Analysis
-
max time kernel
29s -
max time network
30s -
platform
android-13_x64 -
resource
android-33-x64-arm64-20240910-en -
resource tags
-
submitted
22/03/2025, 00:25
General
-
Target
09018457e7366d2b54ae1ce19ad5ea61ac0f58464d6858c41b358f0a37cf3233.apk
-
Size
8.1MB
-
MD5
ce089137681025986be62b70339bbacd
-
SHA1
e81dc0f6b2df641c3d58e54c77a20438fb14b24c
-
SHA256
09018457e7366d2b54ae1ce19ad5ea61ac0f58464d6858c41b358f0a37cf3233
-
SHA512
3cfd5642eb535fe7148c073d6d67b62f0afbd043f1d00508495816c84645c7fd29393113d0384737f148ade65fa1ea00683b8698ae46ad8b4cfe6c9aa5bb0240
-
SSDEEP
196608:tp8YoZUkjZlU5u8ZLpqIFuAn3oE3TUbHcSjIsGscvdX:/oZTFA3dbu0ZUYUrBa
Malware Config
Signatures
-
Antidot
Antidot is an Android banking trojan first seen in May 2024.
-
Antidot family
-
Antidot payload 1 IoCs
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Checks the application is allowed to request package installs through the package installer 1 TTPs 1 IoCs
Checks the application is allowed to install additional applications (Might try to install applications from unknown sources).
-
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.soweba.bandwidth1⤵
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Checks the application is allowed to request package installs through the package installer
- Schedules tasks to execute at a specified time
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
29KB
MD513d37676157f6736dc6a98f24bc4d629
SHA19c36c6fc8b2a789b0920ee11cb6a6e289fb05517
SHA256106b74d02a50f6914e0e940efea7b993b0f1afe8ab855310a0eb1bdb90bb3d4c
SHA512e504e6a5a1726241c54527ff4b3246e184505c3146893d2545e204261569f2531b1c543c83510384355e2f7cb69d3327cce373077ea48e877d29eeba1f91f481
-
Filesize
593KB
MD5c58c90d609f67f71baa4f3328869ff07
SHA1e2411531cf2173ec5de111df1cfd4528ea1f414b
SHA2562fc28945cf354f15bda5a429ee37be36227ff337349e1ba17e40e0e6a7927f8d
SHA512ae5670b7cd6257be8b260b508e4038195ee25df105a4e9c130face5644489e2b8b03872e5aa45a70b970486f7f0348a9296bcb37e37fdd2102703e21f0c421dd
-
Filesize
593KB
MD59b8ddaa3f46352596c2b8d54f10af656
SHA18647ea0467c4540edcc39eba3aca703f152bdded
SHA25629e328a62f867e98fb29201606d93f6f4b3956cfe1b9f1246e7482f03dc2cb59
SHA5128f9266bd741253bbedcdd1444e9e9f5924e8f253b6c14e11b2c18b1f4edfbccbc4db772633323f561af6a33c65879d67be4b43181ca702407e8938e7abe65e2c
-
Filesize
24B
MD59c8b50ef8bf32038c88545f870f9b70f
SHA12fa8ab34afd46f762f92a25484f4f1062734853d
SHA2567fcc88142872dce11acd076a9be812705c2e9e75bf4a169bc9c84eff43a1cf49
SHA5122b28e7c4a4620b84a9d9a4ec7daf73db3b6c182c1ae0d6aaa5ae6e16d3074dfa8da8d2edbf141d0562df2650c2eb4cf4fe06f21ca41a81b15fc0a302ac2461c1
-
Filesize
8B
MD5b7a1c68b1b11989ac05b86dace8971b6
SHA173e22ae2ae4530abf24106ff26bdf6a6aa69fcd4
SHA256b87581a6cbcf2692ff8d387c21e4e088d52d52373cb32b32cc63831afccd388f
SHA512c67de939e5edc4f16a0c0faa44be6758dc9b9dba50c85109588cb739ea77a3cb13b84e0adbf57a64068a3787ee66abd30041cfb2c39cb44fedb96b25da367917
-
Filesize
112KB
MD59900f53b0304227c517e4f9b1ad39e59
SHA12e3e7d88ddf253d4794c8a1d8de33e32627c20a9
SHA256e24c556701f7997acf608888be946625c837af1ee37a7ecf897965c5e9c00764
SHA512e58190028dbf8ba603c390c93fbf5ff032d1ffd8f6d706df6a78ea13fe47b6e792358c6412e9d11e7d5c47619b68ef4a07a3019fc89224eed796c875af319371
-
Filesize
512B
MD55ef895415814f6409039cb3a3b4ddc26
SHA19e62f386295f818e3b9a6a24e9b1d1423a697937
SHA2568d6054c799aa4534ea2fea7ad24313ef534d41ca615fe95c1b7dd975ca2d0010
SHA5125ff0f2d5e708478aeb7ac8670417b5e22cb0393f577d6ff8b9fcc20cc50b3083b1e9b5263cdb6e79b5d919aa97bd933eaddfca6edf2491cc2567b6b1ede39fd3
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
116KB
MD538988b7b41da8c3495889b7ff64d371d
SHA1d186ac493632bea1b2d01077637c2e2d4c930333
SHA256b806758b3eb440c01536bc1b6521ebc65c178e40f08469c40508462c6ddd7010
SHA512a3e6cbe102c31ae1919529abbdfafe0cd807eb0cf0eedc0cdee4b2ea2f4e098a080916042fe81ed34af58a5b362f6ea25d0e43c5aeeadaae028e19f96b25c9c7
-
Filesize
426KB
MD5f1c799cd5c5d7ec529090e14c1345c14
SHA1bbf8f1643cfa7c12b085ae674b84e93f6f585e86
SHA256773826aae78b7a810e1a76583dcdde51b5e4f8e22e7fefdc59c3f88aebf02973
SHA51242612d66802ed181e3770727f4ca58f3992918bf5c9dd2043fbbee757251db7967a14cb5a45cfc82279677c7b46796e6f5e1d1743cd38dbb36ad8de96181b1ec
-
Filesize
16KB
MD5daf613fd65497d396457b34b97959bba
SHA192eef0e728f4c04624917d32444f201239b5fad0
SHA25602eea80efd1cf8f9445cc716ff75a8a7d6ce542a28d82a32e0765e4d9d975955
SHA512727a843cacb0bb85e72fb2f5989f85c6d34a1be2fc30227e185ecb3db24c853db8c5c15acf87868a7d9ebbe857a61cf58796b256e9578d9d3f5b51e2ff2c432f
-
Filesize
1KB
MD52ee783cc58189d8bd90960b9476e6f18
SHA1e8d46c0450be5d90b6483df19f41205434e99c3d
SHA2560c4560b7ca459ebc07c1dd1cbaaa231f8ff5885312ce98f1c0b56c7bda532657
SHA512749c1ebab76839048b7b97511a1e4f8198a08502076ad5e94801f1d1e4e19b8ed165c62de98b00f57c40eadc2c94533e3c5fd3ddb6a42595192cfa084b596767
-
Filesize
1.3MB
MD533446f61a80b5b52abc0770fe6c64a27
SHA115f715e614c100e0f602be9c473291fd46f394b6
SHA256642063b0569224fbbe68485608a6586161662d906c36578b30ae709237a3adba
SHA512e21793fa455726866a89425e62005a0e1871b3baa004c7b12d5ba77911c4a1c42c4a46594cbb93944b5214c857d744e45f322975d14a2d1045e99509d0af34c5