Overview

overview

10

Static

static

10

589b49f391...f9.apk

android-9-x86

8

589b49f391...f9.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    589b49f391a1beef3445016b07c7b7be37d97ea619b7764d2dbf822d6d8ecef9

  • Size

    11.7MB

  • MD5

    0ab33809610af8104d6659e15232dadd

  • SHA1

    277bce6306e02d497245660185926b2eaa535473

  • SHA256

    589b49f391a1beef3445016b07c7b7be37d97ea619b7764d2dbf822d6d8ecef9

  • SHA512

    21e7fcceed7efaa3225cf2bc463aa78c3c193532c0ed6ccaf486e748da5ed4fada0949297e14a4a384e206bf350d47f977f832977246f281b5887d35092134f3

  • SSDEEP

    196608:9WW7aLEMaQrxCkwMhIgZ/uzLM90qrtPMRffVvbIB+fbxqffsedyD1j2YDjVoyy:9WW7F1Qr0kwANuPFqrZMRVzIADAnsQyY

Score
10/10
godfather

Malware Config

Extracted

Family

godfather

C2

https://t.me/mavirotekiromi

Signatures

  • Godfather family
    godfather
  • Declares broadcast receivers with permission to handle system events 1 IoCs
  • Declares services with permission to bind to the system 2 IoCs
  • Requests dangerous framework permissions 4 IoCs

Files

  • 589b49f391a1beef3445016b07c7b7be37d97ea619b7764d2dbf822d6d8ecef9
    .apk android arch:arm64 arch:arm arch:x86 arch:x64

    com.vakko.power

    com.vakko.power.aquicolouspalaestrian


Android Permissions

589b49f391a1beef3445016b07c7b7be37d97ea619b7764d2dbf822d6d8ecef9

Permissions

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS

android.permission.BIND_ACCESSIBILITY_SERVICE

android.permission.FOREGROUND_SERVICE

android.permission.WAKE_LOCK

android.permission.INTERNET

android.permission.ACCESS_WIFI_STATE

android.permission.CALL_PHONE

android.permission.READ_CONTACTS

android.permission.READ_PHONE_STATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.DISABLE_KEYGUARD

android.permission.CHANGE_NETWORK_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.UPDATE_DEVICE_STATS

android.permission.MODIFY_PHONE_STATE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.QUERY_ALL_PACKAGES