Overview

overview

10

Static

static

6

8a07533d8b...25.apk

android-9-x86

10

8a07533d8b...25.apk

android-10-x64

10

8a07533d8b...25.apk

android-11-x64

10

Analysis

  • max time kernel
    4s
  • max time network
    158s
  • platform
    android-9_x86
  • resource
    android-x86-arm-20240910-en
  • resource tags

    arch:armarch:x86image:android-x86-arm-20240910-enlocale:en-usos:android-9-x86system
  • submitted
    21/12/2024, 22:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8a07533d8b06050c8f00a33dceec100ca47183d10f938ac8e0d3bf61ba41b825.apk

  • Size

    4.1MB

  • MD5

    160a9678fe5f938beefbeef3b664c98e

  • SHA1

    b93d5718a5232562fbe1d147c2b866732bdc16a6

  • SHA256

    8a07533d8b06050c8f00a33dceec100ca47183d10f938ac8e0d3bf61ba41b825

  • SHA512

    9ead6dd1949afd5c383a9578cb2dc5549f63bc5a0b0b98e9d274dda345e60a2cb96005d8a99c0171439a7754a47bb5d9718f4248a764856a1f4766059aca8c7c

  • SSDEEP

    98304:Fu2zoPJIPtSfIbtlNvbxZPlm7VaJDa046:FuKNXvRwVODL5

Score
10/10
chameleonbankerevasionimpactinfostealertrojan

Malware Config

Signatures

  • Chameleon

    Chameleon is an Android banking trojan first seen in 2023.

    trojaninfostealerbankerchameleon
  • Chameleon family
    chameleon
  • Chameleon payload 1 IoCs
  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.copper.ordinary
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4299
    • sh
      2⤵
        PID:4364
        • /system/bin/sh /system/bin/pm list package -3
          3⤵
            PID:4381
            • cmd package list package -3
              4⤵
                PID:4397
          • sh
            2⤵
              PID:4419
              • cat /proc/self/cgroup
                3⤵
                  PID:4436

            Network

            MITRE ATT&CK Mobile v15

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • /data/data/com.copper.ordinary/app_DynamicOptDex/XErFFbn.json
              Filesize

              826KB

              MD5

              de589f821585f6e0393f24d1a5fe2a3e

              SHA1

              6861ffc941b563a9dfd5dba9b4d793c9a230f153

              SHA256

              7ded1058294a329c1d41224ade264eccabfecfcbd8ae7bf44e3c456df3538a03

              SHA512

              ed317f06d3042bd62087967b15ad3484e91917e535bd76ff6959719ce3dbd954479df13953cfd6f09955be49faab7bfa69350a2576215263490fad6ddd4b0f48

              Download Submit

            • /data/data/com.copper.ordinary/app_DynamicOptDex/XErFFbn.json
              Filesize

              826KB

              MD5

              fb814480bb22fcee75bc87b072ad0bbf

              SHA1

              2dfee0b390dd1d007e17128373368afd6c8655b1

              SHA256

              b1dd15f1705b2dbbeb8e944e7eb3e3b0f475670037020875fc2f72cb97fe1307

              SHA512

              e3d451d4026d9d6d3f4e7c8fafcbb29264bae6cfa9888235b35750d64d5361381a8b0558ea360c6c5f78831ce58a462877cd0f152915f3c48955127b784089c2

              Download Submit

            • /data/user/0/com.copper.ordinary/app_DynamicOptDex/XErFFbn.json
              Filesize

              2.3MB

              MD5

              9d8a3470c4388155c8080d7cf67a3fa4

              SHA1

              30825f8c64a5d36f704240206e5773b0a5936600

              SHA256

              ca8899448cd3bd7243aba6fec40dab1a7c781cc6013ad3ff0e1e5a72cd0e53f4

              SHA512

              e9743516fbc34ea1a2e4d712f38147b5e5e8bda6c5aa058507cc7ffd132023bc20a714e396aaac6caa1f5ed57db404dfd248e10304b76c8f6e6fe6e59f5baf13

              Download Submit