Overview

overview

10

Static

static

6

2937d2f1c6...fe.apk

android-9-x86

10

2937d2f1c6...fe.apk

android-10-x64

10

2937d2f1c6...fe.apk

android-11-x64

10

Analysis

  • max time kernel
    8s
  • max time network
    131s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    29/11/2024, 22:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2937d2f1c634daedf63f43a032bf9326f00b09ea460222a8d2bed82562169cfe.apk

  • Size

    3.7MB

  • MD5

    4f8aa1e43f3275eace7dc85920ff9fd6

  • SHA1

    cdc7889906dff64c5fcfda178598462bd14ea108

  • SHA256

    2937d2f1c634daedf63f43a032bf9326f00b09ea460222a8d2bed82562169cfe

  • SHA512

    3d73715b514d93b1044928df3fd85c8eed6aa16be4b9d9b285507c269e486a791757af608e283e2596a7fdfbe4026e6c2d282c91f2245221444e9fcef424dd11

  • SSDEEP

    98304:iZuk1j02W8WFEKNaiLrIwdMfeokDDqM5Mge:Cuk1j02AFEIaiL0iRokDDe

Score
10/10
chameleonbankerevasionimpactinfostealertrojan

Malware Config

Signatures

  • Chameleon

    Chameleon is an Android banking trojan first seen in 2023.

    trojaninfostealerbankerchameleon
  • Chameleon family
    chameleon
  • Chameleon payload 1 IoCs
  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.educate.path
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4286
    • sh
      2⤵
        PID:4320
        • /system/bin/sh /system/bin/pm list package -3
          3⤵
            PID:4338
            • cmd package list package -3
              4⤵
                PID:4354
          • sh
            2⤵
              PID:4377
              • cat /proc/self/cgroup
                3⤵
                  PID:4394

            Network

            MITRE ATT&CK Mobile v15

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • /data/data/com.educate.path/app_DynamicOptDex/XnlJUWQ.json
              Filesize

              881KB

              MD5

              c6b96bf00ef74e71031f0bb469f5ad6a

              SHA1

              b55a12a2a276b943235e60442cec030f46d996f6

              SHA256

              11e4ddc59bc6244653bc2061ac03f946e3e03dd7bea38196f8b9e2738f5f665b

              SHA512

              174c4f216dfa95a44588c71256dc9602fa27510a89869d696a15bdb23807e05e43c33be3e43a280b90cfcbd4bb45f33bb989658d598570d6c13b8cb9f0c37446

              Download Submit

            • /data/data/com.educate.path/app_DynamicOptDex/XnlJUWQ.json
              Filesize

              881KB

              MD5

              64bbd308fc5607c96a115d8090261a51

              SHA1

              0716496619604dbc18865fc24aaf2844636eeb32

              SHA256

              7156e21e58c7320719b2099534052c18c90a89615338289df200b40c53266e51

              SHA512

              abf106753ca2ed9684facc87cec92f909e37531f066a9173bd9a11a8abf1bf619f953418dc97ab02d3ace8b4dca620bbd6211a4c4fc74d2222fc4718f98ecb9a

              Download Submit

            • /data/user/0/com.educate.path/app_DynamicOptDex/XnlJUWQ.json
              Filesize

              2.5MB

              MD5

              3d28146b4cd3ec5908fd9642c216d6e4

              SHA1

              2c3f5cae9eb9d91c9538fe4d690624a8f0ab1172

              SHA256

              53bb30c623a0383d256a03294a01def0113eb4f61eff93e6904c8b71be986213

              SHA512

              4ba2c540c248dfb7d3f65e18b281651f7e6825942a4cec1a1eda07cb2c10f32c46d11f9b0ed20c9aba72feeb43e56d8fa6c5a9242e720cfe731b678afaa18a37

              Download Submit