Analysis
-
max time kernel
149s -
max time network
143s -
platform
android_x64 -
resource
android-x64-20240624-en -
resource tags
-
submitted
24/01/2025, 20:13
General
-
Target
ChromeSetup_v.13.06.11.apk
-
Size
9.4MB
-
MD5
a46b20b8a7bddbd0adfd01654f456c09
-
SHA1
c9681ad05915a1db4d7182c2b6cd0c8eadb4b480
-
SHA256
edcf2f02a491fab69c3c18610c9d72966567c632ff4d881e4dc6d7154019d8e3
-
SHA512
4cb2a5bd66f2566f1f4a81eaacc40d744ded9542d519187df96ac7059e6ecb33976ab7aa8d6a3bc1327517e1f911d3af8e6cff292a93d517ba79fafeb0080a76
-
SSDEEP
196608:wEYBfTwwaC4vfd3UPfhCYzlQMufB2rJxs49XdhCrj4QzO016:dfC4v1WvdFxs49azO+6
Malware Config
Signatures
-
Antidot
Antidot is an Android banking trojan first seen in May 2024.
-
Antidot family
-
Antidot payload 1 IoCs
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Checks the application is allowed to request package installs through the package installer 1 TTPs 1 IoCs
Checks the application is allowed to install additional applications (Might try to install applications from unknown sources).
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.fiwuyedite.library1⤵
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Checks the application is allowed to request package installs through the package installer
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
626KB
MD54f85ae2c0f7f1408e0f9b8790325922f
SHA151b117d5eaf51d63f12174cc9b1ae534af3b4dbe
SHA256d5b423e2970c4c40f89c13fc1e56bff67ecbc93339b54022d77dc4af8c23fbbb
SHA512917264d09ba8919436f614522e2f0dc2e1449c31c5eb24abe4fd99677589f0e5d6a9766aa6c8c6422215d34d7d1a329aeae76b6fee5232b850b89492c6f29e4c
-
Filesize
626KB
MD582d6938a1fb512da330721ed0fa597d9
SHA1630d2d9c00d4cec03a4f6553d63e4b5f6856d4cb
SHA2561c13d4279dcfeaf1604f128666beb1e786ce537856e47e9968a53b611010410d
SHA5127157832667fd0c8b4a45e7ebe634458d166901010dac2d111295f26bdd50433f762ab0dbbdf744fbf74f9ea83f23ef4f20ce83e7d5a0e92f10cebf88202a7a95
-
Filesize
2KB
MD5f030c26e3ff6107176b2bfbc5ed2b661
SHA1fcb76eee9f1acbe7c40162725bbb43eb8c665edf
SHA256f17bb964ed3829a52662eb2b207f82215f53834235a5840bce99d3c927516daf
SHA512806217fc38f544dc72496fc8f96857d9394b61c66cc2f79c13127a76c8ca6a20623605c60f3b12a243eca6f2ec502039527714874e59d26767a1defca53b04e5
-
Filesize
2KB
MD5f0a74d7923c81cc5f82996831b541d76
SHA1f464c444441bb720ea9dce7299890062099fbf39
SHA25698a874e98393cfa57cb316047be53e7e6507e5a19f5a36bbab3fab3af8370254
SHA512be7f3fa1d8d60f9690bc3adb08528889dd493205cbdfe866eac69852aaaccdcc15ba43c456057498988460687b14dc0992a411b8dbef11a41eed71469b7c39fd
-
Filesize
24B
MD5b6e7c6774d73e8a56c0e3a777942c052
SHA1c4258f30730a5fa6fac3c8125a4e988196aeff49
SHA256b36e0081b4839245767d659d71698631ded62c72aa763a729dff476ed9100acc
SHA5124cdfc84402c99077af1fb0a8dadb48a57c44381f004fca7bfed2da8f9bec28c3ec21f8f8926fa37bc6eef94ebd50ad96c20444b244c6f5cf2591de59f3f13e6c
