com.metabolizability.sunbathe.parrotcoal
android.intent.action.MAIN
android.intent.action.VIEW
General
-
Target
18f5f817288f48fa4285e916a2ee3ecf78591b46eb341f5ab6ca8805bfcd502c.bin
-
Size
3.9MB
-
MD5
c5fe2c9a190f00a492120278104f011a
-
SHA1
b9dce8c9c890746ffdd63a2760d087327ca074fd
-
SHA256
18f5f817288f48fa4285e916a2ee3ecf78591b46eb341f5ab6ca8805bfcd502c
-
SHA512
b0f5114cf1272d3093532f9e91425156320240561c87668dc1e29b90097d956666a10d08b6c8c50196721b947e274f0095982d8ffe389b6b2aab015631ffe590
-
SSDEEP
98304:/v6ufpJO5RdxBmOtOAenID1PQl83kgPRM+jLVv:/vBmRdxUOtOAenIDuBQMgVv
Score
10/10
Malware Config
Extracted
Family
godfather
C2
https://t.me/trinomazkonera
Signatures
-
Godfather family
-
Declares services with permission to bind to the system 1 IoCs
-
Requests dangerous framework permissions 1 IoCs
Files
-
18f5f817288f48fa4285e916a2ee3ecf78591b46eb341f5ab6ca8805bfcd502c.bin
com.metabolizability.sunbathe
com.metabolizability.sunbathe.parrotcoal
Android Permissions
18f5f817288f48fa4285e916a2ee3ecf78591b46eb341f5ab6ca8805bfcd502c.bin
Permissions
android.permission.INTERNET
android.permission.FOREGROUND_SERVICE
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.WAKE_LOCK
android.permission.POST_NOTIFICATIONS
android.permission.QUERY_ALL_PACKAGES
com.metabolizability.sunbathe.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION