Overview

overview

10

Static

static

6

155abf189d...73.apk

android-10-x64

10

Analysis

  • max time kernel
    19s
  • max time network
    35s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    09-10-2024 08:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    155abf189db627d066146711569e00c4d5287636725272e4399dff19d35e4973.apk

  • Size

    9.6MB

  • MD5

    6f365688d2f9ab5c86a10ec1a662a649

  • SHA1

    a81fd7e1b0e43832c595283a59b64f3868befce5

  • SHA256

    155abf189db627d066146711569e00c4d5287636725272e4399dff19d35e4973

  • SHA512

    872488bfa7d03ca1a22fc934cb24e92e4093ed121c295cf905891e5f3593f29fc1999c632da49ceb1c4ee579813bb90101e9a5dea79de94679ee93f1e67756c6

  • SSDEEP

    98304:W61RCpdV2lLPPXl5iSRGLrsF0HSTVZRsU5pl2j75VKlLMmYxevCLJeNe6yS:tXlrTF3Rfp8j75UDYo

Score
10/10
octobankercollectioncredential_accessdiscoveryevasionimpactinfostealerpersistencerattrojan

Malware Config

Extracted

Family

octo

AES_key
AES_key

Signatures

Processes

  • com.tadapters_display09
    1⤵
    • Loads dropped Dex/Jar
    • Makes use of the framework's Accessibility service
    • Obtains sensitive information copied to the device clipboard
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    • Checks memory information
    PID:5075

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

1
T1624

Broadcast Receivers

1
T1624.001

Foreground Persistence

1
T1541

Privilege Escalation

Defense Evasion

Download New Code at Runtime

1
T1407

Foreground Persistence

1
T1541

Input Injection

1
T1516

Virtualization/Sandbox Evasion

2
T1633

System Checks

2
T1633.001

Credential Access

Clipboard Data

1
T1414

Input Capture

2
T1417

GUI Input Capture

1
T1417.002

Keylogging

1
T1417.001

Discovery

Software Discovery

1
T1418

Security Software Discovery

1
T1418.001

System Information Discovery

2
T1426

System Network Configuration Discovery

3
T1422

Lateral Movement

Collection

Clipboard Data

1
T1414

Input Capture

2
T1417

GUI Input Capture

1
T1417.002

Keylogging

1
T1417.001

Screen Capture

1
T1513

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

1
T1471

Data Manipulation

1
T1641

Transmitted Data Manipulation

1
T1641.001

Input Injection

1
T1516

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.tadapters_display09/.global.com.tadapters_display09
    Filesize

    48B

    MD5

    046a414913add6f5bb60072c7db819b6

    SHA1

    451ee4f6809260aec622d772fd329c7d0297a842

    SHA256

    b66c1320cb063a1d391c94273572ea6edae76c8c8b0a07f8d75c88686f0df72a

    SHA512

    4e6355f3051ed5e811ab030abde1f5be7f5e1cf33be99cd08477e9b6c015deb1d8bd75a09fb9c7176b8511c5ad0a67abc0902a3531e97564ccb6afc57496a47c

    Download Submit

  • /data/data/com.tadapters_display09/app_gorilla/setlrcE.json
    Filesize

    1009B

    MD5

    95dbc50f9ead3f0c96a113c5482f766d

    SHA1

    a131938b333b0d2adc5a667ea326b93f3fc4672b

    SHA256

    e9804da3750b8b7727c30f2ce7686d177276e8efe4eb5b1f250d2889d6771663

    SHA512

    dddea59ba045ddbc1eb946b1ce87e768a04a324c2a28c8f5dca0066f3a0a923d4b6afdf92072f26204d3846524c5925bde4dbd52c54c76ac76ec32e322926f45

    Download Submit

  • /data/data/com.tadapters_display09/app_gorilla/setlrcE.json
    Filesize

    1009B

    MD5

    ed292baf31e34afe5cbd93e2358702b4

    SHA1

    13167106819ff1c901daf14ced43e79faa0304a5

    SHA256

    e3eb1bdcb83c8146db81647dda31dc1b1224420497ae6b8e844a08dd5e9476ea

    SHA512

    2af93ab77a1aa13e840ad8590c633d4a7ff007d7109f6d8c4a48ae0533e3d810bc9ba9d16bcfd6f314d8c4181d3331fa6e9a95bf02870e40e38499334a98f6c4

    Download Submit

  • /data/data/com.tadapters_display09/files/.i
    Filesize

    322KB

    MD5

    77dc50489b9323274732d27dc8a4e803

    SHA1

    0e02a3595b62489d0739d771881da8604d117c65

    SHA256

    c5684e792d1ebefea6aac09fed45911703fd58c899f8a08133d49dd91429a820

    SHA512

    0684a92f3e9c525384cfa53f531afba61e5930e1c27032a7e27e3315f72761b62e122dc34768d8162ba08f9bed53d148aa8dc034b46456bdd211f230637eba58

    Download Submit

  • /data/data/com.tadapters_display09/oat/x86_64/[email protected]
    Filesize

    300B

    MD5

    846441d394a1012159dd288da633d81c

    SHA1

    17db1a18c37f6f1ee31259cbecf53ca19dbd0b5e

    SHA256

    b25562975b11e1b5a7deb0d26cc8e8dc5fe270b3f67e87db250c2de801071e31

    SHA512

    e3f476d7019bf4d04733ddb14052e9492d92d99edc4567570e62d5d25ebb7b1ba773172c3774e33e4e99ac6acc9c2f44165aba5d56c713bfd7cc0d9a00e688bc

    Download Submit

  • /data/user/0/com.tadapters_display09/[email protected]
    Filesize

    526KB

    MD5

    b03ffd137cc9771232c0317a988dfcfe

    SHA1

    36df41754334d623cd764814a23bd77710473fa8

    SHA256

    66ecafcc6e2698d78cc81d7551c221e588725359b48f761d3da6255f1cc896b2

    SHA512

    4f9e0a9c47e382b69dad4efd2ef437e05e393803d155f745ad30ca4887cec9378d452b73c54bd12ae49783c195b550ab013a736e9a1d3d155c88c7a582a216d0

    Download Submit

  • /data/user/0/com.tadapters_display09/app_gorilla/setlrcE.json
    Filesize

    1KB

    MD5

    f73ecc0b1327918fb106fa0f44844ac6

    SHA1

    4be6c4aacbe24e11c15c0fd020fd0f682c501b36

    SHA256

    5a260af7b819196f5976b3b8bbb9dfc37a3dfd9f946dc250f4992918f17332f3

    SHA512

    054e5e6971f6e1d296679ac77de3781558fb90b423a96fdccdfdf7abaaded47a3a519837de6b27a62329da7b35ebdd2a1d89ce1a65a5aa33c96c6cd03f1175c1

    Download Submit