Analysis
-
max time kernel
149s -
max time network
153s -
platform
android_x64 -
resource
android-x64-20240624-en -
resource tags
-
submitted
03/02/2025, 08:56
General
-
Target
f9f4e2276c241659da8988e5f825696f1f4767650aace15d1a942385444f4321.apk
-
Size
9.3MB
-
MD5
83cc7472eb4efc947f3d7c1ebd410e85
-
SHA1
3a53e523f11f92583a52bdfbf0295ce07b825108
-
SHA256
f9f4e2276c241659da8988e5f825696f1f4767650aace15d1a942385444f4321
-
SHA512
a21e74d215ea1b9102d4347c5ac792c2f0b10c6164c9a4f1fd27d8d83b626bc3a8ce9dbdf5128fe69c3d1bad63e044ba853f37b13f0e486828a1c174364bd4ee
-
SSDEEP
196608:A4lFVbU5pQTOnctr8s0JCASGGS1XVDRAKuQ8bgPTPR/J+JJkQKQgJtj:lX2kOctgsNGGS1XdSKKg7PRgJJitj
Malware Config
Signatures
-
Antidot
Antidot is an Android banking trojan first seen in May 2024.
-
Antidot family
-
Antidot payload 1 IoCs
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Checks the application is allowed to request package installs through the package installer 1 TTPs 1 IoCs
Checks the application is allowed to install additional applications (Might try to install applications from unknown sources).
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.zabogutajo.associative1⤵
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Checks the application is allowed to request package installs through the package installer
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
599KB
MD58d54f2b11dfafc29f7e49d1976515bfe
SHA1b5a9758dfeb6934b9b5ac9612b36cb32658c10cd
SHA25675dfbbfb6add3c586de315b6c88797b8a0dd7f77372469c1eb48f2e0d5715444
SHA512dec76737422c2a507c7f10068f3470bcc6c68ded0d0515f90a3535d1fe176c757ff9957599102c757a42399f4586bb8efdfc1f5f71f3c11f09ac1e37fa79e4c4
-
Filesize
599KB
MD5ee6fffae01e99c3f684288656d8274ce
SHA1bfbf5aee5fb09427e351bd89f217adc66360370f
SHA2562f5054d42e939b76ca72093143256869d1ff0a92f6155f1a13d3a1bfc924619b
SHA5123762b530d5d44658dfc04cd8cec56f63a07fbdb5c7d760fff87523d461938ab8b3f964dad886834bb538940c57611f14c1022d2af8ed9cde68e51b8080889d6b
-
Filesize
2KB
MD573dfc37e5b38b314cb18e7845b03390d
SHA104ed794d8f1534580486891c538d82ccf66833eb
SHA256d33c42451e3bbd295e7fedbe0ca40d192d002721a092b99494ea127bb7128a1b
SHA5121fa2ddf7d409856f766e724f071cc0a01d7db64e4d4a5dc55e99131af78ba4c4b3fd46e5d94269b6b54de0c21366d07ba307adefe1f2849a3f77d93967cb76cc
-
Filesize
2KB
MD577eb30c67ea65276dca71a5514a9df71
SHA11c82ee4121eebeacabee3b002d033617afb047c9
SHA256c0e5524149afc4d2f33d85352d903f79bb76e214c66b359e8f9801f05be8b2e5
SHA51293c40ff750af030f2c82854a4ecc3473e10125709fa9c5f4873775be228f870de4fbc285f51f912ebf632e37eb42ebe6c11a2a99d7722bbf363778e13a0717b4
-
Filesize
24B
MD5d00088a67671fe066026068a96395ed1
SHA1dede776e738124c19e29e6b6c1db113a24b16129
SHA256e02cb18331729a4ff43f547b30080fc28bbf1ff061136104c766177d9f2b57e6
SHA51212ce17a9341dd354a16d7c346ae20f93fff0204f3f21e93e183a50e6894630e11c49750261ad844ec64ce8de7162a63e0aed52a9073503603bad2c81d0ed38c5
