Analysis
-
max time kernel
1808s -
max time network
1824s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
-
submitted
11-08-2024 09:55
General
-
Target
https://web.archive.org/web/20230706214529/https://download1587.mediafire.com/t1vdad3xufngg6CCX1k5jtiFJ0YYnHArLuX2ldpUW45Y7C5_ICaaMoj15-uYrQ6IH4D6uZD0Xn-dcHnvDAXCw1fpmTc_0gQtEgldscAvESOiKjQXCpk1VPUISW0N9EJwVOMwZfG74yKr06krisXQH9u4s95Hp7LFqY-oMYQYAG2yBcY/12o45hf43lvv6az/fnaf2+aptoide.apk
Malware Config
Signatures
-
Wipelock
Wipelock is an Android trojan with multiple capabilities, such as wiping data, reading and sending SMS messages without the victim's knowledge.
-
Wipelock Android payload 1 IoCs
-
Declares broadcast receivers with permission to handle system events 1 IoCs
-
Requests dangerous framework permissions 8 IoCs
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.android.chrome1⤵
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
files/dom-0.htmlFilesize
2KB
MD5f6d75ded37efb2a2a23f4de42cef1daf
SHA160db87cde8f053e4b5da4c4706e662b6051deb4e
SHA25694ba72978ebb0f13b191515dadbabc84419db55bc9428cae0d4edfade316dce1
SHA5122a2df3d45df2eab156e97d68e7152fe12a9f3940d539a2d075c7145aa2129c1dee2086d9f4b8192be4a2db1eb34684504feb8390246d109a258edba3b2dc5a78
-
/storage/emulated/0/Download/.pending-1723979204-fnaf2 aptoide.apkFilesize
549KB
MD549f23d5486e36de84c7dfcfc607497b1
SHA1e89e9e34d9fe5203a733059e81d786a99988cb69
SHA256fc6738c227d62d70515c6487b95ca9438c599722fff4590bb2bae81fae5986ca
SHA5126fdceb43a6446a2109658f2fb0b5072eb7bb09a0691547372286531ae95c34ef09b0b43d40e5a4432ae62eca80c16f5d011dfb044295001496dd12d49e99756a
-
/storage/emulated/0/Download/.pending-1723979204-fnaf2 aptoide.apk (deleted)Filesize
525KB
MD5dacb713500a17e6c3ca7e21e957b54a2
SHA1f040b481adf978a2b707f0b50bbff50f7e5c4690
SHA256b405bcaf8f8604d7ce24029a287bb1db48974c2326e022a60c3716f31ef1f506
SHA512c9b1ec1b08e6aa4ba8d873dfa4023a00a05d13b33f4dbf71e37a3a3a7908fa27ada61c8a5e5aff7c32f29162862d3d88d1b363168cd2194844178647e73809f2