chameleon | d6c110c474fb60d0cd2ab4ac29495e5a190048344329c70e348b001bd1f98798

Analysis

max time kernel
6s
max time network
152s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
08/08/2024, 22:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d6c110c474fb60d0cd2ab4ac29495e5a190048344329c70e348b001bd1f98798.apk
Size

2.2MB
MD5

5cd8b0f3b90d30feadcb7b60242fe634
SHA1

9221ab6d2339e9dc37d8fb85ebbd19eaefb12638
SHA256

d6c110c474fb60d0cd2ab4ac29495e5a190048344329c70e348b001bd1f98798
SHA512

2719aa2a2f6874a05bee67d151029dae9e7016e5f708b33b4e06e1ed402f323f66b32e3dc07d955eff77d1cf6661d7fcbc489d94ea4fe886dc6f90615cb7c36a
SSDEEP

49152:TO+P3PHkOTR7/baq3sfaUOrszt7QZfz9jrXfNZFOe/z:FFR3N8fabrszZQxzZNZFOK

Score

10^/10

chameleon banker evasion infostealer trojan

Malware Config

Signatures

Chameleon
Chameleon is an Android banking trojan first seen in 2023.
trojan infostealer banker chameleon

Chameleon payload 1 IoCs

resource	yara_rule
behavioral2/memory/4996-0.dex	family_chameleon

Loads dropped Dex/Jar 1 TTPs 1 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/BFNOg5b6a3f9d29e4079f179da3.BFNOg94e06d39bf2c13789a3731/code_cache/secondary-dexes/base.apk.classes1.zip	4996	BFNOg5b6a3f9d29e4079f179da3.BFNOg94e06d39bf2c13789a3731

BFNOg5b6a3f9d29e4079f179da3.BFNOg94e06d39bf2c13789a3731
1⤵
- Loads dropped Dex/Jar
PID:4996

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/BFNOg5b6a3f9d29e4079f179da3.BFNOg94e06d39bf2c13789a3731/code_cache/secondary-dexes/tmp-base.apk.classes8763719013048843821.zip

Filesize
968KB

MD5
328aa465436e7e0fcc2b3de63f34565a

SHA1
430bec19190646222ecd4febce8419285287028c

SHA256
375db0a05613fb063e32c20cd740938c51d24a278201eaf2ed8941fa6efee358

SHA512
356b1edfa660373ed324eb82539d80971f24105d54f8eaff7269913a04bc2ab6e627af42cb67c2dbe12db65d2255994bf84642b4490d26b38ddde0b4edcc328b

Download Submit
/data/user/0/BFNOg5b6a3f9d29e4079f179da3.BFNOg94e06d39bf2c13789a3731/code_cache/secondary-dexes/base.apk.classes1.zip

Filesize
2.7MB

MD5
908b35a5b0cf4e37fd66a43ffba92976

SHA1
3f55ae6c198947042e4b9df7e6c8a2c6a328dcad

SHA256
a11b11d01bb7c83f740bc3e3fbe1f150d9d8d3e7ef3021e03d65ecb3fc217a67

SHA512
32cf124d0ae403462d7bec1a7eaa4c0c733612255802298d65168092dd99643c297dc2bb64c5f32d25a7fcbe662db326e696598be1c721dc57a730ffe095b220

Download Submit