Analysis
-
max time kernel
149s -
max time network
151s -
platform
android-10_x64 -
resource
android-x64-20240910-en -
resource tags
-
submitted
21/03/2025, 23:51
General
-
Target
207a4f9076aa04435c532f8d62ff134859abdca31bc0f11fc31aa4f8146ef9a1.apk
-
Size
9.4MB
-
MD5
584af941017f437f35e4c0d457c22c0a
-
SHA1
b84b59337eda585de666038d9f1a051440e2018f
-
SHA256
207a4f9076aa04435c532f8d62ff134859abdca31bc0f11fc31aa4f8146ef9a1
-
SHA512
38526099969861bfb8a87728e17bf929aea606af79357cd172931734f1cf24afc9e15322d00611ce25b241acb412921c5ad87d13965fd134e2ea16ba8df523c7
-
SSDEEP
196608:Ns+q4ar9v0IaVbJTcPZq/oMziAsyTPE29w87PA:lq46wVbpcPEJzi07E0To
Malware Config
Signatures
-
Antidot
Antidot is an Android banking trojan first seen in May 2024.
-
Antidot family
-
Antidot payload 1 IoCs
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Checks the application is allowed to request package installs through the package installer 1 TTPs 1 IoCs
Checks the application is allowed to install additional applications (Might try to install applications from unknown sources).
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.xunewuzo.constant1⤵
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Checks the application is allowed to request package installs through the package installer
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
609KB
MD5a4265e4273b80945a1067171908372ed
SHA1a0a75068b29cb24eb5f11f2e0bad68bc5cef0d5a
SHA2568351f77534974d0958e4185e9359b2fcd3d56d90e01b8865b4d144d884267b3b
SHA512447157c4c699dcf1a8ce8ef19198ef13b910208b720989e2a2a9a2a110c5a3d5eb9b04c5b9717467429231b5c48452c81548b384cbc4a43e9806d4eb3d72f499
-
Filesize
609KB
MD565aac637e04286bdb9f4c489fb51cffa
SHA11552eddd28f7707edae696ee4f7ca2f733eb1d2f
SHA256b5bcb58d2fd5b1feb25b58dce17038c672a365fa17908e5627a376002b0d6434
SHA5122c43dc7e5e96119ba252dfcd734641367fb5f1f58f6c894deec2d290f5af6c5932ce5c34c142313cfa50eaae6625ed8228db64fab5c5c1523d0b4b033072a336
-
Filesize
2KB
MD5545ce964ba473b8c6727ddf6d7ebc1e6
SHA198af4e828dbe8d8c88bd50f8466d6f52535d462f
SHA25660bb17093858467c84dc87fae83d1211e2aa0ad84cb5da49bf0d006c3fa4ae96
SHA5124ffcf4be3688486537ad34be59357f88e481a2737dbdaaa6d780a293d400921c00d889d34211e71aa330f9f74331db2a534accc1931c47b6a29fc99f5eaa1013
-
Filesize
24B
MD530c1cb41f7634e3a70d1e106b5028cd8
SHA1c71df2ed109a06c41f8daa723ba9d7e7e67eb78c
SHA2569787a27afd9784c12d564e2048d1d7994150ee13b0d644484cdcba6e6deed588
SHA512a1a6b96469cf6755c82618ca45a94a17d23b621e1d2243d8b76626b0e91ab8199f96f311109c4ad427b6dc2ae1b39b5212a5d034cae5178e007116f02cdfc467
-
Filesize
8B
MD5b2fd66ac2b8b5d78dfd8cf28545d7db8
SHA1d613ff8523ff6268bf8f776ad651cdab62c1f4bc
