Malware Analysis Report

2024-12-01 03:18

Sample ID 241021-w4ac2a1arb
Target SecuriteInfo.com.Android.BankBot.GoldDigger.11.10291.24662.elf
SHA256 bcc2772eeee6081313cd13c4bde66943b84068d0c09829d97309be9f0ea45dbb
Tags
golddigger
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

bcc2772eeee6081313cd13c4bde66943b84068d0c09829d97309be9f0ea45dbb

Threat Level: Known bad

The file SecuriteInfo.com.Android.BankBot.GoldDigger.11.10291.24662.elf was found to be: Known bad.

Malicious Activity Summary

golddigger

GoldDigger payload

Golddigger family

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2024-10-21 18:28

Signatures

GoldDigger payload

Description Indicator Process Target
N/A N/A N/A N/A

Golddigger family

golddigger

Analysis: behavioral1

Detonation Overview

Submitted

2024-10-21 18:28

Reported

2024-10-21 18:30

Platform

debian12-armhf-20240221-en

Max time kernel

0s

Max time network

146s

Command Line

[/tmp/SecuriteInfo.com.Android.BankBot.GoldDigger.11.10291.24662.elf]

Signatures

N/A

Processes

/tmp/SecuriteInfo.com.Android.BankBot.GoldDigger.11.10291.24662.elf

[/tmp/SecuriteInfo.com.Android.BankBot.GoldDigger.11.10291.24662.elf]

Network

Country Destination Domain Proto
US 1.1.1.1:53 debian12-armhf-20240221-en-8 udp
US 1.1.1.1:53 debian12-armhf-20240221-en-8 udp
US 1.1.1.1:53 debian12-armhf-20240221-en-8 udp
US 1.1.1.1:53 debian12-armhf-20240221-en-8 udp

Files

N/A