Overview

overview

10

Static

static

6

96c45da94f...c4.apk

android-9-x86

10

96c45da94f...c4.apk

android-10-x64

10

96c45da94f...c4.apk

android-11-x64

10

Analysis

  • max time kernel
    1s
  • max time network
    151s
  • platform
    android-11_x64
  • resource
    android-x64-arm64-20240910-en
  • resource tags

    arch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240910-enlocale:en-usos:android-11-x64system
  • submitted
    20/09/2024, 22:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    96c45da94f02cf836bc854f83eae5f475c51e07b5885a493f7b7180540c2dcc4.apk

  • Size

    2.4MB

  • MD5

    23ee0c3df1279fccd33bb0aa54f546bd

  • SHA1

    693783b6217ead1f8cc53020bed03a52cdee5f5f

  • SHA256

    96c45da94f02cf836bc854f83eae5f475c51e07b5885a493f7b7180540c2dcc4

  • SHA512

    9a958f05fa18e638a3c5e7e0c00b71631e3fae353fe1bfefd89c3f36b7ca5a4cf5effdb832aaacdd803e7d96c7e5245d81bdec91038de1b47908ae90737c3ebe

  • SSDEEP

    49152:3/yR071gsdHCansabGHGLSSw56SsF+8z4/qtK2NZjo2/Lj6XTfv:6R8iBwGHGO6SsFhz4yvA2aXTH

Score
10/10
chameleonbankerevasionimpactinfostealertrojan

Malware Config

Signatures

  • Chameleon

    Chameleon is an Android banking trojan first seen in 2023.

    trojaninfostealerbankerchameleon
  • Chameleon payload 1 IoCs
  • Checks Android system properties for emulator presence. 1 TTPs 1 IoCs
    evasion
  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.ugly.sudden
    1⤵
    • Checks Android system properties for emulator presence.
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4800

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.ugly.sudden/app_DynamicOptDex/PPUQXKm.json
    Filesize

    553KB

    MD5

    d77cfa13128e6db209754ef229f9d1ec

    SHA1

    5069dbaf53c4735aa71c467f6ee7a69fb090022b

    SHA256

    442707009695d035dbaee83ed665755e1b1e6bb86257db8d4f4c54a1ba42cab2

    SHA512

    0ac6623fd752c28564a708f32d6834473d4cc7a05a7027a430ba3ff723a0feec89b31314885ffa3e2fe510dcef79a2794b6dd0fdb7645d8650a35d722347ea8d

    Download Submit

  • /data/user/0/com.ugly.sudden/app_DynamicOptDex/PPUQXKm.json
    Filesize

    553KB

    MD5

    ad1bac89f28ea1401a9917424deb67ff

    SHA1

    763db30645ac9206847e86de24f0f0f95c1d497f

    SHA256

    b2aaf11df0584fa769339bbf1aad3c10c81f2ff494fb518e83eb7803f124cd6f

    SHA512

    3ecd785db40340f3fa80e7947e8b48323b906f4e7e18b89dbe136b826f4b5ee407b4c31605cbd2ed40be0d4f9d87d537a4991786b8b960d30283cebcafffcf34

    Download Submit

  • /data/user/0/com.ugly.sudden/app_DynamicOptDex/PPUQXKm.json
    Filesize

    1.4MB

    MD5

    3ad4d002fa196e4dc6f014bd20fae41a

    SHA1

    ede275e884870c0c386babe08884421a14e860bf

    SHA256

    2e8caefba7e928e1819112ffb6800cfb3f7e05b5c786ebaf3981abb9d9db7c62

    SHA512

    2edc924bc785d2a79732c3f6db6f7a69f1ff7da16725a1422b0b45781da0a429dc1badf94ad701c8e8958ada8faa69b4105db9015a38ab3f2efe07de060cdfe6

    Download Submit