Analysis
-
max time kernel
146s -
max time network
152s -
platform
android-10_x64 -
resource
android-x64-20240910-en -
resource tags
-
submitted
23/03/2025, 07:37
General
-
Target
jixofobu.apk
-
Size
9.6MB
-
MD5
7f4cd817e65363a0d9e47a2c89d53d96
-
SHA1
59560a4005b338883a77e920bdf1eaae6bbdb04d
-
SHA256
f9f89b6f4b104cfa5f764d1c607ff35799146dd65a5b8634fcaec3eca84ea39a
-
SHA512
f5cba2f7c0f7b02143906834fa3a7769507b126ea13867b63dec829dbc6ee0ab2099acc3df96b04d04a8e8c3e8479b565f4521f91af1b173869f14f3f3c51e02
-
SSDEEP
196608:ZZrwI0owMqyEt6FGvcmVjCwGeH5H17j8gGK+6tNkidKlWFGkWDW+N3:ZcowMPJkvcCCthgGKztNk+s/kU3
Malware Config
Signatures
-
Antidot
Antidot is an Android banking trojan first seen in May 2024.
-
Antidot family
-
Antidot payload 1 IoCs
-
Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.didalu.common1⤵
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2.6MB
MD5fb4dfce8566681beed170dee87116d03
SHA1bf62509e6139e3501242f4dc1f3d95f45e1e6ef7
SHA2560a82ff23ddf3eae1815755c8db5265b2d27c781ddbdd3675938b8278ed0f4dba
SHA51206ea158b017589fe76b2a90e792d6c4dacbf17ea0eecd45ec1332dad51e63d33f2224e21d5f8092f6285b648d96106a8f75f367b23a5ca4d058943dc5d929718
-
Filesize
1.3MB
MD51aa5175f617fd2b6da3ff3b603bbf6a9
SHA1096876900802d304299f0b59243483c964d069b9
SHA2566826f82315b84acb75e1991c333acdec06f2810ac6cc55be330f7441d185ae91
SHA512cab0e2a62551e917255f595ef21cf7a1f8c1a4d078168c48b6e7aa7d5db9c42470b8290e28a50c855fd6461fd4059b52dbc41922a7c62333abcc9aa4ed4cb9e6
-
Filesize
1.3MB
MD54776581d1b0add9544b9bb4b49480382
SHA120629bd8eb771ceae7e3e1b1a9eedfd34eb7341f
SHA25631e3330acc47aba9309c9952456f8277896ec2679fc650f5c1720ad646cdde0a
SHA51287f2b54ce346c60d224b013fec69041ddf32a2f96eabd973cf7eb1d8bd53ba5431aeb1c8b1d252933a211b095e9e448abe869a369f6c9a7e5a3a4172a5a1f855
-
Filesize
24B
MD561bbaf42603c3301f5575955b5156e42
SHA1e5299ec1e46b1792648d1f84546ad3fd647c0806
SHA25662214c259a0a789e154fe77c5a4819adefc187b94bd486664ea07ce571417a6f
SHA51217cfcd7e4c3689fdb94fe0d86ad144a6821c24f6b7339f998e7313fe025febf51ecd3eefc04fd3dffd8e62b0753d630ddfa31eef1303ede54346463d2f7909ed
-
Filesize
8B
MD5da3b305dc5d9fd74188c02e740a592f3
SHA12c170d6cd81beecab1fb64b245771c3b34873df3
SHA25629b8e81e783d4cab76d35debc68729f83fb887ca9c41769698759484737d7e1a
SHA512e649f79308c0753b423916d976c8c469c6489bf7bd51daf7c373cafe243d771528a20581abcb983cf1fc8ec189612568cab658d86d48098376354bc3ab46ba1b
-
Filesize
104KB
MD5dc5542a5a85b23cb3cd0a23c9f6deeba
SHA186ffc45d9f79351363d37a144081293813107096
SHA25662f2062d80cd4a3e9521b1052afbfff7e3e15b3602342f543848ba2948c7f4b3
SHA51270e7c26cf8fad1771a7e7fdf7fc65828a95feef04d27abad3317f2d82a9ac98cde8316e9785533ded3cfb4589b1a771b6694a9e891962db103cddbdd9c408874
-
Filesize
512B
MD54b0d82a130142eedbc5fd4f5bd805bc6
SHA12dc29020e68d5324babc7d8017cfd08f975a2569
SHA25639f67bcdd6b48c237daad75255cb354f0927577f22be92424042c03be4b5bd0a
SHA512ec1a0ea40e86add4c268e98233595195111c968688c28e4ae273fe85acef7a410b0a75c7c48b8ec5cd3403b36a19c188b8d68a19c3aeb14919a34d48a2bba552
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
406KB
MD56bcd629a8aa10c2986df515a70a6b023
SHA1f7378063d8e9e28983a766c70d9c36d94577d0d7
SHA256aa7f757c6fdec5bb624595dc7376b348fe6f61c68601b7c4444ae905d07b9980
SHA512f502c5961801a34988cf50e652698cfa19b52a135c9e17eb7d702f1e10513f5cec7349f351a747b037e82ba44bb8de5733121e78d47de72d061091d862e635a9
-
Filesize
16KB
MD500c7c7075b35467a8e94d8735a582b56
SHA14c444518fe43ba0e6ea90c1022759997bf8be8b8
SHA256f8a89fba7d2fdc1963d0c67fdb5838f6e5124c779967847fc889150f3f3e1aec
SHA512939d7cd9fa7031e279dcfbe81886d0aa7ddca6bafc98772d0cca454ee0287694da591807a5e1202b19b66780c6d31d2d1e67c6d72b4fbdfbed228ee6bb60da9b
-
Filesize
116KB
MD5938a3a443e832363a4759d27878d6609
SHA11ca2f697d330f868984e8ed933d974b8c33c6277
SHA25653ed1fc87cb9ba2c8141e10462afae745b9b23e9521bba2657f6fec67d883d78
SHA512502c11dcdf24098db2a406482b2f2f4cb39c5d75576f982d3d214480b8af0499dc5ff49ed482a66d0e551419d417fe40543cd5f3d55c6d5cbb9c53f80cadb129
-
Filesize
1KB
MD5a838bb75bedea1d29d023c8196d30e8e
SHA1b29b5bed4be7f6151c0bf115b56c31b792fb165c
SHA256b34ce366e122bd728c904c5866266ee472d176bdf106a2455cd1ca67ea08f245
SHA51208d73afdf5902d1257d9973d8d162afcd52fa720b0967897922876c23881fe28ee343821e85bf3aa6c2e372aab7502e53030b2126c7e201940357cf4ff8ca5fa
-
Filesize
111B
MD5c330c6dc894c2dfcfbef627d90a395f5
SHA1403fc1cf58a7fdcb5a457e35d9b3954b42a5b391
SHA256ba8d4e334019bcd8dd4ea52e07745782f9c3282b61328d4bbe248a0c4bcdcea8
SHA512fad78d55824766995f3a7700f7c08d9ac5435ecf5290cfecfe724960d854f5e18ef65300e0c8f921084d8104085c41370c63f9b5197f834f7f7bf4f15264f291