Overview

overview

10

Static

static

6

5b8d3731c7...4d.apk

android-9-x86

10

5b8d3731c7...4d.apk

android-10-x64

10

5b8d3731c7...4d.apk

android-11-x64

10

Analysis

  • max time kernel
    9s
  • max time network
    138s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    24/01/2025, 22:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5b8d3731c7ae44f17fa56ecd4d6063a8edd2855cf3a52725bf14a5256714bf4d.apk

  • Size

    3.3MB

  • MD5

    99f0ca8a5bd6c00fbad74e29a0190a27

  • SHA1

    c2d1616c4498bfadef681ea8d053a65afde14ccc

  • SHA256

    5b8d3731c7ae44f17fa56ecd4d6063a8edd2855cf3a52725bf14a5256714bf4d

  • SHA512

    b8281db228967eba865bafd5e0055b09009204eadf344595c4502919b1db110d0026c51cf95c51377eb47a97dc598a1f0217a97ef9407d49e3dd934c68396618

  • SSDEEP

    98304:brlFSEYAhQGHcCNp+f7jEpQDGHhXtVNyW2deTx9QSFbU817t0qxpQA:flQEYMQG8ApaCVTf7FpQA

Score
10/10
chameleonbankerevasionimpactinfostealertrojan

Malware Config

Signatures

  • Chameleon

    Chameleon is an Android banking trojan first seen in 2023.

    trojaninfostealerbankerchameleon
  • Chameleon family
    chameleon
  • Chameleon payload 1 IoCs
  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.spice.surprise
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4255
    • sh
      2⤵
        PID:4286
        • /system/bin/sh /system/bin/pm list package -3
          3⤵
            PID:4304
            • cmd package list package -3
              4⤵
                PID:4320
          • sh
            2⤵
              PID:4343
              • cat /proc/self/cgroup
                3⤵
                  PID:4388

            Network

            MITRE ATT&CK Mobile v15

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • /data/data/com.spice.surprise/app_DynamicOptDex/oFdeGYa.json
              Filesize

              647KB

              MD5

              0866eb1002e2864e6c1de40fdcc433ad

              SHA1

              b8d1e2530d27f1fe57aabb84a12b6ad037745a6d

              SHA256

              68f443314ca37f67bb57ebe15ad9f40cef42306f380a77462ee3da49b59ee8aa

              SHA512

              178b77e686e506a4d62bb30ccaa9887abb7ef2873833ace3ec2f4dae265d363a9f408e5ad42f1cd5c454a24763f3b76b011b694ec30750caec1309697a568899

              Download Submit

            • /data/data/com.spice.surprise/app_DynamicOptDex/oFdeGYa.json
              Filesize

              647KB

              MD5

              12cb7855ed22541a47dc5392601765bc

              SHA1

              bc935e56e1dc19de836b2a54d620816db75b4df7

              SHA256

              f1dca3272945502624bc8d366114bf4b9e7c0b5df955bb06bfd1477d5fe5219c

              SHA512

              c9a294c083236abb0ed69ba44f43a709027cebf59d3e145ccd53b4d3d5be2e66ff4fdd02d8be4764e3040454de5e79d852b32b5230faf8b64e49c8c1df8ec57a

              Download Submit

            • /data/user/0/com.spice.surprise/app_DynamicOptDex/oFdeGYa.json
              Filesize

              1.7MB

              MD5

              a9dae18c0bb7c5be2b237433f2375c0d

              SHA1

              c3475b4e732c091b6e2f4baba6440bae163b041c

              SHA256

              dd56893adb1ef0c524e3817cf0063e63048ce37f69ba2199ab5d25b9db4cac5f

              SHA512

              27b7aaf28eb6cb7af422096ee47f88557314ad654739bfa68588a92e95d0938f8dd0fc5ffb332b8c44914ae8c1fdd21f8d772485101b7f36609d336bc96e1a13

              Download Submit