Analysis
-
max time kernel
6s -
max time network
153s -
platform
android_x64 -
resource
android-x64-20240624-en -
resource tags
-
submitted
17-12-2024 22:00
General
-
Target
f08ad22d272a54ee36007f420737b6b23dbc0544f184f7be7135b429f0699765.apk
-
Size
2.0MB
-
MD5
7e7b0b8575acbc06c151335550c8ea9c
-
SHA1
c58f3400e83a5a1635ab1c49ce00a65be57f1910
-
SHA256
f08ad22d272a54ee36007f420737b6b23dbc0544f184f7be7135b429f0699765
-
SHA512
5cd24e8894f7b0870d0951849bd22829797414ad6cde9e4345e297dda8fb681796d91ce6d265677115b2095a6dd5b49f75b5aa70e1b27ca929b499ae73e5b68e
-
SSDEEP
49152:4XDS92cVtni0j7wjrfF0b8NvpZfwcdMScYIY:UQJtmfq8tzTpc7Y
Malware Config
Extracted
octo
https://cosmosalienadventures.xyz/YmJlYTFiODdkMjcz/
https://intergalacticvoyages.xyz/YmJlYTFiODdkMjcz/
https://stellarexplorations.xyz/YmJlYTFiODdkMjcz/
https://quantumspaceodyssey.xyz/YmJlYTFiODdkMjcz/
https://extraterrestrialhub.xyz/YmJlYTFiODdkMjcz/
https://nebularresearchlabs.xyz/YmJlYTFiODdkMjcz/
https://cosmicfrontiersquad.xyz/YmJlYTFiODdkMjcz/
https://andromedamissions.xyz/YmJlYTFiODdkMjcz/
https://orbitalknowledgenet.xyz/YmJlYTFiODdkMjcz/
https://aliencivilizations.xyz/YmJlYTFiODdkMjcz/
https://celestialinventions.xyz/YmJlYTFiODdkMjcz/
https://astralnavigationxyz.xyz/YmJlYTFiODdkMjcz/
https://galacticcodexbase.xyz/YmJlYTFiODdkMjcz/
https://proximaexpedition.xyz/YmJlYTFiODdkMjcz/
https://universespectrum.xyz/YmJlYTFiODdkMjcz/
https://keplerinfinityteam.xyz/YmJlYTFiODdkMjcz/
https://astronomicalpioneers.xyz/YmJlYTFiODdkMjcz/
https://xenoscientificera.xyz/YmJlYTFiODdkMjcz/
https://orbitalscientists.xyz/YmJlYTFiODdkMjcz/
https://cosmicventurespro.xyz/YmJlYTFiODdkMjcz/
Signatures
-
Octo
Octo is a banking malware with remote access capabilities first seen in April 2022.
-
Octo family
-
Octo payload 1 IoCs
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
Processes
-
com.wheat.swim1⤵
- Loads dropped Dex/Jar
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
153KB
MD5dca4b6633ad63a8f2358470f1029dbe1
SHA1ffcd14a891bf88eb9168551b0d9586bb94316b3a
SHA256f11b080eb979acd2dfb762319445373c991e682ac2e8307cc87b5a8534429c64
SHA5126d34cdc43e4762f70d6c317a1c9ccbcbd3b2420b38190bbaff1a636f89b943da714b9987bad919d5d22d94841f1ac4296ead230b3d8173563b7fd97626dd8a91
-
Filesize
153KB
MD55c92e70871782415cae4ff121ff2357e
SHA1e1620af9b49f6f6417366dec60490c0ee3ef2a9a
SHA2568eaa28e793ec5c2c97a950e062af7c3880691970ae1e2749139d816bc65a3949
SHA5127c69cc0c939562464833abc5c4c8d4f17e7b9bf96a522979cde0d78d11ee82069dbc03ea4499f7fe544cf25fb1162318cb28745210581db38122cc5a83cd0b4a
-
Filesize
450KB
MD56935de4416898b0ce3b174467e07fd1f
SHA1f30c51a13d98c97083f488dc3a71dadcd54ff3a2
SHA2564f65b73b382658ef9ba3c6ca240017f211007c02a549f0350538d74f6acda37a
SHA51253e4a6b2efd5130d08ce5351a7de010a0ec1fce12a6be27aff76909279dc265d85ec4dd395e29409a2d939e63eff6ba60a1da7f6ca601f2a6e4eb84465ee79e9