Overview

overview

10

Static

static

6

e32218193a...73.apk

android-10-x64

10

e32218193a...73.apk

android-11-x64

10

e32218193a...73.apk

android-13-x64

10

e32218193a...73.apk

android-9-x86

10

Analysis

  • max time kernel
    5s
  • max time network
    96s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    29/11/2024, 07:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e32218193a0649dcb9333187c2e9b1981b923e46be3c5d09bb4290e7c976db73.apk

  • Size

    3.1MB

  • MD5

    ac9bada8f5e415f7a42d3783d33fff78

  • SHA1

    f5602c1c58e80adbc31b0b6cf2aaf08400fa2573

  • SHA256

    e32218193a0649dcb9333187c2e9b1981b923e46be3c5d09bb4290e7c976db73

  • SHA512

    1f9763cea1e72b7876babb37612b7c9be6a47962d88a24c7094f518e82f6206ff7bf1799bfb835f6181fadb53adb4e9317c7e2b2b5d5b4b3350d240766889dc2

  • SSDEEP

    98304:BAZkFXAySCFNSXNEk/mWmEFqSgEWkM/W+DL8CWVQzNepQc7e:BFZuC3S3iee

Score
10/10
chameleonbankerevasionimpactinfostealertrojan

Malware Config

Signatures

  • Chameleon

    Chameleon is an Android banking trojan first seen in 2023.

    trojaninfostealerbankerchameleon
  • Chameleon family
    chameleon
  • Chameleon payload 1 IoCs
  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.over.initial
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:5080

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.over.initial/app_DynamicOptDex/gjlPlJ.json
    Filesize

    637KB

    MD5

    5c616c73cc3f9edbc067694fb261bd67

    SHA1

    cb1fe688ec11d5fd0ecdddacf8ef1ceeace2770c

    SHA256

    f7baa56acd5a75c4520ab481192de56c5e94d609901d893d041399996ee0b0ba

    SHA512

    37fd85ee100208d1c5dc11d1001da50db612a04f23c1b91a4bc631115d31f410e46f44646728ee604a83b839bb4a0d424380061faf5046e74c98413395b09156

    Download Submit

  • /data/data/com.over.initial/app_DynamicOptDex/gjlPlJ.json
    Filesize

    637KB

    MD5

    2fa2787076c2f40a561a6c5e7d8a12c1

    SHA1

    5608e2fc8a55604db5602ca30a47516617d946e4

    SHA256

    ed4b330c03319f9f977772cfd18b98229789055466534a3758d5b1136a9c9780

    SHA512

    25db4664c28d1d4ab95b3f2a723e454ecc00d314663a37c4cc733bbe2830016cc26959c5665076e4d6da1058ddba16a0ae4eb21df44bc1dea1ca53ef37ffee49

    Download Submit

  • /data/user/0/com.over.initial/app_DynamicOptDex/gjlPlJ.json
    Filesize

    1.7MB

    MD5

    c069734f1e8797c4aa6c0448326171e8

    SHA1

    9e50618cbb2a11dc53e92d60ed70c78f2a62c66c

    SHA256

    809de2eb903559dd8c214da7f46ae91bd88e6add88d86458e825eb1cb6e82769

    SHA512

    a3e12e80107c761b99010680cd99c78d4f16216848383e5ba216faf523fd3d536b4a1c9dc3d76d800f226b2a8d9982ceb973ce5732bfc75fa5bee4dc0b7ef775

    Download Submit