Analysis
-
max time kernel
149s -
max time network
133s -
platform
android-10_x64 -
resource
android-x64-20240910-en -
resource tags
-
submitted
22/03/2025, 00:26
General
-
Target
09018457e7366d2b54ae1ce19ad5ea61ac0f58464d6858c41b358f0a37cf3233.apk
-
Size
8.1MB
-
MD5
ce089137681025986be62b70339bbacd
-
SHA1
e81dc0f6b2df641c3d58e54c77a20438fb14b24c
-
SHA256
09018457e7366d2b54ae1ce19ad5ea61ac0f58464d6858c41b358f0a37cf3233
-
SHA512
3cfd5642eb535fe7148c073d6d67b62f0afbd043f1d00508495816c84645c7fd29393113d0384737f148ade65fa1ea00683b8698ae46ad8b4cfe6c9aa5bb0240
-
SSDEEP
196608:tp8YoZUkjZlU5u8ZLpqIFuAn3oE3TUbHcSjIsGscvdX:/oZTFA3dbu0ZUYUrBa
Malware Config
Signatures
-
Antidot
Antidot is an Android banking trojan first seen in May 2024.
-
Antidot family
-
Antidot payload 1 IoCs
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Checks the application is allowed to request package installs through the package installer 1 TTPs 1 IoCs
Checks the application is allowed to install additional applications (Might try to install applications from unknown sources).
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.soweba.bandwidth1⤵
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Checks the application is allowed to request package installs through the package installer
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2KB
MD52c27ae958b9b74e7eb36ff5335f44ddd
SHA1551b18c86fed3c25a5dfc67c4f44686eb3e6b595
SHA256fa940666fea3fdf4547a1dbf9e47769d84a47c8af2f9109fd17f6fd08ecb0c89
SHA512546ba00af2618aeff1edf1e1a07e3f0f464226ac71d81322240e67e67e250ae6f5a858f05cecd0cb00d4b34bfd4627cb23599b286e9803027c6cb31f4ac6c1a3
-
Filesize
593KB
MD5c58c90d609f67f71baa4f3328869ff07
SHA1e2411531cf2173ec5de111df1cfd4528ea1f414b
SHA2562fc28945cf354f15bda5a429ee37be36227ff337349e1ba17e40e0e6a7927f8d
SHA512ae5670b7cd6257be8b260b508e4038195ee25df105a4e9c130face5644489e2b8b03872e5aa45a70b970486f7f0348a9296bcb37e37fdd2102703e21f0c421dd
-
Filesize
593KB
MD59b8ddaa3f46352596c2b8d54f10af656
SHA18647ea0467c4540edcc39eba3aca703f152bdded
SHA25629e328a62f867e98fb29201606d93f6f4b3956cfe1b9f1246e7482f03dc2cb59
SHA5128f9266bd741253bbedcdd1444e9e9f5924e8f253b6c14e11b2c18b1f4edfbccbc4db772633323f561af6a33c65879d67be4b43181ca702407e8938e7abe65e2c
-
Filesize
24B
MD5e51c7b42ec05a4654bca4970f242ffc4
SHA188099937eb4f113d2227ecac377eb631c8884367
SHA2562ee421aa96d98af40f60ad90e038ad9e51afbabf8be7c2dc13f4c36b2d3e90c6
SHA51222df54a8accad2bbfb9a455f5da52212b20f7c347e140c723963e91d726295bc292c2e8b72df4281cdbfe144aa49d57f7fcc85d709dd09a03240f7c71930d2c5
-
Filesize
8B
MD513d266a2852a8d52a1b23d0e8829c571
SHA1ed579cb441865abe721348890c40232e5022f717
