Overview

overview

10

Static

static

6

b8ea749026...51.apk

android-11-x64

7

b8ea749026...51.apk

android-13-x64

7

xecvbzvspk.apk

android-11-x64

10

xecvbzvspk.apk

android-13-x64

10

Resubmissions

06/09/2024, 14:29

240906-rtlwvs1drr 6

06/09/2024, 14:08

240906-rfkrms1dne 10

06/09/2024, 13:40

240906-qym42sygnk 6

06/09/2024, 13:39

240906-qyb2sayglq 6

28/08/2024, 15:20

240828-sq9desvhnn 10

28/08/2024, 13:31

240828-qsmlbs1hpk 7

06/08/2024, 09:54

240806-lxn8hawdpn 7

06/08/2024, 09:51

240806-lvftcazekc 10

Analysis

  • max time kernel
    7s
  • max time network
    1013s
  • platform
    android_x64
  • resource
    android-33-x64-arm64-20240624-en
  • resource tags

    androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
  • submitted
    28/08/2024, 15:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    xecvbzvspk.apk

  • Size

    3.7MB

  • MD5

    36906c0fbc3a4b2044b1efc75071c567

  • SHA1

    78219736bf46b4fd3535b914f928e408b34c3911

  • SHA256

    ddd40c0a5813b8e9bb72e004bc10799ec10068e909713c6542e88ef95100ab9c

  • SHA512

    80fdb89d7a0aaeefc9ee4d615dd4263f7d830902296850ff5b12fb87e53d486a317634734023349da018e1b6f4b35bb35cc6306eeca333b5fe3d9dc01add6fa6

  • SSDEEP

    98304:kWy+uJvQHIhObEuo07R31xJ/nNw0rCg+EVINNM:k+bHIh0EQT1lCgn6NM

Score
10/10
chameleonbankerevasionimpactinfostealertrojan

Malware Config

Signatures

  • Chameleon

    Chameleon is an Android banking trojan first seen in 2023.

    trojaninfostealerbankerchameleon
  • Chameleon payload 1 IoCs
  • Loads dropped Dex/Jar 1 TTPs 2 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.wrap.jump
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4376

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.wrap.jump/app_foot/eLP.json
    Filesize

    844KB

    MD5

    cdca6a54724a67bf35dee53cf7085579

    SHA1

    ff0c7e3e7cb4c3731f7cd37785ae6920c2f350ed

    SHA256

    bbeb21cae9eb89ce5b811881a5204e3a05723b9057941d9c58f65e2124634552

    SHA512

    3a0957db5ef2c06cccfe3cce12fd76214f281ccffced67cffed4feb0c482e6bee334c90bdd3e3a0301d51ba96e0837a531271a0d86898faaf96aca46a93ea389

    Download Submit

  • /data/data/com.wrap.jump/app_foot/eLP.json
    Filesize

    844KB

    MD5

    9dab55184a4dac5422aa6bed9e83f725

    SHA1

    5c3bb90b486d7d133a92f7edf15cbabff2d4c50c

    SHA256

    e3aeb5f0c788796857884150b7bb90c95aaa209ec3fed54f8bab165042425546

    SHA512

    ae8eae0aae9f5afce8b277905d1fff30d93c869d3f3622f64793bafd5d47345999d1927c93ef24596ed1c04e97d1a70b504e5cdd782a1c90e34a1aaea565f338

    Download Submit

  • /data/user/0/com.wrap.jump/app_foot/eLP.json
    Filesize

    2.0MB

    MD5

    de5531037fe0314932fad9274406c665

    SHA1

    0493c8f31690c594d80d81f4776d446f0e8201f9

    SHA256

    9e65ac680310b3068d577cb942e6a05847b999419665537c6660dfd0977e0096

    SHA512

    bfe45e24824b4823a954d6f671e47d72fdf985c3309339e10132e38e6f1763f7edd6312a6fbcf3a8df993502d820657dcf1a0de6b2cda2246a4b65544ff041b7

    Download Submit