Analysis
-
max time kernel
102s -
max time network
109s -
platform
android_x64 -
resource
android-x64-20240624-en -
resource tags
-
submitted
24/01/2025, 08:21
General
-
Target
daba8cfd789d0a69c20cef14115fed2206a2042c84b9e96cdb5a38fa915cd305.apk
-
Size
9.2MB
-
MD5
df6950fb69837d6c932058b5b7965dfb
-
SHA1
99200b9f365acb2196ed44e239cd7f201106eb45
-
SHA256
daba8cfd789d0a69c20cef14115fed2206a2042c84b9e96cdb5a38fa915cd305
-
SHA512
9bbacf73e40fc15dd2a39384d43379750a24840690c8111e555430ba9969d92fba02514e23120e8bec99917d7eb57a22da0c08ee6107198e05eb9770e9aab360
-
SSDEEP
196608:YkRK0T9aE5iOrRl15KHDIwmgGvpejXAUdQ+QDmVAkH1:hK0YEi+LKHDVGReldQHDmVAG
Malware Config
Signatures
-
Antidot
Antidot is an Android banking trojan first seen in May 2024.
-
Antidot family
-
Antidot payload 1 IoCs
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Checks the application is allowed to request package installs through the package installer 1 TTPs 1 IoCs
Checks the application is allowed to install additional applications (Might try to install applications from unknown sources).
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.yacimixo.argument1⤵
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Checks the application is allowed to request package installs through the package installer
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
626KB
MD59ec3bb705c9c660a52504bc847372789
SHA1ca907dc6ceabb9664d2c3046db96cc15e7089bd2
SHA256e505e210aa339d78a0f8ee627b34b88a16b3b37efcae88e1dd21ab18cb7851c1
SHA5122c20e7bad303d2994460a4eb913603ea89d016a3b18e3cf1513577d0c96406a916cc2f72af250bff30b7f500f44d181ac375b58106e11e730f8714959782d7ac
-
Filesize
626KB
MD5e8cc27ac913376a04f2b93d8080b80c8
SHA15476be57adb397d79c2f552c835b0a8ac1c518eb
SHA2562de96225452827782c9f7d7d0059496acf696d46163fba54abba40fa12a78658
SHA51267ddb5ef445d1b354fe288c9a97b6af0233916c68ffc0178b2d7f07373fc578ef37e6d9628a590c37ed79ffd21da194919ed70bc8b5127c13b74adeaf8c5a3d8
-
Filesize
1KB
MD58aaacaa04df8709abb1ba372df206bdc
SHA1a9da110df5770b52e21c606b666fc88cb00d852a
SHA25612a1db556a2dc02b0100b68068b78bfb953b0cab4b5505272717974eb6db18b1
SHA5125d8e914be87a7f44b3362cb1bce0541ec998f2d38ac7159c9622c4783159cdca44af10610edab9dcdc08c0b024c16f94cef903cf7651b36d94ff093257585508
-
Filesize
24B
MD5f38e2dfd148ae306a3cbdb7131a33978
SHA1cf7a202329c691e294433e4665304f440395436e
SHA256a30d161377f7258a2c7831711f18245affd04fba2a24ee533552d8d7a1e50315
SHA512cd0b2f09395e10a0a2fd71a33da5a1b26cf2673e11b9512be64e04719bc118212bc35eed600e389ce0c5805656023d9884334b28713be09629b246eb5a64eff4
-
Filesize
8B
MD5492d4ef3c1a8c7f0ddf6dbd0a1511de4
SHA1f93e5c7911b249a8ebb65f943634581e717f0dea
SHA25695d7bacc3dc464ad45e998880a4acc2732496816fc3dc6e86e175b6979257465
SHA5122a79ffdb3d3a6751572065087e0d6c47360379730cfc5461a374f41e6112bce33ea5bfcdf9dd9845f9e68b479364c088ce05ad8f37efdebc4c390847e64fab7c
-
Filesize
132KB
MD578f1b4745585fda810b526495241467b
SHA15a0a8134c8c8048eedfe88a9c85d76e4d38385bf
SHA256631ddfcd71d52f9923b98af0e0c17075966ef9d6ce2f2876fbf6c862585174a6
SHA5128de102ed769bca1ed41467caa70cea37a513d8e22e4eca3e9a0e308f3dd2bb2a2d7c8b8c6cb1fcfeb975d322bc859fcc163280760c9da6c15ec98fc59c215dee
-
Filesize
512B
MD5f94f305acc89b5ec9de4e84c54cf3fc3
SHA13afc740ba66c57fc52f5f26ac453dae34c1d16d8
SHA256a83a304459af9c63805d857a933693fe182bd5e8fc3f11ae7ede76dc941a9ca4
SHA512780fb6aba33d3212a4bc76137905d346425bd9e503c32f1c130a74521b3bc804d390ccead7dc6431a4b629a86841cb77e465f2cf54a21983546aaf62ac93a858
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
422KB
MD54f5ee0a96141b0bd851e21c20461425f
SHA13bb63674c17591ff4fbf6eb9e65f3051f7643f0b
SHA256d7b4e1bab691453abed0e54a572b5e54678b1f16e1e15199ee8206a60b4f04a5
SHA512e0a1fd3ce8c83a5d6f777739f3bfe40bdb07b2a318606ca9e142e4c0ef59c0c1a7189380ca33d9f2c37ecdaebd1914ed32166f2f11bf1bcf5e3997355c2b2d6f
-
Filesize
16KB
MD58096f31a5864ad03c150b0a27d83b307
SHA124ef0cf2cd177984175f7de8ff02e2e89fa849e6
SHA2569a8b238876bfda15ea94438ae8027b7d0ce477d0d0b2fd5868b134854b3654d2
SHA512f8640cb156d9663c2069692d67a4d36f0e94cc04bbfb71d66ced4a0c966cfce4271980b76cd0fa254d6d0427ebd38e8e7c6cf2719e29cb67dfd7062284cabb3d
-
Filesize
116KB
MD5777024a77b1b57446c752026664185e4
SHA1d91686c68c5fca06c95c184dac46f9d9732ca964
SHA2562245a8a6c31fcf8250dd234d368721a7244812aacc78147fae188226dc5a798b
SHA51220f1944d656bad8c13b969cb48b04cadafef892d5e90430a66c5eb995fd2b468aef1d0f92178927adb280fa258cd52aa2a9a36ac2953b29cab59786065258ee1
-
Filesize
989B
MD54ead8b3a0a8b812c85d6ce6281638a67
SHA1e273b4927cbf2de43d058f3154abb450ae21cbd9
SHA256db07ac092b522c209580434463d01956ddd51ddcd2cf2331e2a5d8000cbdb307
SHA51263b3785346fb2f60603124833e64d5e348dfd3580f949303ef1e5b9f881150474068c7c31e85fc2a03c5d64f327105220d3ce28647b8e5001be1bfc58500bdee
-
Filesize
196B
MD567856cfbca84e66bfccec9ce4a65f01e
SHA1cce6552d05980bc2ee973c4483b03d75e7970ac2
SHA25662d4eb6250cce7540c4e0f2333b06ffef34ee4c46fbe50695d18caebb1882671
SHA5122bb079c108d1412d299a7843b57fba2042ca7f5eaf3e42f8cbfd1f58221c7288ccefbf8b96a9499369d218d30ff343dac930d578e4709de1272bc4d5fd5494af
-
Filesize
1.3MB
MD516340c836da7129f238d15943bda519e
SHA160a6909bebfdc88448c64e638c9b0000277f58b4
SHA25645b86ec3b612d367850ec484fe1c3c83de1672024d547f33132aa7053f3a8052
SHA5125cab3eb081f3cf07344bb3ecb42b614c914df67317c7ec954429725c112a20e414b423e8a1d8d25057de18a460c9a4e95e424cfd4fd46db41213f0d4e65868d6