Analysis
-
max time kernel
300s -
max time network
310s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
-
submitted
24/01/2025, 08:21
General
-
Target
daba8cfd789d0a69c20cef14115fed2206a2042c84b9e96cdb5a38fa915cd305.apk
-
Size
9.2MB
-
MD5
df6950fb69837d6c932058b5b7965dfb
-
SHA1
99200b9f365acb2196ed44e239cd7f201106eb45
-
SHA256
daba8cfd789d0a69c20cef14115fed2206a2042c84b9e96cdb5a38fa915cd305
-
SHA512
9bbacf73e40fc15dd2a39384d43379750a24840690c8111e555430ba9969d92fba02514e23120e8bec99917d7eb57a22da0c08ee6107198e05eb9770e9aab360
-
SSDEEP
196608:YkRK0T9aE5iOrRl15KHDIwmgGvpejXAUdQ+QDmVAkH1:hK0YEi+LKHDVGReldQHDmVAG
Malware Config
Signatures
-
Antidot
Antidot is an Android banking trojan first seen in May 2024.
-
Antidot family
-
Antidot payload 1 IoCs
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Checks the application is allowed to request package installs through the package installer 1 TTPs 1 IoCs
Checks the application is allowed to install additional applications (Might try to install applications from unknown sources).
-
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.yacimixo.argument1⤵
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Checks the application is allowed to request package installs through the package installer
- Schedules tasks to execute at a specified time
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
626KB
MD59ec3bb705c9c660a52504bc847372789
SHA1ca907dc6ceabb9664d2c3046db96cc15e7089bd2
SHA256e505e210aa339d78a0f8ee627b34b88a16b3b37efcae88e1dd21ab18cb7851c1
SHA5122c20e7bad303d2994460a4eb913603ea89d016a3b18e3cf1513577d0c96406a916cc2f72af250bff30b7f500f44d181ac375b58106e11e730f8714959782d7ac
-
Filesize
626KB
MD5e8cc27ac913376a04f2b93d8080b80c8
SHA15476be57adb397d79c2f552c835b0a8ac1c518eb
SHA2562de96225452827782c9f7d7d0059496acf696d46163fba54abba40fa12a78658
SHA51267ddb5ef445d1b354fe288c9a97b6af0233916c68ffc0178b2d7f07373fc578ef37e6d9628a590c37ed79ffd21da194919ed70bc8b5127c13b74adeaf8c5a3d8
-
Filesize
1KB
MD5daf37ed7d929b0cbda9cc428780877b7
SHA1e7d2b16ba64a2a5c8598b26888225456b5e8ec6b
SHA2563219c82b6e88fb116b16a88850598736b5e85f0102aa424b98fd42a34ea6abe5
SHA51299cc520a0308ea5160eed6b4f0f53ef379cfe2b83de1cfcdc822cbd3728ceac2cfac3b003ea26f8a6cc5151a497e29c4e9792d4dfdb665c642dd4ba8f1dcbe7f
-
Filesize
8B
MD5ff7d40b6d0edc7b6c37f9d57506cf2a0
SHA16acb690048f2b6535eae48ec03b02c2f2b67ae9c
SHA256a972f92265c9e7dee47d21e26cf746de70a41293c50358a58012c10a7e8c13b4
SHA51239bc463989c56c130a170580240a0000f1349f8bf08f0c68f2375e02acef48bbd2d16a0f0fbbc0d3f45517ccca98c1e2530a7e2a0f12a8c6766c4ca6c46a7027
-
Filesize
228KB
MD57a9084aa64db7e2da799792ea8909765
SHA1c186b7f02045c384f4b8c6fa1696341f73463bf4
SHA2562d853e519e0314b445593760687b7d05f60b7fc505ff677831001180b63c24fa
SHA512d2309a45691342629d7f89644640881c55d9d05653f56cf549d7cdeb83cf9f4fcec9d4bc2f11d2968e6ef3697c9ff350a95114391c110b1de090ae437c2ce2c4
-
Filesize
512B
MD586dec30d5cb2fdbafb4fc62d29f1fc96
SHA188566abae3ee0f043d489d9520280f2e01f88299
SHA256652c09830d53c0379289a31e37ac0aff093322b452c47f9eb4a8b612e9042a99
SHA512fa8f181891306cd51d95fedb351ce669eb106bb0d92ea3c79a14ac130e1cb7075ac91809d2677efb4c4a3c7930fdc73aeab89bd135eca5b275f38530261d4e51
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
422KB
MD5a889a2e9c4846dc778e6a1e2b9a0dd26
SHA1d1850a595a811e68f34f7e4be2f07a47fad5c813
SHA25674b31c3de549c512c16b7e70cb5599a0cecb21724b01430413711ee3b56611a5
SHA512ee20dd3928f9c90d7388a79e054a8c69f8641d82a700ce57806c817eb587c8c7bcb7f5fd57a31eec35250e3aae12616bfb144dfe45672c7ff3e5f05eff53cd34
-
Filesize
16KB
MD5dd0a8295646e9e24605b3b9744adab98
SHA15085662935ea00d6428f3cc27bdc50c4018290d7
SHA256f4e72c847e7d94d96abd44393d0dd282f876ea3715ac35fd3abf81cdcb334327
SHA5126d4d1a91525f6be791cf21b6afd277b785aee69b8be509be7ab6eda9b420729da9d1ea0c37d248f1ff2ef171dd7b5671c62c8d3374f30a25fc3f6c0d8bb7de6d
-
Filesize
116KB
MD5075c22be15a8c206e8b55c244a7a09a6
SHA13316644111773902011a3102179fb889e27d0ca1
SHA256629579449b04a179d948b7551647f7ffcb67c99658ab6e94cab6b2aa9ce3cf8b
SHA5126887e63c537621ce1220bdc153a91ffe42b6b6838b05b89f7792784d8cb2ad1ac4d5088888b97c7d7f953267549de405bee8fcac6eafc8777af188a228493427
-
Filesize
989B
MD54ead8b3a0a8b812c85d6ce6281638a67
SHA1e273b4927cbf2de43d058f3154abb450ae21cbd9
SHA256db07ac092b522c209580434463d01956ddd51ddcd2cf2331e2a5d8000cbdb307
SHA51263b3785346fb2f60603124833e64d5e348dfd3580f949303ef1e5b9f881150474068c7c31e85fc2a03c5d64f327105220d3ce28647b8e5001be1bfc58500bdee
-
Filesize
196B
MD58b2acbdcf88b51155ac5ae3e1b854eb2
SHA12b35356792ee5f7f76e9856e743632727f121691
SHA25626999a4933e31bf77f6dcf42cf87b4a62a41d00c332b8821e776f8ed0f3fd945
SHA512fba6d083d306aa221f84cc427e07a445feda45f9130a8f9e82cd90890c4ae61e6d8d45911b2850b1b2092a6a8864f298c171827d4977db770d6fb7c4a069f19e
-
Filesize
1.3MB
MD516340c836da7129f238d15943bda519e
SHA160a6909bebfdc88448c64e638c9b0000277f58b4
SHA25645b86ec3b612d367850ec484fe1c3c83de1672024d547f33132aa7053f3a8052
SHA5125cab3eb081f3cf07344bb3ecb42b614c914df67317c7ec954429725c112a20e414b423e8a1d8d25057de18a460c9a4e95e424cfd4fd46db41213f0d4e65868d6