Analysis
-
max time kernel
27s -
max time network
38s -
platform
android_x64 -
resource
android-x64-20240624-en -
resource tags
-
submitted
09/02/2025, 16:06
General
-
Target
dixeda.apk
-
Size
10.3MB
-
MD5
8a9243247c1dfa0b249fae01f49b69a7
-
SHA1
c54366269d767717029e642081e63d2f1d9c630d
-
SHA256
c38e6e24e5a311958664492cdf5af99f8eadad21cb8aae07360a27cc044b293c
-
SHA512
a75c912eedc64c213d9c45a04af13e8c61eb6236616edca7e30c1dfa4dee42f6d405182a2027e0ffa821daf33d517f4693dea2eb349fdef7686f3d0a894c56d1
-
SSDEEP
196608:u9ecLSEPZI5mKfyGNUc/FXIvQwrKOYErSs2:MtaxfyGNUc/FYvQwrprSR
Malware Config
Signatures
-
Antidot
Antidot is an Android banking trojan first seen in May 2024.
-
Antidot family
-
Antidot payload 1 IoCs
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.kiluduzexi.base1⤵
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
948KB
MD5966c4390212092889732145b87cffd69
SHA1b51b85a90ba7cddce230aa1df71c5a4c7a0cc1b1
SHA256f61ff8dbd7f91c0d3b4feb07171661fc47202b0f5f587f2c35e9fe5da059a514
SHA512fc6f04d88034545c5455120ce77f13b541a7a04c2dc9013cfc7bd15f778f884e7025f96adf0e511a715799f65be8b114ae224eefa6099f529f70a4f1b6a954f3
-
Filesize
948KB
MD5f82a8de9423100666d64fb0a21fba46c
SHA1d412e6be8f7ee165ee59b133ab19c636b5d4eec8
SHA256d035ab5d11cccd31953071c94ca120a639a18772490c696d20f7d35901e1bf37
SHA512b5d4452b1c000cdbdcb4a838778b4624563c4f14c5d48e2c698155cec3fbf3a24ecb621fb44e2dddb254daadd7ab077cc53089d99da2eee6d0fd06d9e5d7d528
-
Filesize
24B
MD525d82c8d2c211f886d7781318abb8d63
SHA145f118ea5ae651e56a5bc7643914fcff5d1b096e
SHA2565392328c2876404f76c4e4106563035ae2e5a6d0eac2b4462952d45b90839938
SHA512bd8e82570c20275acb680a101f8cd0e17d35e38d14e24e86f5844ceb476ac547c97cbd3211b79a63035916b90925316d99a47afd53f81de06634761301b0b25e
-
Filesize
8B
MD556a1213d3587d072f67869a81a295431
SHA109476fa59f2b94abe8a1ed0f962de4630c90d54e
SHA256e228409b5240d4708db6fde5a72b19f7c37ddc467e0cdff1b8fe184bfbc240ad
SHA512ffc73bc5288e665882420668f4e6d010b4fe882547a38ae9e93d581730d09af255fa96314d905d51ce065d9b3f1cd8784e6db1c5219413ff33136c9878409945
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD5a4e902182a20dd8ed48357c009425368
SHA1fec6487b7963cc0be1b2d59743df742bb5f75596
SHA25683cf71737b236451088839cd2d3b1973103f8b48492a1f82caa2367d2e855dfb
SHA5128f249808d0699aa20c458a857e9431449f307901015fa1c15b74d7f314949f954c0b90a81a37eabb69ce85816a9ea040bf4c266b37bf808f58bf2acec34bdf5c
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
281KB
MD54899bfce124b6f75057933909b592353
SHA16584e80bd8b942c13106b566145b7c466aae699b
SHA2560db0cb23d157aacbbe1cf9429104e7069d472d5d65643bae867607bc3bc50bd1
SHA5120d4ffe1503885d224be894858b931d00d598fb9c3ba3c6c2085ae4c5013fa138faef030bf87d79d31cb71072d7e0ee66f52a43e3baae4045f4082217bdd5114f
-
Filesize
16KB
MD5efb31341079d4d1ed781b6cba9459e87
SHA1626db4e413f9a7bae733ea00ee659c9bbe8c7b89
SHA2562b215da6bdba32718069c0b6a5acd4cab5bff7f52f9f280b00ea8a69749e8f68
SHA51250e69471f7740765419882501f41cad9ffe148041bca6ef52de53f5b58273215d322a50949db57aa4c50ece7721e9609293512b0b62aa2ce287589f63ea79189
-
Filesize
116KB
MD55f2cc2b1fd21ae7f7ee5eb445cfc76d7
SHA118d4a5d87bfaf452a3efd08be60705dd86d7e6b8
SHA256a47faeff4ed0e5c1d0a9f944478fb1a854aee3f60d2b5e887213c6160ac0bee9
SHA5125cc961518cb5d110df8cb2155043f63a70798657df2ac8520d635ea2c83c950133cc355dd89cd5edd512ed40d30f023f6bc037cb923ccecd390e32ece5166a30
-
Filesize
1KB
MD5fc80600b409d5d7e3364c908df8f21a2
SHA1af25e69065c632d65a48dde8bba8f45c3132258e
SHA2568e4eca89dd272d6eae44604e9702db84af4f9f51680e9a0913ea83e1b53592cd
SHA512d4d5acea3ef1462efd7edb59c92839a995e0ce663a9340fcd6794af51a56c66a8438af087e8ad7eac2da5520ca693c6b68fa1ab44fe4352250b69c46162c20c1
-
Filesize
2.0MB
MD5e9dadfcf351f448b854dd8b1a3e61de1
SHA1a854ec48c5af859e2c561ca948d533d002c3811d
SHA25639ffbca1a1b7167e56bba3ba378af8f284471d84e05972cec65e7c000960e05c
SHA512bd21ecb20b49a93a4d27c8ac213d38d44bbf2c85c99e92d6ac337569a249a9d5db8b842ced14b6a6bada5c527be8600fe089e6a3f46e7cfd2d22f6ccaf4e69da