-
Filesize
8B
MD5ef2f633c0ea32fc07fcbb900d8598698
SHA1dc9f9f3d6a3e18044f47a01bf2fce0a3f39c4de6
SHA25667b4c56d019c7bd7507d4f96b0a5cf61bd8af77c3160c0b5cf58e852a7c3a4d5
SHA51246f6949947fbef31d1203ca7afa5a7c148760bc5dfb830ba0e1053d17e191db8c94721c96d2ec63bff7287264ab057ace1409aa16f3eee7d7ceb02d85b5a1506
-
Filesize
140KB
MD5fe476c5d86df7f2e916f2fa10b394a5c
SHA1092cf0f5db2b703c9895d7a3d6e7a734f55b8610
SHA2563c0ed5aea59ace476580b4482a05b3b62464cda8d33a6042476a7ec6b2d0c924
SHA512ebcf3e89d12273eaec11880d2bfc38c6bebaa41f84d4a69ec4244959db79288ed08b0555bb77cfe91989ab1a808cac461920dddec26b3087657cc43223aab3c0
-
Filesize
512B
MD51243fd850de37b4c4ff03b75e36ffb10
SHA12c111e3ba0dc7d4a219450c9cd8c600799f12fb3
SHA256148eb5954856657c4e7f6d5c5a134490e0f4123822876e3f885b330a3013f006
SHA512af741fe1bd650bf34ebf5a1c2f52fbf230146b8518b17c4c3cede2d654b7284a899f709385b472a8d14f3c108522d25f465e1d7da76acf018cdc859c49baef09
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
410KB
MD540808109833146353d0ef887dc801ee8
SHA1495633532ce93029e6a2e2b91decdbe84c6e2023
SHA25640871d528d7dc14716cbb030e0a121142ad1928b66ac429ec467e43f7f836fc6
SHA512e98eec2556d0583c1e92c3fe7bdb28dd0b658db372566b3ce54d698a30feebbca39080c9154359833aebedf0d2a32418abfb0c86f26e2f5c41b40e89d29bd4d6
-
Filesize
16KB
MD5e456d0175d453f15480d93a73fa9d367
SHA107b1fb063be359300f42e94de0990437450f203a
SHA2567625a07b4791158c19f09ffc07c1c1a8028722de1081bf11f7cd997a8d660eac
SHA5121a541d2e968389e3652c9cfb9f0d35ad3751faee2406383a9c0a5a2a9899cac5421a9e85a7b997e2b3d0fbbed3dd69fbf6aa23a1cc73efd25125a4a5509e0c7b
-
Filesize
116KB
MD527ce4c18d5867af5c8e1472fd2e892b9
SHA1e0ca922fd55c9abd78914fc28fc789e17ceecc3c
SHA256f16d6fcd380ccfd7692b20ba1549a7cd7654208b4a9a78e07751fb808cb8da8a
SHA512c9272ae7442ec4c171db2845431958b8544bea360d696a605be07359db0ef5de852db9b2ebf9de33de163d682eff669a188aeba8f2a56faeb8d5a56014d58c3c
-
Filesize
992B
MD5af3aebbdb82e74bf3dcf3589571946a1
SHA122a45285964cb6ab4bf7769b5130e6667ad2e3e6
SHA256672d9c161a8c01d29c5112de65386555a10aa29f46eff389ad98d44acf15b0f1
SHA512aeea4d0ab87586e86841f1ccb83a2c3290404e59f440592666e3a90a7d0ff12ecf373fd237b4ff76ffd7670399be6cbd6e0a30b7722b9af0bddf5d427e011dac
-
Filesize
206B
MD5b2797144bd32ab069966321c9e58c013
SHA1046c8db294f5ea298db78cc7b4e442a362b5626e
SHA256a8013ee091912efad2bfebe0ebbf62a8745eae145d774e5aa6a1be5e9292b55f
SHA51228736c36f0c1844e76dde567b50b6c387220070a720a482a1ad87b71d14e24022e9ced849f75c5784d6d99cc8fc448051522e756dad81aee9a3bab448098350a
-
Filesize
1.2MB
MD5c0e426c298c5e4a91bf535fd1ea8815b
SHA1cb9a2aef0350fedffaf6c0d192afced329620bee
SHA2562640de71a9ec4b517cc57d69cb5da2d7bcfb1d7ac9be758e9b78aa6e0af1585f
SHA5129b0cb113c7839f5fbc8090ff3941a503a5e0622ba06c5ec1ee922497c8f0f9dd84b903821a7f5703840e1b2a72de1fcd2dc4c12f7aa01fba0451715fac699bca