com.demodulation.xanthocyanopsia.Langobardic
android.intent.action.MAIN
android.intent.action.VIEW
General
-
Target
06c2692c014d22ec9689c082b57b8905771d31679c354e3731b1503fcdd799d7.bin
-
Size
3.9MB
-
MD5
399d516ccc8046fcff9300397a441dc7
-
SHA1
9c5340383eb9e5cfb400d4710dfb667bca25a1dc
-
SHA256
06c2692c014d22ec9689c082b57b8905771d31679c354e3731b1503fcdd799d7
-
SHA512
a795e971af49b74b6c0e71f6683faac3afdb91acbdb2c066a84c31412c93c10bcf2f528c7a13ba4d5ed94a2df2aa415767402fd822c17d78b39a793f05ddb247
-
SSDEEP
98304:e3IhYC3gkvbsCa5Q93phhqJzhcavkts05koUM44eMT7M4z:vR/TwQC5hcN9qMIMM4z
Score
10/10
Malware Config
Extracted
Family
godfather
C2
https://t.me/uyamozakeposere
Signatures
-
Godfather family
-
Declares services with permission to bind to the system 1 IoCs
-
Requests dangerous framework permissions 1 IoCs
Files
-
06c2692c014d22ec9689c082b57b8905771d31679c354e3731b1503fcdd799d7.bin
com.demodulation.xanthocyanopsia
com.demodulation.xanthocyanopsia.Langobardic
Android Permissions
06c2692c014d22ec9689c082b57b8905771d31679c354e3731b1503fcdd799d7.bin
Permissions
android.permission.INTERNET
android.permission.FOREGROUND_SERVICE
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.WAKE_LOCK
android.permission.POST_NOTIFICATIONS
android.permission.QUERY_ALL_PACKAGES
com.demodulation.xanthocyanopsia.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION