Analysis
-
max time kernel
29s -
max time network
24s -
platform
android-13_x64 -
resource
android-33-x64-arm64-20240910-en -
resource tags
-
submitted
22/03/2025, 00:03
General
-
Target
de7f3752a820b95fd58fc0099eaf6bb5a825d3d561e03dd5766a64cda456338d.apk
-
Size
7.8MB
-
MD5
e89c4dceb41be42fe5b85863c53445db
-
SHA1
48c364929a8fe07c1bdd52438dd0dd031f426b20
-
SHA256
de7f3752a820b95fd58fc0099eaf6bb5a825d3d561e03dd5766a64cda456338d
-
SHA512
593735a5f3c4f34509ce735039345b1b53c986a0c8145db55eeecc8ae99ccee36a13ce191f8a4c7c174eb1d1deea560f5f1df078ce8e7cda5eb66614d450e4b1
-
SSDEEP
196608:v0Z5yUCT+IOCBZGz3urg/QVrHHjvvMMe3ko4HUUOPenRBz:+ZwtbkOrfrOPefz
Malware Config
Signatures
-
Antidot
Antidot is an Android banking trojan first seen in May 2024.
-
Antidot family
-
Antidot payload 1 IoCs
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Checks the application is allowed to request package installs through the package installer 1 TTPs 1 IoCs
Checks the application is allowed to install additional applications (Might try to install applications from unknown sources).
-
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.beluponu.graphic1⤵
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Checks the application is allowed to request package installs through the package installer
- Schedules tasks to execute at a specified time
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
626KB
MD52033a71f100e0b51a8fe1a6d129a5bda
SHA1ca2e2fb8739d0483b8f4c43cb357d3a13ee923c9
SHA256a6df4640bd81114916a6ffbf594f1014d83d26798a401794141f63c482100cae
SHA512006d91405e0082e86bddae8a4789fb44eef94af1073616a4c899596101e3901ccc6b08d7c52294ab52dedc525666eeb7eb5c88af6319ff373ef28218f553c0cf
-
Filesize
626KB
MD59c01ee03a06cd5bd7eeffa55d1259b7d
SHA1235b8fc611dc47d71d8b821cd38f9a2afe294ddc
SHA256fd19ab440b48ecd41bf5979078757a3f5a30c1eb6f0351480220ffda8fd42cf7
SHA51295c7c9cf65bb61837cfb6d505c441b5fea002bb95a1817e7f214474deb8c03b0985d6c860eed67d453f242781b42f0495befad081036f292d2b67ff4d8b89e66
-
Filesize
29KB
MD52419a137b0cec354dbbcc207e7520cdd
SHA1f7df4f5ae79c63bc5236619cf98ef2610dcb16ce
SHA2564a19a12d01916d8c0096048e2a7eead26a9c4b17a58f25c210bfc573ed03d2ba
SHA5120d5bdefa6bd89729ebc49091449fc1e79b103ab422240fa4c67450e8c4924b10f15f8b55bd8e86c1bdfd29c0753465b3add599c528cbe186169ac55660075c11
-
Filesize
24B
MD570c0d560346e1a45ff5ab634a9d9be45
SHA11490e4a2c0734ca27505e0d3c2e271e1ade11bcf
SHA256043819aaf56f406d1df201cc6fc985499deb7009d8fdecc232bc25dd76a821d3
SHA5123f5ba63992196e54499d8cdcb49e75f497881f1a7d401ea852192ae96253ee308e0862d571b7c32b63e9ebdcc44f774d011be6ba2b40982b0075997e5a2ee420
-
Filesize
8B
MD5c2730c795cc73eb77daddb89057d1dd2
SHA15089ff3f48e3ec200786ea34da8be0ef6afc7299
SHA256bbc8e7a02ea641ebb43b95ad7d606064f5095e7e970b511420f1d653e2a905cf
SHA512fc6e2b423aba496296c09f2abe807248cec765b2549d07f5ee97f740a7cc6ac4f5057819995776e7f3beff31a5f4372e39dba46799845523d7d0249195fd3c15
-
Filesize
112KB
MD561389f1091e126cf60d838622830c442
SHA19b582a801a487327d7cad30136ec28abbc702cc5
SHA2566be7b2e003c7746c0b1b46a640cf7312e14080faac824d882045f7650a025b9c
SHA512ec03a8dafbae353c06c268beab896800b192146ca52b70651280f7560dd821d059e933af332b98b0fa41f9f16db1f52e456f3254bb8f5c10a0f8aae66beb1797
-
Filesize
512B
MD5df227c4f61bca925a645538459ff5dbd
SHA19172876a0ff3690e38d826605f90f3585f5c96bd
SHA2567ccfda360006aa1e72640f08632245dd2e7d0b0ac4794d8eac2b929e88da735c
SHA512888daa8ae6f5feca9dda2f4b3a4ad8da7d44f8ac319e7eb30ad812cefdb34333ec1f5cae8436c1941ea36da795d4abc6e6d73129220ed6812ebe6d560a6b60db
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
116KB
MD55d10367852781424bbcd28de105e78d9
SHA19eb85a1ba26184ab0ef83bd9347da44791e31483
SHA256d88af07ac0abb24bfb84249c9189135df43cc7e704bbc1dae149f02c06564714
SHA5127e9099d62d0e7aadeb8e84397c8dd701f3cc8e9ec211e646245c90e2c7cb76c86e73b99bf457d3b5a94803b26e8c0bac05a48ad3e7a80a3bd1b2b9b809ac73cc
-
Filesize
426KB
MD5aaaac7436055378d383af4804f0957bf
SHA1565946747bad8fe792a224cec3df320a8be5516f
SHA25692400b6a993b178206eac9379c5c305360af77b7c7e14f488c03997ea20cf59a
SHA512016a3746d2a316f5a51df8c1cc405632fdc697768bbeaff1b960dc16caf8f20d2008d0e6145892137593d0f4b24b516d3ec7824129b451c1d2796cd01661f69d
-
Filesize
16KB
MD5a573f88b85f610b3b135243558433a70
SHA1dd1e53454755619d6fd7b64f4473397cc38895a9
SHA2567abf05e91e265f0575c31bd355b201383529fd26f586fc3bfea813757fe4d1ae
SHA512daaeaca9b042db0535fb0677ae0beb171b70dff5ac342c93017e1a2dec751c8e7c7116d56fc0b481850457d016a069e88e67f7d17742f804c4ac2da0df6bf907
-
Filesize
1KB
MD5f7fc1c2304cd0480df46c3425ad85dd3
SHA1dc3c253283c8da2de2576f0fa0bdd94e690a0c28
SHA256fd596b5b99c45768cf5c325c8de56c3918cd9a87f7f124bb9f08d51b65cd9a07
SHA512fdf62d1f154d21fea249d59660f0733542d9cd295e8cdee8b0333de2a3f66dfb44210c8ee6ba24be6769d6014f8e69170a3de8bf7e624a75631022b559311018
-
Filesize
1.3MB
MD56e4800e14ae255e00b23ef27e5eb29c4
SHA133b451e52d3cbaf3e41543208a88c5e2ceae32df
SHA2563831a2242ff187e2f3442ccc699421ac29eb84a0b4c092049fda203866e6f37d
SHA5123c719d9f5694c84c863a53a8b6b721e269c37482b3223948219cbc2557efe6166492fa917014c2655d8c6f7e6b02a977d79ab5661f92f7a74539bbc4cd7eadef