SHA256371190b8d12b78fc31c787c40af1b85652b615e3e5f517471156d78d35382713
SHA51201a318a43c295fe29df87df49b51b4cc20062aba82dc939e4f61300ff1d67c53eb21ce49609983f36a2e33efedc86af70efaee0ead19cd71fe5d706de74d3275
-
Filesize
172KB
MD5ebd8de3ebc993b6aaaa818f8d567628a
SHA110570979163a1001003c1b700ee82b95952a1d14
SHA256136b4b530506316707f93ee673f6d6a3360635f847229f98d19e7a868f9993fb
SHA512a196a8856c434ab35c03849e9c3af24c7089159e449514169d0aa9fd387c68b6b52645ece36e84fdc89f14db8e451d4c9b449e51b298cf7601ba81e946930595
-
Filesize
512B
MD5838db03742a44cb29770989ad1739c81
SHA1a52dec7c7a93fcd34760f9b76a955217e157b5ea
SHA256c68a85f015c92361a7c7abb51e6bc48506a80f1dc5213b545238f43a7c34ca67
SHA5124b27cd429efb18362b8f9b2aa21896e4a8b8f6724241de306ba43961717db313cde09f5df4bf964496d38b09b720365e176b1f5c5822886ce36dcfa5a00422cc
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
430KB
MD5f81590130bec3298119393bd3b5e6c20
SHA19dd2e2eac99b835b0ca4e726700a26791323162e
SHA256ef7d01e7c5b56c83dc1d46ac1e2012f9c54719a676bc03467ef0610eca4dcbdf
SHA5127eb6a04996b27204e32e57878b72efb395e8308749f2e784a0cb90a2a1daa671bb32a788ad8c651025c07bae084fa84e26e8444c94e444f8fae26f0602d772b5
-
Filesize
16KB
MD5d2bdaca828d179c87547c6e1704869cd
SHA1a16aca8a7b87bb84ec40d877aa66b6bc14bfeede
SHA256b019bc702d61fb3d2ad7cc7401b42571a85e68eb8589c12ea012a1155a1f2e40
SHA512eb1f391e24d1fd741b9c2595a4a436faeb9a66abd9b2b6795e9194bedefc3b56764e02a09cde411cc2fd1859574048418be46df138f5bd6be8aa26486f2b2ad7
-
Filesize
116KB
MD5cf3f23f3d271026b37d0b3903fed35b6
SHA12c3aa95f57e49b17e7f99f7089fe32c46f9ad5a2
SHA256f2086bdb4f1532b5994689ee1419ee73d89f30528192ef47269195c75e8f448a
SHA5121ee0bb950b072e68913c78a3f939a16609aff2fd7cc67b7d2d35dff532a141a78015dcd6905c18b0acd557f54ddcf950c7bddbaddf69be9ff8b971a773a76629
-
Filesize
1023B
MD5d9e947141ffcee38b1ed8f401c18a9d0
SHA168fa07fdd7975d75d5b07798ab5a57376f01f78b
SHA2560d5db31931ba19d75ed7423816b63cf636e7aa627165b7584467670c62c04eee
SHA512f35fa99db2b0a48951da99e0b09635c9569d4ba8542a988f0f059245cba712f2dc0fbc2572d56ad3fa2c95bbe7285d2a1008a31c7ca39512f5883137725a0c8b
-
Filesize
192B
MD5ff6c5da0104f95d36f487c19a41cc5a9
SHA152557fad5c9bd26d0fee63e8994f20611ad3c4a2
SHA256cc8a0c9bd49aa4c6bfb645900ec407556e05dc29f2288b5ea831c4be3394925e
SHA5127f838678e3b723a09d93a565178453130ae4e8200752056279d302b452bd7e457a287aa2b58ac1572676f4e9a85f1c6710a78034117dafdb3bc8f81a3d2505e9
-
Filesize
1.3MB
MD533446f61a80b5b52abc0770fe6c64a27
SHA115f715e614c100e0f602be9c473291fd46f394b6
SHA256642063b0569224fbbe68485608a6586161662d906c36578b30ae709237a3adba
SHA512e21793fa455726866a89425e62005a0e1871b3baa004c7b12d5ba77911c4a1c42c4a46594cbb93944b5214c857d744e45f322975d14a2d1045e99509d0af34c5