-
Filesize
8B
MD5cc9d5f08e4e983b691f749dd1c6e716f
SHA147a8cd3389ed7fad12ef2da88f7ee469b951054a
SHA2567a36e20be96d9e983accdadb5d58bbc0eac45a2b025276287ef9ff9bdce31317
SHA512798262a275bfa17638c49dfbc736c78d73c93050c60bb0e732f96dc27963fb85c2c063df0fb8cd124d7a454165c22b16b9b99ab62e81b5e317f88075c33f7795
-
Filesize
156KB
MD5311e73a7903ecba909254d11884e9f19
SHA1594c94179866c9e0fb84f95e8f8d7cd0b7a49dbc
SHA256e930d4e54a27bdce4d9824ef19a5294a6e029fa096424c1d49cde5bfbd0bd81a
SHA5125a69ed264c1ea2319b2830b1f87cba6d280c6e08946c499238e7f0168e991c66f5c00fe60d5b34ea125749b3a4b6bd8a7d99b61255485dfb6c688a3f773b3649
-
Filesize
512B
MD5d1335c95923efe08237d8a074a35f90d
SHA191f771d46549323364f7499fb3be27374e016a92
SHA2569ae4ac17df90fa325485dba1232a08ceeaeebf6176ab40811f4aef224fd38ff4
SHA512cf01d8fbe01e790bc2ff5bbf2cc0665e594ab0bc95a74d216ccab3d945ea4156230ce560f1990db1b64c9dccf0aebb68928f040cedef7bc1e95901824c750704
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
422KB
MD50e7fe3bdc817e55052988cff9d3d4260
SHA16b5e164ae3c3df590a49a260b9d97339beb26678
SHA2568f8e535476ebbf250ce44a5a8482c97a78bce22659ee68e18aa8226a58733d94
SHA512ed243761a2cff7090a4a27d119f5ee33e4adddd685fee5ed1f91db9ea9cf03198cb440f229018008296cc4a49862c394d6f75c5bb9ff9df52167e487387e3521
-
Filesize
16KB
MD5f5861e2222e16d161e4978ebbe553933
SHA1b04aaadf86e99f222e21f71309bb28f1599c675c
SHA2560b36739fb5e97467c20fd98ca2d2ec79888fb5d40a701eb5bcab763adbf2c752
SHA512c6e594607347d0bcd4dc6629b4b5c212ad2e83cee1b3e7a13c242751e0e8082a2b07e28fa4449cd2f2d49de53aaac0247c3927300764ce5860f68824319f1f02
-
Filesize
116KB
MD58011db2e665372a83a508ac72d2e4b84
SHA19f59e80c43e7e8022cc51a6315022f9a5bb2b813
SHA2561eca96bfadc78003a551401c35d0b4187e70d512fce4d052e167417bdc214090
SHA512ca0f2bcdeaa6efb0421d47dd6af3d9ccaec52e235be973168e3ba63df35d37c7c14108361ab0d234bc3e14e7e3b90ba3dead70cb3df6b5c9b9f498642020cb40
-
Filesize
1000B
MD5dda41955d1c5f59537afe5b2d8387545
SHA17b4b6f83fd2cb65c78a9f718e0a60c35e44dbbab
SHA2560418f960557c9495849428e222513e04d5ae11a0a4fb1c710cef0a6a20c04905
SHA51262339200e7913d95fd34da597c690a772307a50695f4a0a847828a584ac718698f8fe6fc7e8e3cfab78770d9cb96564c79478cd6ac1611b24d11cf73d81e909a
-
Filesize
201B
MD55dda66743d7dc4cb2303f30133d8b36d
SHA10582c75f5821e51bc512914eb03eb409ad4b63ab
SHA256a1acc709c6ded0d81cc56f3bee94066589b6e4f741607d8f64a4a0583ec0369d
SHA51260d2782e9d462a3bb8ef6a0b64543da74720cc4ef7ba3d6a6abcd055799ddc67a596ad9fca7f1aaf2e77c3691f6d5e0f90126e1eeb219a5cc82ddcb581cee602
-
Filesize
1.3MB
MD555e8ff96a72005a4cf6584f82baecf9e
SHA1983294856552cc9949dab71ad1a0f67ea1ca954c
SHA2563a46f3e7bfcea466e017865a18568a01511134090b79f79710830a7dd46e9be9
SHA5127c7147dac53cd479f7423da4e5ba7911542e536b70972463a2ee2e7d0f27ec070d0459612fc235c784efcec727ae9b00b625c854a1c8c44e2d69ac259492bd5a