com.quadricrescentic.seacompelling.Grotian
android.intent.action.MAIN
android.intent.action.VIEW
General
-
Target
a8c5e980d5c57742fd4e46c39c1d76cbd8c51851b5f1294f50446902d4e3558c.bin
-
Size
3.7MB
-
MD5
28fa4f44c97afaf0a774f97449bc6957
-
SHA1
3331d31341e055938029a068b3073d5551cbda23
-
SHA256
a8c5e980d5c57742fd4e46c39c1d76cbd8c51851b5f1294f50446902d4e3558c
-
SHA512
4f85e8a4130b36fad163e35ab56cc4826ece8c0a000f96b1bf0a658711bdd9845f06d4a8fecdf0e047ecb9af88b2995fb0eeda288f9f84b1deec3674f37a0be4
-
SSDEEP
98304:pEjJUcI8MO9w37j3SIU5h11GTzBjYgAMQDvNufaOUen:p8uKMO9w3Pe/11UFAN7Nt4
Score
10/10
Malware Config
Extracted
Family
godfather
C2
https://t.me/insgaramerbosake
Signatures
-
Godfather family
-
Declares services with permission to bind to the system 1 IoCs
-
Requests dangerous framework permissions 1 IoCs
Files
-
a8c5e980d5c57742fd4e46c39c1d76cbd8c51851b5f1294f50446902d4e3558c.bin
com.quadricrescentic.seacompelling
com.quadricrescentic.seacompelling.Grotian
Android Permissions
a8c5e980d5c57742fd4e46c39c1d76cbd8c51851b5f1294f50446902d4e3558c.bin
Permissions
android.permission.INTERNET
android.permission.FOREGROUND_SERVICE
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.WAKE_LOCK
android.permission.POST_NOTIFICATIONS
android.permission.QUERY_ALL_PACKAGES
com.quadricrescentic.seacompelling.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION