General
-
Target
fdbdab1a8c8409f0f84009cc961de5ae222bdb157870a52ab65ff7d158c3ddc5
-
Size
4.8MB
-
Sample
241009-hp6wssvelb
-
MD5
6b133385f0d88120fa00beeb7ca3442f
-
SHA1
fd0dc5e37fada300be72ecacce7be316540dfbb5
-
SHA256
fdbdab1a8c8409f0f84009cc961de5ae222bdb157870a52ab65ff7d158c3ddc5
-
SHA512
d3d6765a2051d1f8202f35da1a8fb58056658564c8411269d87518cf9b72d6907f1b8d69017050b72099680c20e74aee3342934ce082055277e0b3eaaf5e3611
-
SSDEEP
49152:KRsEX00zRfKY/j7d45iS7xrG2/pg2KSjVKScv5PuI3fKqLv6CAZmA:KRsHcRfB/j7e5iSRGxsVKPrKqb6Cgp
Malware Config
Targets
-
-
Target
fdbdab1a8c8409f0f84009cc961de5ae222bdb157870a52ab65ff7d158c3ddc5
-
Size
4.8MB
-
MD5
6b133385f0d88120fa00beeb7ca3442f
-
SHA1
fd0dc5e37fada300be72ecacce7be316540dfbb5
-
SHA256
fdbdab1a8c8409f0f84009cc961de5ae222bdb157870a52ab65ff7d158c3ddc5
-
SHA512
d3d6765a2051d1f8202f35da1a8fb58056658564c8411269d87518cf9b72d6907f1b8d69017050b72099680c20e74aee3342934ce082055277e0b3eaaf5e3611
-
SSDEEP
49152:KRsEX00zRfKY/j7d45iS7xrG2/pg2KSjVKScv5PuI3fKqLv6CAZmA:KRsHcRfB/j7e5iSRGxsVKPrKqb6Cgp
Score10/10-
Octo
Octo is a banking malware with remote access capabilities first seen in April 2022.
-
Octo payload
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Queries the phone number (MSISDN for GSM devices)
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-