Analysis
-
max time kernel
29s -
max time network
17s -
platform
android-10_x64 -
resource
android-x64-20240910-en -
resource tags
-
submitted
21/03/2025, 22:49
General
-
Target
f5fdc1672088ee29affc4817986e722765c4f03af4dcde8fc603b25544bae62d.apk
-
Size
9.6MB
-
MD5
e6c96197eb41de926fe43d6721f01aaf
-
SHA1
15fd15f9803134efe6b7c28c86a00a4f0390c973
-
SHA256
f5fdc1672088ee29affc4817986e722765c4f03af4dcde8fc603b25544bae62d
-
SHA512
e36c4a07161d77d98d6e1fb7f30cb42667e9fb997adfdd1e36fd5ac41ef58428c87b0dcc507988614e29a7b9ba93f4f1e42715ac6802916729af51941020e5e2
-
SSDEEP
196608:B3TfkmoN3qOqH51QWqzQbgk4sAw7kCwDkbe9H/yzL3itOrY0obFF6a1SEfAL:BDfkmoxqUXzS4W7krDkbe9H/yzrrY0oO
Malware Config
Signatures
-
Antidot
Antidot is an Android banking trojan first seen in May 2024.
-
Antidot family
-
Antidot payload 1 IoCs
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Checks the application is allowed to request package installs through the package installer 1 TTPs 1 IoCs
Checks the application is allowed to install additional applications (Might try to install applications from unknown sources).
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.gatefada.digital1⤵
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Checks the application is allowed to request package installs through the package installer
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
626KB
MD589e42973273a071c7810384f13f65b63
SHA19ac4c1043923f75764d56d8f001f6e5fa0b3a4fa
SHA2563ffc2ac802f73a7321451f456a52195f3d733a84c99b22b36cca7505e1ffde66
SHA51235c21b0536e0cff62283585a2a07913467c67a9bde10b4d9c75add5f516da9505509764d86b984ba23fe8f80a69f79b1950336d9ec4fd782eb9b5cf62ae168e1
-
Filesize
626KB
MD59b3ebd3743eeeb9a4ddafd8885393b3c
SHA12d5800f7ccd88d64080c4fcfcf3b2ecf61f38a2f
SHA25661a91d1c88bed936873b60ebc0048165f81ade57579a3f5309bbc3ee11d0109e
SHA51204e412da11cf825a41aba0948570543c8c4fe82a60584a36eedba2dff465f237a73d37f68807e34623886fe4bcb882acb183c40a1313607f4195de801283f863
-
Filesize
24B
MD5f6b4f8716bc15d7e4f64c8f35e18623d
SHA1c7adc259f5578fdcc34be663404f0d4c34d0f086
SHA256ca7a9abc22d04df28a1acd524b73a1956d6481162a105abf6cb0eb5fa90151f8
SHA5122f8ef6a0cbcc1f738a2efc55b0137f9d45d4a26ca19fbd9c3cb0606f6b845d0dc128e67d33c2fda4006f91291ced1055faf7b1bff10802c2e0d16d5f37db9762
-
Filesize
8B
MD5aaca1f528ab5383203a6b916170505d0
SHA108131f190c01cafb992da29e099adff73b545e2b
SHA256d4ef789af7c1936f7e2efd5dd87d1c10ea1d68e0693a5da76d359e28bb9a298b
SHA512f7f9f7087b0fb4ffc059722177f715a052c4e53d0955b8bf7bb9d33b7025802b0ad2730ffcbef8dc5575799d769a55c549848b16eb53840299c24cea49156a9b
-
Filesize
112KB
MD5fe73f5c730a0277a2dfa8dbedaa60953
SHA19ba30f3f73bb57e19d0b19b241fb79c6ecedeb40
SHA25664a75e23c5dcf74da23834c1c643c089c768d4b3d2adc35f24add22458a0f016
SHA512096a128fd38af3a12bd03031f17c7ef320c2ee00496aebac5ad8fd13079a430e02088a18c3a05bb19f7e1ed04dbc7647fdd50535b3cdf49be11078d9e25fb78e
-
Filesize
512B
MD52a140343c78301899a660cc45ed26710
SHA1861ea08f355b54fbfcd8f45b2eeb076621ad2615
SHA2565224dd0e70d4bc3e33e3b6690f779d47355a42211385144a8a0896c2b52143a2
SHA512496c52a644dbf7be33a595038d1f1e0574b72c93eecbcfcfcbede9df6ba945624d88c43a374ae175c3ededd69e77d8cd451e318b26b34f5fad7e2a696784d069
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
426KB
MD5df232e97a708b2009c433cd717f1fa75
SHA14e78856db8540451ce94cc8cb11999ececdec78f
SHA25610293e014d205d9f5acfe3462c8e24fd22da2036cca1a5508c663d147536e880
SHA51285a6e5748e19b6d541dc984cc7f6d8f31e2922ba7e1d68c427af7fdcaa9205131ba2b9f6e2298f347ba790283afbd8e53420a971db819ce099d893a7a87b8f1b
-
Filesize
16KB
MD50d88f6d182946385ce530178510406d2
SHA1200a62a549a076957c22b9917cd320f3be6f3e1e
SHA25698eef9f45c2cccb34cf73531ec754f142b0be4819bd93c84750ff0f44cfc8afd
SHA5125308db67198b01a6dd12e1f1c572564477bff7564f3ea61f2bb583c81a46df3e330d381af4e10562371f74999731cd1e987cbf188730e6035d2ff565fb9ec482
-
Filesize
116KB
MD533ce31c9b6a8fab98bc9dbac00ccdfe5
SHA1ef28d6f7224d7a84d1dc5e8994f5c7ced254e36d
SHA25625815de176242b7a3304031a196c3012dea613458566e971c163efafdebb68e1
SHA51245841c34dc93592ab43d7952a3a818302ec8150f77fed57ea424445c46602118b1912bd1ea14be78954751220be7d86ea852274faff9757e7bb04dad74dcf37a
-
Filesize
986B
MD5d2f1160f8584e32aca0a14c939d55ce8
SHA1745ead3ab9ab804c4b35fa8de8aa67e90b134a87
SHA25631e8408e823d20e580d23428b26d350a054b1487fd89658808bb0bc08e9440fb
SHA512c17c8dda09c0fa226041dc06320b399d47000b1b5f28a617c761b67fb642aabbceb436fa90bb94f2b1f434b7b5fe6477703d95d210821e98bfd97c9bdaf45b86
-
Filesize
1.3MB
MD58f58959358243e0b52290d35817ab042
SHA16ec7f62a669b1fc3a5761d27e5fd5d65fa1f49cd
SHA25697da4189934a50294bded0d2b6115807811ad15e0cd50eb6ad7e767c5004da6a
SHA51228c6d8c0f8b49c44b1cb66323ac13449a75a979cf4832672dfec0a0d4a314340bf0c55aa7afcfb5dc1b34330971bec574433ce83f827ae5310ea39a7a0bfec95