antidot

Sharing

General

Target

f9f4e2276c241659da8988e5f825696f1f4767650aace15d1a942385444f4321
Size

9.3MB
Sample

250203-kwb14swqct
MD5

83cc7472eb4efc947f3d7c1ebd410e85
SHA1

3a53e523f11f92583a52bdfbf0295ce07b825108
SHA256

f9f4e2276c241659da8988e5f825696f1f4767650aace15d1a942385444f4321
SHA512

a21e74d215ea1b9102d4347c5ac792c2f0b10c6164c9a4f1fd27d8d83b626bc3a8ce9dbdf5128fe69c3d1bad63e044ba853f37b13f0e486828a1c174364bd4ee
SSDEEP

196608:A4lFVbU5pQTOnctr8s0JCASGGS1XVDRAKuQ8bgPTPR/J+JJkQKQgJtj:lX2kOctgsNGGS1XdSKKg7PRgJJitj

Score

10^/10

Malware Config

Targets

- Target
  
  f9f4e2276c241659da8988e5f825696f1f4767650aace15d1a942385444f4321
- Size
  
  9.3MB
- MD5
  
  83cc7472eb4efc947f3d7c1ebd410e85
- SHA1
  
  3a53e523f11f92583a52bdfbf0295ce07b825108
- SHA256
  
  f9f4e2276c241659da8988e5f825696f1f4767650aace15d1a942385444f4321
- SHA512
  
  a21e74d215ea1b9102d4347c5ac792c2f0b10c6164c9a4f1fd27d8d83b626bc3a8ce9dbdf5128fe69c3d1bad63e044ba853f37b13f0e486828a1c174364bd4ee
- SSDEEP
  
  196608:A4lFVbU5pQTOnctr8s0JCASGGS1XVDRAKuQ8bgPTPR/J+JJkQKQgJtj:lX2kOctgsNGGS1XdSKKg7PRgJJitj
Score

10^/10

antidot banker defense_evasion discovery evasion execution infostealer persistence trojan collection credential_access impact
- Antidot
  Antidot is an Android banking trojan first seen in May 2024.
  banker trojan infostealer antidot
- Antidot family
  antidot
- Antidot payload
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Checks the application is allowed to request package installs through the package installer
  Checks the application is allowed to install additional applications (Might try to install applications from unknown sources).
  defense_evasion
- Queries the mobile country code (MCC)
  discovery
- Requests allowing to install additional applications from unknown sources.
  defense_evasion
behavioral1 behavioral2 behavioral3
- Target
  
  lebezewa
- Size
  
  9.7MB
- MD5
  
  0772b1116df1586b419acfbff9f8d96c
- SHA1
  
  827f307ebf5f3abaedc31645b5ec43203cbef72b
- SHA256
  
  85f24e29fc5f68f2a3a456fd749e887958758821e6f6512fbaee2f54b6bfc0e5
- SHA512
  
  95199611de6c507b54bf7bc162c5e8cc5543a215c08d7cc04ec1ab4ddfce50da66a24e5a58e4d43cba5eec0af3f0469bef81b54ee342fa24434ac9a5fa2cee1d
- SSDEEP
  
  98304:Fo/KrqB9EBvkB9ph9JyArVO2jmN9hSjGUI+YJqob5POoeT0wUar+qe+7eS3N8H2J:e9EBva9HyhAiqOA09qb7Rt
Score

10^/10

antidot banker defense_evasion discovery evasion execution infostealer persistence trojan collection credential_access impact
- Antidot
  Antidot is an Android banking trojan first seen in May 2024.
  banker trojan infostealer antidot
- Antidot family
  antidot
- Antidot payload
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries the mobile country code (MCC)
  discovery
- Requests uninstalling the application.
  defense_evasion
behavioral4 behavioral5 behavioral6