Analysis

  • max time kernel
    7s
  • max time network
    158s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    01-12-2024 22:25

General

  • Target

    eccd4ba9bdfb75b251a1aa4806cdbf8fe0b7cdc5484fb947cef9a27babcd394e.apk

  • Size

    8.8MB

  • MD5

    5f6bd5fbcd6bf1e40d7df98bfd428e7e

  • SHA1

    fe12a4a9945e869388750467d21c66047f21741d

  • SHA256

    eccd4ba9bdfb75b251a1aa4806cdbf8fe0b7cdc5484fb947cef9a27babcd394e

  • SHA512

    47b0f6d38ca15a175fc9a028d9acdab6a9e9585e74ace39774482bcb93cc5ea6f6ba8ea2003827daa0260f35b4d38020afc409da7edff021e465b7e34bfadb86

  • SSDEEP

    196608:0zXjz/jP+0Z38dVT2GbTuX6prCDPZcMqovic58Vjmdqie3K5X:aXrPLBGbqSuDBv/vj1dbec

Malware Config

Signatures

  • TangleBot

    TangleBot is an Android SMS malware first seen in September 2021.

  • TangleBot payload 1 IoCs
  • Tanglebot family
  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • com.garbage.inherit
    1⤵
    • Loads dropped Dex/Jar
    PID:4968

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.garbage.inherit/app_tornado/qZcLxZD.json

    Filesize

    1.8MB

    MD5

    4d70feb32b5bbf143ddd39c7c8a0efdb

    SHA1

    c20702a647334aef05cad75abcdef5846b9292aa

    SHA256

    058ff9770a529bf7bd560bc4c217d4c08dea6b9ac37ee499a655fdf427306672

    SHA512

    eaab1b973dcbb1c60dab586693ad4805117245f95bf0a91513b3011bbb2afe90fb9f51cc767e8b7bc242173df70dd64ad8da7ee4f3c021f153cc781180091045

  • /data/data/com.garbage.inherit/app_tornado/qZcLxZD.json

    Filesize

    1.8MB

    MD5

    99e1109681dc4321fa9eb13576bd6bc0

    SHA1

    04d25ddf66b00f8d45149c3865c00fb02ac205a7

    SHA256

    7b47bd9137f4bf20e77d5ac099ea2efae5e0894e399905f6d20992a2dd56fe6d

    SHA512

    5fd282cedb6f22eb5dd21fc7307710fb5e9398a7ee5c166dd4346f7f6f5bdf7bef3578c2c7986b20a3d9c638531353bd3d0013b6d8d8b13388750cc1bc4509d4

  • /data/user/0/com.garbage.inherit/app_tornado/qZcLxZD.json

    Filesize

    4.4MB

    MD5

    0610b84a58fc2d5eb4c541be2923ede7

    SHA1

    18249092023b856856dd49bf8ca98fb654494781

    SHA256

    bc0093b9f95aa2d0bad8721c66b1d458d99a9971b70cfdd64a3ff4693b16a9b7

    SHA512

    1ada5721b886e027fb290980bb4371da49c6cbf46cf5c255a6d08c37db1bb472bd100416b6349650261ab7b218d6d9d67fcf96f0a18bcb624c9cbd2c8759a8e8