Overview

overview

10

Static

static

6

5b8d3731c7...4d.apk

android-9-x86

10

5b8d3731c7...4d.apk

android-10-x64

10

5b8d3731c7...4d.apk

android-11-x64

10

Analysis

  • max time kernel
    8s
  • max time network
    131s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    24/01/2025, 22:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5b8d3731c7ae44f17fa56ecd4d6063a8edd2855cf3a52725bf14a5256714bf4d.apk

  • Size

    3.3MB

  • MD5

    99f0ca8a5bd6c00fbad74e29a0190a27

  • SHA1

    c2d1616c4498bfadef681ea8d053a65afde14ccc

  • SHA256

    5b8d3731c7ae44f17fa56ecd4d6063a8edd2855cf3a52725bf14a5256714bf4d

  • SHA512

    b8281db228967eba865bafd5e0055b09009204eadf344595c4502919b1db110d0026c51cf95c51377eb47a97dc598a1f0217a97ef9407d49e3dd934c68396618

  • SSDEEP

    98304:brlFSEYAhQGHcCNp+f7jEpQDGHhXtVNyW2deTx9QSFbU817t0qxpQA:flQEYMQG8ApaCVTf7FpQA

Score
10/10
chameleonbankerevasionimpactinfostealertrojan

Malware Config

Signatures

  • Chameleon

    Chameleon is an Android banking trojan first seen in 2023.

    trojaninfostealerbankerchameleon
  • Chameleon family
    chameleon
  • Chameleon payload 1 IoCs
  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.spice.surprise
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4531

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.spice.surprise/app_DynamicOptDex/oFdeGYa.json
    Filesize

    647KB

    MD5

    0866eb1002e2864e6c1de40fdcc433ad

    SHA1

    b8d1e2530d27f1fe57aabb84a12b6ad037745a6d

    SHA256

    68f443314ca37f67bb57ebe15ad9f40cef42306f380a77462ee3da49b59ee8aa

    SHA512

    178b77e686e506a4d62bb30ccaa9887abb7ef2873833ace3ec2f4dae265d363a9f408e5ad42f1cd5c454a24763f3b76b011b694ec30750caec1309697a568899

    Download Submit

  • /data/user/0/com.spice.surprise/app_DynamicOptDex/oFdeGYa.json
    Filesize

    647KB

    MD5

    12cb7855ed22541a47dc5392601765bc

    SHA1

    bc935e56e1dc19de836b2a54d620816db75b4df7

    SHA256

    f1dca3272945502624bc8d366114bf4b9e7c0b5df955bb06bfd1477d5fe5219c

    SHA512

    c9a294c083236abb0ed69ba44f43a709027cebf59d3e145ccd53b4d3d5be2e66ff4fdd02d8be4764e3040454de5e79d852b32b5230faf8b64e49c8c1df8ec57a

    Download Submit

  • /data/user/0/com.spice.surprise/app_DynamicOptDex/oFdeGYa.json
    Filesize

    1.7MB

    MD5

    ac7becaa5eba833ce2f80fb7cd324581

    SHA1

    cafedf69c6a45112514f5fd258cb87fa38fba972

    SHA256

    ab89f21c9448f735299f38792fd2285ec4207a6df79925dd2bd62d323d469092

    SHA512

    832af1da81095368ad2652b86a75cd5249372484c24aa5095964d9c18cbbc929dc938276c4593e836a9ad1a4435dd850fcfe401713dccd233191603ae3f32d3a

    Download Submit