Analysis
-
max time kernel
5s -
max time network
159s -
platform
android_x64 -
resource
android-x64-20240624-en -
resource tags
-
submitted
19-12-2024 22:00
General
-
Target
7abe8922680dae65d78255e5e473c8eb783566557f8ec86f9012a01b1786e551.apk
-
Size
2.0MB
-
MD5
b9a3825e1bc3eba58aa8acb324fb9f97
-
SHA1
d48dae83ea9293724a5b20ab6eb067fea2ab50ce
-
SHA256
7abe8922680dae65d78255e5e473c8eb783566557f8ec86f9012a01b1786e551
-
SHA512
32c649214892894a446b051f011db58e5370132d956bd788156886010b012890cbe9611bf7a4c81887e22f176099ed1371351753a3a00dfda16dfb48b8caa415
-
SSDEEP
49152:vWFVb6i/SQz5DXfBpVkJsj61/ZiZsezXHmWKPYH8:vKVb6i6QNDSf12sIrcT
Malware Config
Extracted
octo
https://cosmosalienadventures.xyz/YmJlYTFiODdkMjcz/
https://intergalacticvoyages.xyz/YmJlYTFiODdkMjcz/
https://stellarexplorations.xyz/YmJlYTFiODdkMjcz/
https://quantumspaceodyssey.xyz/YmJlYTFiODdkMjcz/
https://extraterrestrialhub.xyz/YmJlYTFiODdkMjcz/
https://nebularresearchlabs.xyz/YmJlYTFiODdkMjcz/
https://cosmicfrontiersquad.xyz/YmJlYTFiODdkMjcz/
https://andromedamissions.xyz/YmJlYTFiODdkMjcz/
https://orbitalknowledgenet.xyz/YmJlYTFiODdkMjcz/
https://aliencivilizations.xyz/YmJlYTFiODdkMjcz/
https://celestialinventions.xyz/YmJlYTFiODdkMjcz/
https://astralnavigationxyz.xyz/YmJlYTFiODdkMjcz/
https://galacticcodexbase.xyz/YmJlYTFiODdkMjcz/
https://proximaexpedition.xyz/YmJlYTFiODdkMjcz/
https://universespectrum.xyz/YmJlYTFiODdkMjcz/
https://keplerinfinityteam.xyz/YmJlYTFiODdkMjcz/
https://astronomicalpioneers.xyz/YmJlYTFiODdkMjcz/
https://xenoscientificera.xyz/YmJlYTFiODdkMjcz/
https://orbitalscientists.xyz/YmJlYTFiODdkMjcz/
https://cosmicventurespro.xyz/YmJlYTFiODdkMjcz/
Signatures
-
Octo
Octo is a banking malware with remote access capabilities first seen in April 2022.
-
Octo family
-
Octo payload 1 IoCs
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
Processes
-
com.material.anger1⤵
- Loads dropped Dex/Jar
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
153KB
MD51c03befecdff8955aafe43f828f62053
SHA1cb365bdde73bba1b192ab03b35f7afcfa14da808
SHA25683711d95891e8c24866db33c0be527a94783a3a14b43697b2f6ec5a15e4d7baa
SHA5121d3c2df47bcd6f81134deda75d83173f73e324ce59cc50c35374cb575906fca177d9beac5b7a2808b13d36526eac5678d932f411314503cfa1ac002c756f003c
-
Filesize
153KB
MD5c73c7ce978a7062d760131ea0e6164a8
SHA116775999caacea1ee0cefc0771dfa5ccf0b71069
SHA25653f502b2abfe20894df185ab4b87236bbdfd250239170f572537f6ebdfe7b7e7
SHA512cbd392d042426692391d521e5e7224657dd7d5e56afcb578c603ee378d3f33120daeaf078bd426e9dacf48a217653c5765dd965c54c5552fe73460485564c0d7
-
Filesize
450KB
MD5b2e609219b39e4537c4b67faed8efa92
SHA1be14240044a781025ad92c921df2d81fdd117960
SHA256c22cc190a6fc38baa2574d2b171f1f9d67b7b8146ed7257bbff8bfda8c844623
SHA5127615d933a64a21aa2543ea099c04945739561b51cb4bdc9ffe0a06ccb6e8f6b8e0cc722163e59089cdf3a0b77e6ca427f5a922d664ea0a2fd3e164b10323f809