1d1401

  • SHA512

    1f263bb1e8730aa885752ebe77e2c35a05385e5c57521671e91c55367422f7c14fead11d44a64ad77d11256eb0240ce1e4ae701ea7eb52f6714cc70b4359b824

  • SSDEEP

    98304:gaSZ+eFMJx14UTicxpzrKJLsDcppygzi6eNtOgRjMZcZXYfyUBlo:gaSkZUUTTr+LsQp4g26eNcgtMZYEvo

Score
10/10

Malware Config

Extracted

Family

godfather

C2

https://t.me/insgaramerbosake

Signatures

  • Godfather family
  • Declares services with permission to bind to the system 1 IoCs
  • Requests dangerous framework permissions 1 IoCs

Files

  • 28c9db4769809b56f1814cc298500d873cd1e461cbfd88c6296ed432bb1d1401.bin
    .apk android

    com.fondle.desmothoraca

    com.fondle.desmothoraca.Kurilian


Android Permissions

28c9db4769809b56f1814cc298500d873cd1e461cbfd88c6296ed432bb1d1401.bin

Permissions

android.permission.INTERNET

android.permission.FOREGROUND_SERVICE

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS

android.permission.WAKE_LOCK

android.permission.POST_NOTIFICATIONS

android.permission.QUERY_ALL_PACKAGES

com.fondle.desmothoraca.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION