General
-
Target
444086b7ce407d69810501e4e96fb7c0cb34a15c27ec0162a9ffbb95096851ec
-
Size
10.0MB
-
Sample
241008-v7vbyaxclm
-
MD5
f1a8ef656bc1ea4deab190cc5c3718dd
-
SHA1
5444aa1a22bd374e709c06071d409956c2bdfb96
-
SHA256
444086b7ce407d69810501e4e96fb7c0cb34a15c27ec0162a9ffbb95096851ec
-
SHA512
d2a6e70f468a0a040399b0530d9755f3717ded377291cbb8fea87caf676ed31981da7f3a8f8ada78170e47fd0e4d385a8ccff2a2c0b099516ebb6551915baf6b
-
SSDEEP
98304:tCarMeZ4RsSPvyOKcZ5XGDzkxyN5iSRGxgVK5BicAj7JVJBkMC0lN:t6RH3yGZE3kxGr/U5U7j7v
Malware Config
Targets
-
-
Target
444086b7ce407d69810501e4e96fb7c0cb34a15c27ec0162a9ffbb95096851ec
-
Size
10.0MB
-
MD5
f1a8ef656bc1ea4deab190cc5c3718dd
-
SHA1
5444aa1a22bd374e709c06071d409956c2bdfb96
-
SHA256
444086b7ce407d69810501e4e96fb7c0cb34a15c27ec0162a9ffbb95096851ec
-
SHA512
d2a6e70f468a0a040399b0530d9755f3717ded377291cbb8fea87caf676ed31981da7f3a8f8ada78170e47fd0e4d385a8ccff2a2c0b099516ebb6551915baf6b
-
SSDEEP
98304:tCarMeZ4RsSPvyOKcZ5XGDzkxyN5iSRGxgVK5BicAj7JVJBkMC0lN:t6RH3yGZE3kxGr/U5U7j7v
Score10/10-
Octo
Octo is a banking malware with remote access capabilities first seen in April 2022.
-
Octo payload
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Queries the phone number (MSISDN for GSM devices)
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-