SHA25650fb8498a7c6c2837c9f8051b30d0a2ad528f2e3c15034fd732bbff21666a432
SHA512d6f32172c2dcc0cc7b9aa82503489fc2335710137271d98a1f1f6c314f2e3e54c55e21cd6b548f0d2ba25f1cbaeae24c99d6f0d08389ee2255b028421de67ca8
-
Filesize
172KB
MD5c3ae86b42e9bfd5c6b0cdba0ff48d72b
SHA1b8ef343ff4a19d1ba1daf4d7cb412eeb781d833a
SHA256ab63f624929eb3579c7a9863a2c03864fdbfca1d611c8e07097b7beed8a617bc
SHA51280086283ecf6ed2dad70a66f3c9a5eaf7e742ee2e5434b9b0525e13f5a54ca9675a77479dd0a78ae3953145fe6bfc0c368572bd3659858857129adfc48d538f9
-
Filesize
512B
MD5913822abe2df49871444bc95e3f3e723
SHA108d18c565b6778c976a82e8a08bb1f2d6a7e25cd
SHA25632721f21b021b80c7e017cdd59b214f63b39a5b987e19c8ebdd93d2b05545bec
SHA5126d193512445d06282b6da349d2b5532628aac7acba3701a73870c6b6e63d3061bdae323aa041ea38c000c5ce2a38c3de308c48283a65ce5d41234893b10f6a40
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
422KB
MD5d04a164bf4cda893a3d2432901c45214
SHA145adda9e73f89ce2e4e36228157f33b2b0ad5d47
SHA25647e0a3c80430841743f2005ff46afa098a3855529cddcb249833d91c179a3254
SHA512e99d6bf8cf5d4c6c78b561ba01f83c7eb230752c6bf1882bce5fa2e5be575e66c49ac537acad60569faa6b8e0abc72c99d9adc8d1d7c0c6e1ec81555b0f93c82
-
Filesize
16KB
MD57a2b4830817ab409b5a13d13821af247
SHA1ca2acc6a6d989b82a7d4ba12ee781d93b0707c9f
SHA25695dc86cabae1ce9ded07e83df91fe560dd2831da1cdf855983d69f98129113a7
SHA512e2068b0c0e0a0dbabc38fde522e22c043183df8a189fdf432c03317e5afc1dd45ad51515c7dac2ffbadeae553978140f4454a21330b72d34e6ce30fbd253c10a
-
Filesize
116KB
MD58213572a52080ea26657bdd3aacc0393
SHA13e1377d627d7abcef38431c4163c45fe3f803982
SHA2568d23e05e0fe8f47f8c8235c52bcc7386df7709ff1499ae6e0d27c2c4c72cc304
SHA512e164c3053295d5afe6208b3a4d31f7fcc235992d89c0913cef096b6f30603c278123483276fa9c151b4fff6b18b0f65e5276957e9f573b75cf6c0dea210666ee
-
Filesize
985B
MD528579e52c6c8a3c1b58a8353095ba787
SHA1ebe531043cd315d1fa33f05e54611a5ef46626b2
SHA25692e0d8652e1878ff31e1e711442393a9637555dd71bd2e9263d48d769028ccc3
SHA512812ac839358e0be826452de8c64c1d4a1cbec7aeafdd78b4bd385127019c2519d17a54e60917920e6d833da45fb1897cc424d003612a3eff0ff13469cf2903fd
-
Filesize
185B
MD50c0ec4d3e151f3933344f7efae9d1b92
SHA15ba0413b283ae5ef18bea06d1e8fbc0b7caa43d3
SHA2561c755a5f5640b131c1156b37ca8c38ebe52c49ceeb83cb2f2d4ee99e559f4a80
SHA5123b0b8659095d518d037b15fdf17970ae3e7d0e4fe183426cf3457c05291be4fc952bbb6e4464ec43a9b8501e5fedf1477acdfbe6c7ed4123bff13f17295afdf2
-
Filesize
1.3MB
MD51a95ce3282b03d5794fc39d38bac781f
SHA157a00c556b4a13b41dc212622652116d4974072f
SHA2563926e26b0c6b87a7e5cf9d8c8337d1205a2fa3f6f6870d74376996a3b9de798c
SHA512b5f40cc64adef556f64be055e4f88371539144fa9ea5e924041c0e5f56d97ae9f91c32561a481bcae1b8859a7f90d01fb83c2d70754f22733478644427dba50d