Overview

overview

10

Static

static

6

64b535ae0e...fc.apk

android-9-x86

10

64b535ae0e...fc.apk

android-10-x64

10

Analysis

  • max time kernel
    147s
  • max time network
    131s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    20-11-2024 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    64b535ae0e7d0f9edfcec31945310ea1c710f1aee18c52ac45c579b5a1ea3dfc.apk

  • Size

    1.2MB

  • MD5

    57ea80a371feab800709e5b125e93a06

  • SHA1

    f94f3f868141393ec9df11307eb7eddc6d9b734a

  • SHA256

    64b535ae0e7d0f9edfcec31945310ea1c710f1aee18c52ac45c579b5a1ea3dfc

  • SHA512

    aab66aa2e80a4289aa0fdd1964c60a3649fdf732384f1b888dcb10a6c4d49855f2d087e3f2cad245a7c5686cd6e6135ffc746a8d32613a8f8575b637dde8c1b0

  • SSDEEP

    24576:IaibmdwiITEEFMqBAH98uswqtfncy82BOOHoOVepxTfzJwldqNfUQNtd:VS6IoE+qBAH9qwq/7XPyxT9EdkfUQNtd

Score
10/10
octobankercollectioncredential_accessdiscoveryevasionimpactinfostealerpersistencerattrojan

Malware Config

Extracted

Family

octo

C2

https://siqnisiq.com/M2EyOTM2M2FlY2My/

https://xijunggao.com/M2EyOTM2M2FlY2My/

https://fujetgue.shop/M2EyOTM2M2FlY2My/

https://junggvbvb.com/M2EyOTM2M2FlY2My/

https://junggvbv.com/M2EyOTM2M2FlY2My/

https://sabgggsabggg.com/M2EyOTM2M2FlY2My/

https://sabgggsabggg.top/M2EyOTM2M2FlY2My/

https://sabgggsabgggsabggg.top/M2EyOTM2M2FlY2My/

https://nisiqnisiq.top/M2EyOTM2M2FlY2My/

https://abgggpoh.top/M2EyOTM2M2FlY2My/
rc4.plain

Extracted

Family

octo

C2

https://siqnisiq.com/M2EyOTM2M2FlY2My/

https://xijunggao.com/M2EyOTM2M2FlY2My/

https://fujetgue.shop/M2EyOTM2M2FlY2My/

https://junggvbvb.com/M2EyOTM2M2FlY2My/

https://junggvbv.com/M2EyOTM2M2FlY2My/

https://sabgggsabggg.com/M2EyOTM2M2FlY2My/

https://sabgggsabggg.top/M2EyOTM2M2FlY2My/

https://sabgggsabgggsabggg.top/M2EyOTM2M2FlY2My/

https://nisiqnisiq.top/M2EyOTM2M2FlY2My/

https://abgggpoh.top/M2EyOTM2M2FlY2My/
AES_key

Signatures

Processes

  • com.colddoosuj
    1⤵
    • Loads dropped Dex/Jar
    • Makes use of the framework's Accessibility service
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Performs UI accessibility actions on behalf of the user
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:5059

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.colddoosuj/app_DynamicOptDex/UWgpuwY.json
    Filesize

    2KB

    MD5

    37fc167b6ec22e7a7ebd17e4bc9dc52e

    SHA1

    7df1ad43a39d1c22e48a24359e8ccbbdb1cd2533

    SHA256

    805695ae70904a474cfbd18c62bfd7c036bd2f7f8d1d74e412f06b8173e5dcf5

    SHA512

    1d9a129255b1cefc2aba214955874feae81d4e2c0c112090613e781ce50d1095e765d73b5d29563029a50f1a2e40bcd442e02e4b6f36b99d65fcf07f9156cc98

    Download Submit

  • /data/data/com.colddoosuj/app_DynamicOptDex/UWgpuwY.json
    Filesize

    2KB

    MD5

    ea56c3bc743790e0c100c242b1bafb34

    SHA1

    14b19ea384f7e8d9bcd464a8d2bb52425b1a0b10

    SHA256

    9cd8e9c12b8d5391cf59738230fa198cad24f7f442537cff438e076d6b52393d

    SHA512

    271d22873ff693afb0b98b78a90ac5e06a2eb0b351008c1fad1770eb7c00b9304341efcfe92f67f0f8c42ded9f96c6e8d0665dcfa5a2477f1ce3362f1c06f38c

    Download Submit

  • /data/data/com.colddoosuj/cache/bbttmxgc
    Filesize

    448KB

    MD5

    8087d117f28be45559cb45b4bcd7c89c

    SHA1

    ee2547667760be13c071da4a8f01258dce6ce557

    SHA256

    275c8d5c41275965a97764cc51b39fd344d803b8f7a3b686a303eda2382266a1

    SHA512

    328973fa9321c2ec2ec663dd8fd46d8753d7d6480d20d3f4a43b33da508d3231c650b7a062a586ae584b0a78339819d8de6a25ab0dabf88eed82c853eb9df6c3

    Download Submit

  • /data/data/com.colddoosuj/cache/oat/bbttmxgc.cur.prof
    Filesize

    474B

    MD5

    0865bf75ef6e232b520c3f1cf4ee2e29

    SHA1

    237a3c4c7b3f92eff1b77a25716213e99dcd2995

    SHA256

    86a2d005128c50a049424a1bc966b538dbf8b75e1ecf8a1e7c1b7a6cea8319ec

    SHA512

    bd120b45efc7e3db04239cffbd15b893043844d7e97ae725f00c80d645adf6fcdb714520ed3e593b7f888c380fc4208aa96422fb24f56d3eb3313df8ce410130

    Download Submit

  • /data/user/0/com.colddoosuj/app_DynamicOptDex/UWgpuwY.json
    Filesize

    5KB

    MD5

    0868097b61441c163c964fdb3610e34e

    SHA1

    cc8a27912a5083e4fe998bd0fd2567019e739f7c

    SHA256

    913842b54d425628cef2516b1537cbeb0b9eae5c71df5d652fa27f13585ef005

    SHA512

    6ab9660fe5136be6596e4865be86d823ad1c44ba94df0f89589dbce352b39cf01014c94a4ba8fa883723b2d21f1948ff4d46315431788c9b66fe82b04d75382b

    Download Submit