Overview

overview

10

Static

static

10

a8c5e980d5...8c.apk

android-9-x86

6

a8c5e980d5...8c.apk

android-10-x64

7

a8c5e980d5...8c.apk

android-11-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a8c5e980d5c57742fd4e46c39c1d76cbd8c51851b5f1294f50446902d4e3558c.bin

  • Size

    3.7MB

  • Sample

    240729-1z5qlaxdma

  • MD5

    28fa4f44c97afaf0a774f97449bc6957

  • SHA1

    3331d31341e055938029a068b3073d5551cbda23

  • SHA256

    a8c5e980d5c57742fd4e46c39c1d76cbd8c51851b5f1294f50446902d4e3558c

  • SHA512

    4f85e8a4130b36fad163e35ab56cc4826ece8c0a000f96b1bf0a658711bdd9845f06d4a8fecdf0e047ecb9af88b2995fb0eeda288f9f84b1deec3674f37a0be4

  • SSDEEP

    98304:pEjJUcI8MO9w37j3SIU5h11GTzBjYgAMQDvNufaOUen:p8uKMO9w3Pe/11UFAN7Nt4

Score
10/10
godfatherandroidcollectioncredential_accessevasionimpactpersistence

Malware Config

Extracted

Family

godfather

C2

https://t.me/insgaramerbosake

Targets

    • Target

      a8c5e980d5c57742fd4e46c39c1d76cbd8c51851b5f1294f50446902d4e3558c.bin

    • Size

      3.7MB

    • MD5

      28fa4f44c97afaf0a774f97449bc6957

    • SHA1

      3331d31341e055938029a068b3073d5551cbda23

    • SHA256

      a8c5e980d5c57742fd4e46c39c1d76cbd8c51851b5f1294f50446902d4e3558c

    • SHA512

      4f85e8a4130b36fad163e35ab56cc4826ece8c0a000f96b1bf0a658711bdd9845f06d4a8fecdf0e047ecb9af88b2995fb0eeda288f9f84b1deec3674f37a0be4

    • SSDEEP

      98304:pEjJUcI8MO9w37j3SIU5h11GTzBjYgAMQDvNufaOUen:p8uKMO9w3Pe/11UFAN7Nt4

    Score
    7/10
    evasionimpactpersistencecollectioncredential_access

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

      collectionevasioncredential_access

    • Acquires the wake lock

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence

    • Performs UI accessibility actions on behalf of the user

      Application may abuse the accessibility service to prevent their removal.

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks