Overview

overview

10

Static

static

6

8a07533d8b...25.apk

android-9-x86

10

8a07533d8b...25.apk

android-10-x64

10

8a07533d8b...25.apk

android-11-x64

10

Analysis

  • max time kernel
    3s
  • max time network
    157s
  • platform
    android-11_x64
  • resource
    android-x64-arm64-20240910-en
  • resource tags

    arch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240910-enlocale:en-usos:android-11-x64system
  • submitted
    21/12/2024, 22:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8a07533d8b06050c8f00a33dceec100ca47183d10f938ac8e0d3bf61ba41b825.apk

  • Size

    4.1MB

  • MD5

    160a9678fe5f938beefbeef3b664c98e

  • SHA1

    b93d5718a5232562fbe1d147c2b866732bdc16a6

  • SHA256

    8a07533d8b06050c8f00a33dceec100ca47183d10f938ac8e0d3bf61ba41b825

  • SHA512

    9ead6dd1949afd5c383a9578cb2dc5549f63bc5a0b0b98e9d274dda345e60a2cb96005d8a99c0171439a7754a47bb5d9718f4248a764856a1f4766059aca8c7c

  • SSDEEP

    98304:Fu2zoPJIPtSfIbtlNvbxZPlm7VaJDa046:FuKNXvRwVODL5

Score
10/10
chameleonbankerevasionimpactinfostealertrojan

Malware Config

Signatures

  • Chameleon

    Chameleon is an Android banking trojan first seen in 2023.

    trojaninfostealerbankerchameleon
  • Chameleon family
    chameleon
  • Chameleon payload 1 IoCs
  • Checks Android system properties for emulator presence. 1 TTPs 1 IoCs
    evasion
  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.copper.ordinary
    1⤵
    • Checks Android system properties for emulator presence.
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4624

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.copper.ordinary/app_DynamicOptDex/XErFFbn.json
    Filesize

    826KB

    MD5

    de589f821585f6e0393f24d1a5fe2a3e

    SHA1

    6861ffc941b563a9dfd5dba9b4d793c9a230f153

    SHA256

    7ded1058294a329c1d41224ade264eccabfecfcbd8ae7bf44e3c456df3538a03

    SHA512

    ed317f06d3042bd62087967b15ad3484e91917e535bd76ff6959719ce3dbd954479df13953cfd6f09955be49faab7bfa69350a2576215263490fad6ddd4b0f48

    Download Submit

  • /data/user/0/com.copper.ordinary/app_DynamicOptDex/XErFFbn.json
    Filesize

    826KB

    MD5

    fb814480bb22fcee75bc87b072ad0bbf

    SHA1

    2dfee0b390dd1d007e17128373368afd6c8655b1

    SHA256

    b1dd15f1705b2dbbeb8e944e7eb3e3b0f475670037020875fc2f72cb97fe1307

    SHA512

    e3d451d4026d9d6d3f4e7c8fafcbb29264bae6cfa9888235b35750d64d5361381a8b0558ea360c6c5f78831ce58a462877cd0f152915f3c48955127b784089c2

    Download Submit

  • /data/user/0/com.copper.ordinary/app_DynamicOptDex/XErFFbn.json
    Filesize

    2.3MB

    MD5

    305af700890e2536ae28a592bb16688c

    SHA1

    6a4cb797f9e0fa2ac00de58e7f2515b00d128d01

    SHA256

    30475e3f8f957486419de5a4bd5f4ad9bb8b545fdb25804b2ad4e92464355cb9

    SHA512

    8a75f8861620c956a79705ab20024e358d8390a7072e5ea4579cd4f9488014da46fd4388a158dba318ea548b0c095ffb21cb8dde3b5303b80caca7eeaa19cc8e

    Download Submit