octo | b24dbf400fe6d87de3cfae45faf7b0bf1476286da8081bea0715aedb12593220 | Triage

Sharing

General

Target

b24dbf400fe6d87de3cfae45faf7b0bf1476286da8081bea0715aedb12593220.bin
Size

2.7MB
Sample

241113-1w5w7azgrr
MD5

73f51a8cb792b5589dc2ba1e5a1d2917
SHA1

ff8e8f8beae282e8062df52d8ae0920248af9178
SHA256

b24dbf400fe6d87de3cfae45faf7b0bf1476286da8081bea0715aedb12593220
SHA512

6a054fe7ab8ca40fad25440d1c1715a2caa666c6fc497aa1fab8b4ef77a4771712897ec12e3271cb082be1170ac26a4fe33c213913cf7becd10ffadb84facad2
SSDEEP

49152:B86Kjcf1ObPyI4trAm8a8KLGBHzFOTkCMmn6U9BrVT9mDl8r601sS8IQG:yFjEI4iZaUzYH99yIh

Score

10^/10

octo android banker discovery

Malware Config

Extracted

Family

octo

C2

https://178.215.224.87:7117/gate/

rc4.plain

Targets

- Target
  
  b24dbf400fe6d87de3cfae45faf7b0bf1476286da8081bea0715aedb12593220.bin
- Size
  
  2.7MB
- MD5
  
  73f51a8cb792b5589dc2ba1e5a1d2917
- SHA1
  
  ff8e8f8beae282e8062df52d8ae0920248af9178
- SHA256
  
  b24dbf400fe6d87de3cfae45faf7b0bf1476286da8081bea0715aedb12593220
- SHA512
  
  6a054fe7ab8ca40fad25440d1c1715a2caa666c6fc497aa1fab8b4ef77a4771712897ec12e3271cb082be1170ac26a4fe33c213913cf7becd10ffadb84facad2
- SSDEEP
  
  49152:B86Kjcf1ObPyI4trAm8a8KLGBHzFOTkCMmn6U9BrVT9mDl8r601sS8IQG:yFjEI4iZaUzYH99yIh
Score

7^/10

banker discovery
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Software Discovery

Security Software Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

bankerdiscovery