Overview

overview

10

Static

static

6

3066a37fbd...b3.apk

android-10-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3066a37fbd967f79ba87a2a9c2377371830a081bc1c0b919c322e9dee8475db3

  • Size

    4.9MB

  • Sample

    241009-g8xxkaycrl

  • MD5

    aad225e67d9b5780a2a0bb36f9d38f19

  • SHA1

    c979a50cb66831eb3446b4899cc3495c67423e21

  • SHA256

    3066a37fbd967f79ba87a2a9c2377371830a081bc1c0b919c322e9dee8475db3

  • SHA512

    412ee0223b87d39ccadf11e96f62cd7e53a5402c9b57ed81e74c446d16334ab9c4140c4219b8184374e51746d660210d2b727bddebff824d62c1ade146ad4d9f

  • SSDEEP

    49152:Z6RsEXJYmeXKQs3XVx45iS7xrG1vT0LmhjVKScvpyTxMZ/xQ9:MRsVnX9s3XE5iSRGj5VKfnZ/xQ9

Score
10/10
octoandroidbankerdiscoveryevasioninfostealerrattrojan

Malware Config

Targets

    • Target

      3066a37fbd967f79ba87a2a9c2377371830a081bc1c0b919c322e9dee8475db3

    • Size

      4.9MB

    • MD5

      aad225e67d9b5780a2a0bb36f9d38f19

    • SHA1

      c979a50cb66831eb3446b4899cc3495c67423e21

    • SHA256

      3066a37fbd967f79ba87a2a9c2377371830a081bc1c0b919c322e9dee8475db3

    • SHA512

      412ee0223b87d39ccadf11e96f62cd7e53a5402c9b57ed81e74c446d16334ab9c4140c4219b8184374e51746d660210d2b727bddebff824d62c1ade146ad4d9f

    • SSDEEP

      49152:Z6RsEXJYmeXKQs3XVx45iS7xrG1vT0LmhjVKScvpyTxMZ/xQ9:MRsVnX9s3XE5iSRGj5VKfnZ/xQ9

    Score
    10/10
    octobankerdiscoveryevasioninfostealerrattrojan

    • Octo

      Octo is a banking malware with remote access capabilities first seen in April 2022.

      bankertrojaninfostealerratocto

    • Octo payload

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Queries the phone number (MSISDN for GSM devices)

      discovery
    behavioral1

MITRE ATT&CK Mobile v15

Tasks