Analysis
-
max time kernel
146s -
max time network
151s -
platform
android-11_x64 -
resource
android-x64-arm64-20240910-en -
resource tags
-
submitted
22/03/2025, 00:46
General
-
Target
buzijebe.apk
-
Size
7.4MB
-
MD5
c42140c0a8148c57758f458163ace169
-
SHA1
077f9b9a58aff46be9f3a5fa01b0e2b6c59d1124
-
SHA256
8203f6c3e5a40e8fa19e54f8d235083e2de56efbf8f8f31e14af3c893c721843
-
SHA512
477e58295e6773e831b985a33397576b324cf738d8d965a612b1e54e047df045c6fac2b1c6065928e195a047d3c97391e7f39af3f1cffcf0cf2eada006d91d80
-
SSDEEP
98304:Qo/Kr68ddHh0yyRLirBcQBU3uCWe+2ieSyeTgnrSs2A5uDa/vGX5RzDlb:iddHh3YLtYErSsPQEvK5RNb
Malware Config
Signatures
-
Antidot
Antidot is an Android banking trojan first seen in May 2024.
-
Antidot family
-
Antidot payload 1 IoCs
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Requests uninstalling the application. 1 TTPs 1 IoCs
-
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.dininujoxu.java1⤵
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Requests uninstalling the application.
- Schedules tasks to execute at a specified time
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
945KB
MD5dc3dedece373e7967ed4e54d8812553b
SHA1348b491081ac30a4a1f080f1c6ed0ddad346f3c7
SHA2567a84605ddd46df57b1a52382378dd716e86ec71542d728a966830e553108d29b
SHA512e4ce924c94e2fff240c2f5c27cccbc6ca4946d6bf3da68eb46511dacec4e668c4ee66e693ba0b06bdd800688cb62ce121d239b5c98b456d994ec29f1b456e00e
-
Filesize
945KB
MD5839816a2a5097bc3903870943c1d5788
SHA18f5e232ba52a8ae92f4359e3331d17897968ec22
SHA2569b79ee512b0efc9bba466722babff8a26e2e334913555f100cfc6ad374b5df2d
SHA51239a07d2b7d53ce9a8d952fe446f94c5a23e001cc0fe7e58ac54933e41bb83d4958bd29d4ef7a5b5cc2d45a6b5582955acf1579769b869053eb90245c94547796
-
Filesize
8B
MD59050ea803f5c08e53ed042fbd6265043
SHA1a3a79b91a6a7f6d6db7ec7689d5e7953d03c4e2e
SHA25639226b099fb098c686a20d7c42012b4ac95fceff4491add2cda128b097c00e5d
SHA512cbbe69e72ddab7c0cf3bd85559ab5401695711a0fcc1ac391ec63e4683cad83d6136f06ea80d413c027e2c738a5223127afcab02c9f38e94437e9ad499c27800
-
Filesize
104KB
MD542cd3f282e8dec85bb728194291ee0aa
SHA1dcf2b83a1ca34f1ac327e143376363c9c583a60c
SHA256f9656ac47541e09860310a8735b0f4c8c6d2b534e72af9ba8cbfd7ff7cea0b57
SHA51259329f6f439f992922061aba72be56070feaac1a95fc3ddbf15aa3eb847fd7b369df5386b170596260775272376df54491855fe36bef406dc3899a6b6d54f62c
-
Filesize
512B
MD55ba644c8946bc5d6c0334ecbfa20af53
SHA16fde0cbcc5f57355005ead2e3935dd22996d633e
SHA2568e0755527a613c0be1d405e129116f4c5ccddc57c8eb107fe4c2a310f3a6c91d
SHA512bc5f8d446dcb319c9b5cd3f92c373161228356baec40e4ec43aa41d21711ff95427fc8873e5af4af6eaae13ef7826785c8aee037ae2ef67ce471eeef09a5b0a9
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
406KB
MD5d992edea390bcbcea03719acddb9eae7
SHA1512abf050c822383e9120476682a77ce540066fa
SHA25657ac21d27aff26a31b97c46f613b140dc8a94f75c4e4980f3dd39fe508bb80ed
SHA51237360fa5957137d3eb9f2208e5a795d6493a5ec5083922a793e833b093325aac8845b9184f04dbd6a5106226bb8b4e932313aabc481458f41d5dcf714b66d323
-
Filesize
16KB
MD5efcdf403e676f2972c1ffcedc74eed01
SHA118a0795ec2553d6a1fc3f3872423aae25e130ec0
SHA256d25b2a1a75689c50daa9c0a147feeec0590a2daa6a227d4f111b5a38cf5748ad
SHA512146eb93b0eb22b1f4c5e57675e2a596f11ebf36a9692081661d1f6400afc99c8b257296ddffcf0965f21ecff638ff938f9ef4fd33999b80c8d9e35d8bef25826
-
Filesize
116KB
MD55dbab8d1395b878abce08d702dcdede5
SHA1b699f77d08e0d021e973c6f6cc21c2675ada5d8c
SHA25630307e74f875756bd9fce4d845c3cdcb081dfd4bd73a249fa68ae9ebb34bb563
SHA512f67c63215b914213684aad14ef6c4fc3448ee9e7184803f468c6f6c26f77ea927c7b7a9dc0e749d29eb5a648ed2b7b1764dd7e16ce96cceab1a8413ebfad9f99
-
Filesize
1KB
MD5d78de0bd970fc6ad104935c207dcd2d9
SHA1d4402135fb0d5f5b873bf15808768833b165941c
SHA256e2d08991644cbcc367aadd4b88a93a682b1b1035499424bb1f884045c2c7f283
SHA51299eff0e2f5c47e619c9fd579f6056259381d8a771b96fb24ba7dc6360c64433f9c294adf4a69166b61ffcb685b6a42db4bb77a4fa7462471e475b693565fa1c3
-
Filesize
2.0MB
MD5039b2f6ea2a3ac6889109e03a4ba6ede
SHA196aa1b9cfa9c95a1f6a6f8dc3771d5955904419d
SHA2564565aac23e3b499f4e1e01d462f00f5dfe2ce1aa98c8c5cc1346e12c8be62999
SHA512d1596f0e45067dd52b80423297316fc1d92350b6adf2c90bf85d92713ce24ce5622aaa415945dd368168dd07884e062fb0567c2236410aea172c13f902b48f3f