Analysis
-
max time kernel
149s -
max time network
151s -
platform
android-11_x64 -
resource
android-x64-arm64-20240910-en -
resource tags
-
submitted
22/03/2025, 00:26
General
-
Target
09018457e7366d2b54ae1ce19ad5ea61ac0f58464d6858c41b358f0a37cf3233.apk
-
Size
8.1MB
-
MD5
ce089137681025986be62b70339bbacd
-
SHA1
e81dc0f6b2df641c3d58e54c77a20438fb14b24c
-
SHA256
09018457e7366d2b54ae1ce19ad5ea61ac0f58464d6858c41b358f0a37cf3233
-
SHA512
3cfd5642eb535fe7148c073d6d67b62f0afbd043f1d00508495816c84645c7fd29393113d0384737f148ade65fa1ea00683b8698ae46ad8b4cfe6c9aa5bb0240
-
SSDEEP
196608:tp8YoZUkjZlU5u8ZLpqIFuAn3oE3TUbHcSjIsGscvdX:/oZTFA3dbu0ZUYUrBa
Malware Config
Signatures
-
Antidot
Antidot is an Android banking trojan first seen in May 2024.
-
Antidot family
-
Antidot payload 1 IoCs
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Checks the application is allowed to request package installs through the package installer 1 TTPs 1 IoCs
Checks the application is allowed to install additional applications (Might try to install applications from unknown sources).
-
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.soweba.bandwidth1⤵
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Checks the application is allowed to request package installs through the package installer
- Schedules tasks to execute at a specified time
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
593KB
MD5c58c90d609f67f71baa4f3328869ff07
SHA1e2411531cf2173ec5de111df1cfd4528ea1f414b
SHA2562fc28945cf354f15bda5a429ee37be36227ff337349e1ba17e40e0e6a7927f8d
SHA512ae5670b7cd6257be8b260b508e4038195ee25df105a4e9c130face5644489e2b8b03872e5aa45a70b970486f7f0348a9296bcb37e37fdd2102703e21f0c421dd
-
Filesize
593KB
MD59b8ddaa3f46352596c2b8d54f10af656
SHA18647ea0467c4540edcc39eba3aca703f152bdded
SHA25629e328a62f867e98fb29201606d93f6f4b3956cfe1b9f1246e7482f03dc2cb59
SHA5128f9266bd741253bbedcdd1444e9e9f5924e8f253b6c14e11b2c18b1f4edfbccbc4db772633323f561af6a33c65879d67be4b43181ca702407e8938e7abe65e2c
-
Filesize
8B
MD5a171b8c2fcdedaad78bb8485ab883631
SHA1dc104a34868d448dd7e526623d5fe1f80a9ac549
SHA2562f436eef1a76f2d4c13e8c60385931910ebebcf36c5d7e875c1629a7f3db465c
SHA51233ffc2e2edf8ae639fb10572e063f4e27dac3a025ab18ec8e7a37454a679a6eb6fab645ac1ea089eb0e4c39936047967e65a926b4fbfd495d2bca05c5438defc
-
Filesize
184KB
MD58c82470824da944c2d5f83ab1d27e1af
SHA183ac72809dfb04cc90988150fa43b967c439e82f
SHA2560184d845b63a448bb56b59c1391c7eabb3656ee9aa022537ba2cc2347191a485
SHA512aea073258414138310cad86d5e105e8199d89c0d3e994f7935489ee3cf4803be04242e67b2b9f757a06f3d1f919cb3fcd48c3685b33c92a9ec753558123d8303
-
Filesize
512B
MD588eccbdf44135167b917409ee176e5aa
SHA1389bce8db5f1ce3ddc0442249f781eac8938c8cf
SHA256e576adcf65cd9ed0c3433e51a81734e9742cdce1991a389ea0680b03456b1f1b
SHA512620be4ecfd8175ccd595de2fe2bfb391220021f1e75d72451ab5c8d88735b04709de5360c5c0a1682bbf8b9c127f17258c62e311e153cd4fed93b52f54903653
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
422KB
MD57cef9cede4d67bc43a963b51bf4d5bf5
SHA1c6b40aa5d2efafac9e9d34d0fe76738ff1b4cdc3
SHA256ac036772cdeacfaa68df2f7c0ec1b6ba58d4eb4d8e1fd3f4b21e5467ee0beb48
SHA512068e4cb0d01416439ef192fad4a23029af65eab6bfe1a6ab88d15bc0b3348676e9e22a93c5e7a8fb251173b9259ce4e2cf0eeea9b458b0fdd6787ba87285640f
-
Filesize
16KB
MD514646350ea2b582189be7b9067b4deeb
SHA141a22e4d2e3c6d8b6368c78d291b034852460108
SHA256b5bc0e834a183e75d9f347efb25f4f37e24b1eaf663e6017c27516c2e788a3bd
SHA512b1cf1288dca5c333efc70957f3111cdaeaf0799949ac3a4c9ecfa836fd15d260318dc3c95e694ae3baa1411c35eee960815a4dba201e43d30080f574790d516b
-
Filesize
116KB
MD59dcabd38d281f50954b21c41461914e9
SHA1b26cac4ec86be8a0320e24f196f3ba411171f175
SHA2563b5dd435d5a205e31f627c181c1bc30f8b463c4caf8801eedda40c1d3c4924e4
SHA51264a0b1f03a46cbb8fc1935d4975cfc4cf4488a64aaf2c55ba89029fec8646219fe2ba69c8c400ed27354a178dfee48835977142dd2b9ac0093d36d7629654953
-
Filesize
1023B
MD5d9e947141ffcee38b1ed8f401c18a9d0
SHA168fa07fdd7975d75d5b07798ab5a57376f01f78b
SHA2560d5db31931ba19d75ed7423816b63cf636e7aa627165b7584467670c62c04eee
SHA512f35fa99db2b0a48951da99e0b09635c9569d4ba8542a988f0f059245cba712f2dc0fbc2572d56ad3fa2c95bbe7285d2a1008a31c7ca39512f5883137725a0c8b
-
Filesize
1.3MB
MD533446f61a80b5b52abc0770fe6c64a27
SHA115f715e614c100e0f602be9c473291fd46f394b6
SHA256642063b0569224fbbe68485608a6586161662d906c36578b30ae709237a3adba
SHA512e21793fa455726866a89425e62005a0e1871b3baa004c7b12d5ba77911c4a1c42c4a46594cbb93944b5214c857d744e45f322975d14a2d1045e99509d0af34c5