Overview

overview

10

Static

static

6

d4d958c87e...a0.apk

android-9-x86

10

d4d958c87e...a0.apk

android-10-x64

10

d4d958c87e...a0.apk

android-11-x64

10

Analysis

  • max time kernel
    2s
  • max time network
    150s
  • platform
    android-10_x64
  • resource
    android-x64-20240910-en
  • resource tags

    arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system
  • submitted
    29/12/2024, 22:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d4d958c87e338fd81b710c9b495224ec1751c7e847034c7a24978483e4267fa0.apk

  • Size

    3.2MB

  • MD5

    5f8b7be295fcf4a727e0083a7e0a4712

  • SHA1

    2653402b00c0f1d848634240388e0d7c3f91e1dc

  • SHA256

    d4d958c87e338fd81b710c9b495224ec1751c7e847034c7a24978483e4267fa0

  • SHA512

    a6c4a460dbab8bd8e190986023b2864ca2fd559d0bfc25db382c741200f480724e9f35c9f3e83bb6b79aa54adf78eb1b38c4c77edc1ad8e76a9128427b7a7220

  • SSDEEP

    98304:FTbk/xl2nGHCSNi+hjEkQ3DHdXHcNcAFU12SbpsN8jt74FVV4U:BbyxonGiwbSt2mMV4U

Score
10/10
chameleonbankerevasionimpactinfostealertrojan

Malware Config

Signatures

  • Chameleon

    Chameleon is an Android banking trojan first seen in 2023.

    trojaninfostealerbankerchameleon
  • Chameleon family
    chameleon
  • Chameleon payload 1 IoCs
  • Checks Android system properties for emulator presence. 1 TTPs 1 IoCs
    evasion
  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.notable.hidden
    1⤵
    • Checks Android system properties for emulator presence.
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:5101

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.notable.hidden/app_DynamicOptDex/XqIxQeT.json
    Filesize

    651KB

    MD5

    f19c1252e1ddea093b75c681b77fb5b7

    SHA1

    f9e9effd975effe9ccf2b9ac53cc2503084f0ace

    SHA256

    e1a8e4e1267364ae0adae420d7554a1984d798cf3f2f829ba3e1febecba1674b

    SHA512

    5b011dd86ee279d4d8292156ca2af946aa131c5b3b2a5d5d9019b237706e13bf8606fc3650b90db097e94e4ef43a78ca98d6d7d68a35b3fd29ece12ad08ca3bb

    Download Submit

  • /data/data/com.notable.hidden/app_DynamicOptDex/XqIxQeT.json
    Filesize

    651KB

    MD5

    77df7681c385455a9054ba7957578064

    SHA1

    056450e3aad283f40af67277aa908bb0adf0d19b

    SHA256

    1c02964cd2559ddc7201d8dfb042878360ceeb64f52bf028dfc0f59777995ed3

    SHA512

    4bc11ca5a16e226372a7d3981dd8b399396c0f38fd5ce7a92e5b46839f7eec382aad500430043de64bb7b11e15f7a2bf1e585676642133a8bb8a5462b27f2ebf

    Download Submit

  • /data/user/0/com.notable.hidden/app_DynamicOptDex/XqIxQeT.json
    Filesize

    1.7MB

    MD5

    98b417f2d0b21f1d00938c81481c6ef0

    SHA1

    492015a43ab987ebfa5a9e0bb633aabaf2989711

    SHA256

    3f0d2c11184c09e132b76934f8974d74b56e71e54f8224986ea33e80942398fd

    SHA512

    94ee749c8181beafdf5a618261b3d3d2c6d103d9e12e0d669dbf0b398809cdf2eec8ae5b006bf1cfb471c277b2cca5fda1d5d091d142879aa62d33f26d7c21e1

    Download Submit