General

  • Target

    8c91dc43f9d4198afb494388737d9a62.bin

  • Size

    12.9MB

  • MD5

    c9bc4d05d4f98c7986a8cb606e7dc90a

  • SHA1

    1e9ed55c795305c33c18fbb537fed5d78103281f

  • SHA256

    8a955760cbdf63aa2d9a110804cfa23a7f8876402ae4d87354320972e27aa910

  • SHA512

    abef0e99cfdec02a1b030ab51145d0e496ad0dfd8a0245e39dc02e4d2c8c92526c191b1178bba140c3c15df9f9d17300c1cf6096171676f8387ba28bde9de0c5

  • SSDEEP

    393216:96U8OYRye+iseo8TfQh22tWkPecxP5LSggjIjjXrFi:9r8OYQHB8zQpMkGcDWggjIjjXrFi

Score
10/10

Malware Config

Signatures

  • Antidot family
  • Antidot payload 1 IoCs
  • Declares broadcast receivers with permission to handle system events 1 IoCs
  • Declares services with permission to bind to the system 1 IoCs
  • Requests dangerous framework permissions 17 IoCs

Files

  • 8c91dc43f9d4198afb494388737d9a62.bin
    .zip

    Password: infected

  • dd4bce9274cabcbcb2f3ea2b00867932399ad0de9b923896a70ac03076231efa.apk
    .apk android arch:arm64 arch:arm

    Password: infected

    com.b551a.off

    com.igg.andr.Launcher