gigabud | 782c6b2dad7cfc1f731c41653427e4d47f78a87f0ebc7041a8cc810204494c40 | Triage

Submit
Reports

Overview

overview

Static

static

M-Pajak.apk

android-9-x86

7

Sharing

General

Target

M-Pajak.apk
Size

13.3MB
Sample

241021-swcxeaybka
MD5

8031c03fe33aafcba5e78ecead0af4e0
SHA1

dc5b708c783f39c9b0af4962c7f4114207081321
SHA256

782c6b2dad7cfc1f731c41653427e4d47f78a87f0ebc7041a8cc810204494c40
SHA512

88dfe10ac77a9b975adf05c3c557cbbdbe99dd4ec256b8dd2ff7b75db2d1a389d5f8bd3820c193ce8d0f2bcd1f042a7b810ed8500b40761fac0184e269ca37b2
SSDEEP

393216:znjCKxXXhp97Y68kPIAlcFgGKCE7KmDOgg:zG8hP8kQA6SKmDOJ

Score

10^/10

gigabud golddigger android collection credential_access discovery evasion execution impact persistence

Static task

static1

golddigger gigabud

7 signatures

Behavioral task

behavioral1

Sample

M-Pajak.apk

Resource

android-x86-arm-20240624-en

collection credential_access discovery evasion execution impact persistence

android-9-x86

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  M-Pajak.apk
- Size
  
  13.3MB
- MD5
  
  8031c03fe33aafcba5e78ecead0af4e0
- SHA1
  
  dc5b708c783f39c9b0af4962c7f4114207081321
- SHA256
  
  782c6b2dad7cfc1f731c41653427e4d47f78a87f0ebc7041a8cc810204494c40
- SHA512
  
  88dfe10ac77a9b975adf05c3c557cbbdbe99dd4ec256b8dd2ff7b75db2d1a389d5f8bd3820c193ce8d0f2bcd1f042a7b810ed8500b40761fac0184e269ca37b2
- SSDEEP
  
  393216:znjCKxXXhp97Y68kPIAlcFgGKCE7KmDOgg:zG8hP8kQA6SKmDOJ
Score

7^/10

collection credential_access discovery evasion execution impact persistence
- Makes use of the framework's Accessibility service
  Retrieves information displayed on the phone screen using AccessibilityService.
  collection evasion credential_access
- Queries account information for other applications stored on the device
  Application may abuse the framework's APIs to collect account information stored on the device.
  collection
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Acquires the wake lock
- Makes use of the framework's foreground persistence service
  Application may abuse the framework's foreground service to continue running in the foreground.
  evasion persistence
- Queries information about active data network
  discovery
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

Persistence

Event Triggered Execution

Broadcast Receivers

Foreground Persistence

Scheduled Task/Job

Privilege Escalation

Defense Evasion

Foreground Persistence

Input Injection

Credential Access

Input Capture

GUI Input Capture

Keylogging

Discovery

Process Discovery

System Network Connections Discovery

Lateral Movement

Collection

Input Capture

GUI Input Capture

Keylogging

Screen Capture

Stored Application Data

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Input Injection

Tasks

static1

golddiggergigabud

behavioral1

collectioncredential_accessdiscoveryevasionexecutionimpactpersistence

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.