com.apparatchiks.eol.rillock
com.apparatchiks.eol.rillock
android.intent.action.MAIN
General
-
Target
78c92d4e57107c35446e337bba94eb25f5d4f0c9aae80910954e401379db537a.bin
-
Size
4.4MB
-
MD5
a462db5bb9de189c6d71fbaf69e1ff93
-
SHA1
b793ecdf66d898f63c83ae38125f672f430e29dc
-
SHA256
78c92d4e57107c35446e337bba94eb25f5d4f0c9aae80910954e401379db537a
-
SHA512
10f5c414acbfb823a80b5ecb56f6bddae90684c2ad4712fdec68974af8fac700cf4b12c75b20c6faa9d82ca1e8c4d2d6bb6953b7b247f3c0bffe9bb97970cc3b
-
SSDEEP
98304:x/SRfBhNafKm+5mpwozjk4prqwfVH3GpR8Uw12D8M+:x/Sz/afP1zA49hh3GP/+
Score
10/10
Malware Config
Extracted
Family
godfather
C2
https://t.me/insgaramerbosake
Signatures
-
Godfather family
-
Declares services with permission to bind to the system 1 IoCs
-
Requests dangerous framework permissions 1 IoCs
Files
-
78c92d4e57107c35446e337bba94eb25f5d4f0c9aae80910954e401379db537a.bin
com.apparatchiks.eol
com.apparatchiks.eol.rillock
-
up.apk
com.kachine.smarm
com.kachine.smarm.turbinals
Android Permissions
78c92d4e57107c35446e337bba94eb25f5d4f0c9aae80910954e401379db537a.bin
Permissions
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.QUERY_ALL_PACKAGES