Overview

overview

10

Static

static

6

96c45da94f...c4.apk

android-9-x86

10

96c45da94f...c4.apk

android-10-x64

10

96c45da94f...c4.apk

android-11-x64

10

Analysis

  • max time kernel
    6s
  • max time network
    131s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    20/09/2024, 22:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    96c45da94f02cf836bc854f83eae5f475c51e07b5885a493f7b7180540c2dcc4.apk

  • Size

    2.4MB

  • MD5

    23ee0c3df1279fccd33bb0aa54f546bd

  • SHA1

    693783b6217ead1f8cc53020bed03a52cdee5f5f

  • SHA256

    96c45da94f02cf836bc854f83eae5f475c51e07b5885a493f7b7180540c2dcc4

  • SHA512

    9a958f05fa18e638a3c5e7e0c00b71631e3fae353fe1bfefd89c3f36b7ca5a4cf5effdb832aaacdd803e7d96c7e5245d81bdec91038de1b47908ae90737c3ebe

  • SSDEEP

    49152:3/yR071gsdHCansabGHGLSSw56SsF+8z4/qtK2NZjo2/Lj6XTfv:6R8iBwGHGO6SsFhz4yvA2aXTH

Score
10/10
chameleonbankerevasionimpactinfostealertrojan

Malware Config

Signatures

  • Chameleon

    Chameleon is an Android banking trojan first seen in 2023.

    trojaninfostealerbankerchameleon
  • Chameleon payload 1 IoCs
  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.ugly.sudden
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4270
    • sh
      2⤵
        PID:4307
        • /system/bin/sh /system/bin/pm list package -3
          3⤵
            PID:4325
            • cmd package list package -3
              4⤵
                PID:4341
          • sh
            2⤵
              PID:4363
              • cat /proc/self/cgroup
                3⤵
                  PID:4380

            Network

            MITRE ATT&CK Mobile v15

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • /data/data/com.ugly.sudden/app_DynamicOptDex/PPUQXKm.json
              Filesize

              553KB

              MD5

              d77cfa13128e6db209754ef229f9d1ec

              SHA1

              5069dbaf53c4735aa71c467f6ee7a69fb090022b

              SHA256

              442707009695d035dbaee83ed665755e1b1e6bb86257db8d4f4c54a1ba42cab2

              SHA512

              0ac6623fd752c28564a708f32d6834473d4cc7a05a7027a430ba3ff723a0feec89b31314885ffa3e2fe510dcef79a2794b6dd0fdb7645d8650a35d722347ea8d

              Download Submit

            • /data/data/com.ugly.sudden/app_DynamicOptDex/PPUQXKm.json
              Filesize

              553KB

              MD5

              ad1bac89f28ea1401a9917424deb67ff

              SHA1

              763db30645ac9206847e86de24f0f0f95c1d497f

              SHA256

              b2aaf11df0584fa769339bbf1aad3c10c81f2ff494fb518e83eb7803f124cd6f

              SHA512

              3ecd785db40340f3fa80e7947e8b48323b906f4e7e18b89dbe136b826f4b5ee407b4c31605cbd2ed40be0d4f9d87d537a4991786b8b960d30283cebcafffcf34

              Download Submit

            • /data/user/0/com.ugly.sudden/app_DynamicOptDex/PPUQXKm.json
              Filesize

              1.4MB

              MD5

              a4961e016c6bf056fc154384eab38c7e

              SHA1

              8413a75f98963fa716de416c2b155c2f3e8705d6

              SHA256

              4f4f4e4ab45e9151aa1a6d00b916e1dac792a1461fe5d483f24507d8a0ff1c70

              SHA512

              fe87478d3e13c4f4aec14510cc638913ecd87bc6d80ce113e4a338f17a52288acafc49065efd31b04c056f9beda96f2a0bd751fdd19f57353daccedc82686e84

              Download Submit