Overview

overview

10

Static

static

6

2c2a6717a0...35.apk

android-9-x86

10

2c2a6717a0...35.apk

android-10-x64

10

2c2a6717a0...35.apk

android-11-x64

1

Analysis

  • max time kernel
    10s
  • max time network
    131s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    07/11/2024, 22:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2c2a6717a0a5239c7d2dfe5854ba0b3622610cc1a99dd718363d10efaa6ada35.apk

  • Size

    3.6MB

  • MD5

    b1d2bbc7ad3a97384bc054b782da711e

  • SHA1

    fe9c448f9dcf320cd6a594ae14226e010082bf3c

  • SHA256

    2c2a6717a0a5239c7d2dfe5854ba0b3622610cc1a99dd718363d10efaa6ada35

  • SHA512

    e0289a396c00b774b0460bc74a9c1d01f64ffffe7beb66619732f488adbfc997bb2eb999efc8ce74e33a1bf28cd3a929b921f332fd9927c349b22c2e7ffafeb9

  • SSDEEP

    98304:pwYQI3t8FxEqIjGHy2Nw8nJjEsQ7zHtXfIN8cZgNSiPpzItxhJaUrVKjA:pQW8FxELjGS0w6WNSfhJejA

Score
10/10
chameleonbankerevasionimpactinfostealertrojan

Malware Config

Signatures

  • Chameleon

    Chameleon is an Android banking trojan first seen in 2023.

    trojaninfostealerbankerchameleon
  • Chameleon family
    chameleon
  • Chameleon payload 1 IoCs
  • Checks Android system properties for emulator presence. 1 TTPs 1 IoCs
    evasion
  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.tray.nominee
    1⤵
    • Checks Android system properties for emulator presence.
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4345
    • sh
      2⤵
        PID:4380
        • /system/bin/sh /system/bin/pm list package -3
          3⤵
            PID:4398
            • cmd package list package -3
              4⤵
                PID:4415
          • sh
            2⤵
              PID:4436
              • cat /proc/self/cgroup
                3⤵
                  PID:4455

            Network

            MITRE ATT&CK Mobile v15

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • /data/data/com.tray.nominee/app_DynamicOptDex/ufBip.json
              Filesize

              911KB

              MD5

              6cd2715362c1b92a02055eab0ee474c8

              SHA1

              9d744e8bd1a8c3a4c7b9bc99e9f151565257338b

              SHA256

              65376bff9cb3107ac6f6f8b1a729a040143b3c9acad41367c80505582de60b99

              SHA512

              9dea97b8b26cf8b54b126861c7d079e9e4ec9db0a2c4d728eb244a7d94fc32c77799c7166e8a1dc80b95ddf3093e316b82169ee040e40c94753763419496647b

              Download Submit

            • /data/data/com.tray.nominee/app_DynamicOptDex/ufBip.json
              Filesize

              911KB

              MD5

              57b88f9814c39a76fa2e180889a1ec75

              SHA1

              3f07effa328f7e484b57973d43d5a269f9e9eaa9

              SHA256

              baba0975731712ba96f92787ea7179eacac1ee9f3f2f8739b6cb558b4a4a7524

              SHA512

              2c180742ce4a7c7081927d3e451da85407fd9616d7721105cd68711ad7d6f9758965ebfbcd968ba378ee57150b86dc04023ebbc222cddfb1592d2524ef34729c

              Download Submit

            • /data/user/0/com.tray.nominee/app_DynamicOptDex/ufBip.json
              Filesize

              2.4MB

              MD5

              2a8ffa0ab573642d8dac26cbf0930ad7

              SHA1

              8c5725393e6c801578b1ddaa40b2d436e0838cce

              SHA256

              0b6e5890feecd14736b2f0036164bb1d4ea8e5133e4f8d0554110b1ecd4fdb8c

              SHA512

              aaf44c0e53474afe371e0d7bde1902bbe2056fa394bbaedacab5260f5c579f9410043be62e0a8358aee5e7ddf3202791dfc278e577326d1fdc089afd21a0b98f

              Download Submit