Overview

overview

10

Static

static

6

10c7bacd6e...53.apk

android-9-x86

10

10c7bacd6e...53.apk

android-10-x64

10

10c7bacd6e...53.apk

android-11-x64

10

Analysis

  • max time kernel
    3s
  • max time network
    136s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    21/01/2025, 22:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    10c7bacd6e5f1fef74285335d2ae999082737335f6daecc0df0cbd497dd74453.apk

  • Size

    3.7MB

  • MD5

    3f7856556b493e826f33e144b2a89a4e

  • SHA1

    33df6eacecdfb0396c5e3c7a797fb0dc55e604dd

  • SHA256

    10c7bacd6e5f1fef74285335d2ae999082737335f6daecc0df0cbd497dd74453

  • SHA512

    6962ca686a629bf4c41677237dcfc6e8684ac2d36a7f8e1b66e68396e11bb534ed6dfef465fb59c016a5e0bf24c142ddfc4a01105d76abc6ed58936963a99f65

  • SSDEEP

    98304:fw02VWIbXWPAZx1ZWMNJbb1G1yxuZdMiltqaF/9aYmg5P6:Y02VFx/LH5bg1yxkMilD6

Score
10/10
chameleonbankerdefense_evasionevasionimpactinfostealertrojan

Malware Config

Signatures

  • Chameleon

    Chameleon is an Android banking trojan first seen in 2023.

    trojaninfostealerbankerchameleon
  • Chameleon family
    chameleon
  • Chameleon payload 1 IoCs
  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Checks the presence of a debugger
    defense_evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.sting.enrich
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4990

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.sting.enrich/app_ACRA-unapproved/.stacktrace
    Filesize

    2B

    MD5

    99914b932bd37a50b983c5e7c90ae93b

    SHA1

    bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

    SHA256

    44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

    SHA512

    27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

    Download Submit

  • /data/data/com.sting.enrich/app_DynamicOptDex/Lwye.json
    Filesize

    814KB

    MD5

    b20d606657ae78458e149e2aa43536a6

    SHA1

    f200641df62298b6b315e8204a715b515d8a2cfe

    SHA256

    9dc4370b65b2e10b9405cf75e27a224e42c0132fcb9c8b4bc73362a0648fe07a

    SHA512

    33898ef9f4bfb7c913cc1938b3a12978e0eedfc25eb2d52549e6fb4f7bad96f60071bcec6caafc7e255416cb08f8996b78d950951ca08629ebc1e3679b06c029

    Download Submit

  • /data/data/com.sting.enrich/app_DynamicOptDex/Lwye.json
    Filesize

    814KB

    MD5

    99d39f17bca1391994e6167839130f0a

    SHA1

    07f980803b726a95317fd8e2406633c8f5ed7040

    SHA256

    717b10e71b51d075aa60dd9f243bb17840bb00b2fd24d668beb7af268b6fa3e1

    SHA512

    2f200e7b7ddc1447efc5e415d044f6433fa17037a1459d24ccc9dc0ea03e902b4b9d5776823d3b5598b7e79f5a9ddbcbda1d9c6fef42a4228434a077176ea506

    Download Submit

  • /data/user/0/com.sting.enrich/app_DynamicOptDex/Lwye.json
    Filesize

    2.2MB

    MD5

    dff8e95798952be124eaf33d84481026

    SHA1

    817d1f67fde2f4b18c8e8ea26dc30c293dbf8fda

    SHA256

    ee51a12de03113874220f2556e17e75694e67af8ece5452558f433ac1ca5259d

    SHA512

    d2dbc243897f14669039ac926df2d337cd6ceb6343e3ec898c397ee4e9a709faa486b489803246c060d2356b25a42c87a032cd4bd7a57655b37f1fde26bebd73

    Download Submit