golddigger | CORETAX[.]APK | Triage

Sharing

Reason

error processing APK: could not decode AXML: unknown chunk type: 512

General

Target

CORETAX.APK
Size

17.2MB
MD5

cfffa8e526baf4280d2fab4a9f9a9cd9
SHA1

8a29aa3e3c693cb04d503fb79e539d273bb1e22b
SHA256

aa7cfedfcfc1f9ab4e8f84e1c965c34413c4d0ac5380cbd3f0c1887de4962c70
SHA512

9529acb9983bac94ddd75b0fc797ed663e488db5995920c10bfb574dcf6a7f74249e9bbad501bed8035b5bd5a0c9f018b3cc2aefb3791f696cd897f770fe4c44
SSDEEP

393216:84XgcgtBAkhxXiGCNlF4E1xt4bSYHfGlOS3GuJY:8KgcwBPall+EVaT8K

Score

10^/10

golddigger

Malware Config

Signatures

GoldDigger payload 2 IoCs

resource	yara_rule
sample	family_golddigger
sample	family_golddigger

Golddigger family
golddigger
Attempts to obfuscate APK file format
Applies obfuscation techniques to the APK format in order to hinder analysis

Files

CORETAX.APK
.apk android arch:arm64 arch:arm