antidot

General

Target

f5fdc1672088ee29affc4817986e722765c4f03af4dcde8fc603b25544bae62d.bin
Size

9.6MB
Sample

250324-zbyfyaypv8
MD5

e6c96197eb41de926fe43d6721f01aaf
SHA1

15fd15f9803134efe6b7c28c86a00a4f0390c973
SHA256

f5fdc1672088ee29affc4817986e722765c4f03af4dcde8fc603b25544bae62d
SHA512

e36c4a07161d77d98d6e1fb7f30cb42667e9fb997adfdd1e36fd5ac41ef58428c87b0dcc507988614e29a7b9ba93f4f1e42715ac6802916729af51941020e5e2
SSDEEP

196608:B3TfkmoN3qOqH51QWqzQbgk4sAw7kCwDkbe9H/yzL3itOrY0obFF6a1SEfAL:BDfkmoxqUXzS4W7krDkbe9H/yzrrY0oO

Score

10^/10

Malware Config

Targets

- Target
  
  f5fdc1672088ee29affc4817986e722765c4f03af4dcde8fc603b25544bae62d.bin
- Size
  
  9.6MB
- MD5
  
  e6c96197eb41de926fe43d6721f01aaf
- SHA1
  
  15fd15f9803134efe6b7c28c86a00a4f0390c973
- SHA256
  
  f5fdc1672088ee29affc4817986e722765c4f03af4dcde8fc603b25544bae62d
- SHA512
  
  e36c4a07161d77d98d6e1fb7f30cb42667e9fb997adfdd1e36fd5ac41ef58428c87b0dcc507988614e29a7b9ba93f4f1e42715ac6802916729af51941020e5e2
- SSDEEP
  
  196608:B3TfkmoN3qOqH51QWqzQbgk4sAw7kCwDkbe9H/yzL3itOrY0obFF6a1SEfAL:BDfkmoxqUXzS4W7krDkbe9H/yzrrY0oO
Score

10^/10

antidot banker discovery evasion execution infostealer persistence trojan
- Antidot
  Antidot is an Android banking trojan first seen in May 2024.
  banker trojan infostealer antidot
- Antidot family
  antidot
- Antidot payload
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Queries the mobile country code (MCC)
  discovery
behavioral1
- Target
  
  wibemuse
- Size
  
  10.4MB
- MD5
  
  8e03e90022214eda8f01ce735d8fe972
- SHA1
  
  0a5fb8dba68751a01aaa113f92b2db9225dd24a2
- SHA256
  
  5acb5ebdd0e4c8fbafb44a88e66e741f1c94a72e3f07f5adc454687010634848
- SHA512
  
  40f1415f69ef72ba6ec53745c2192cea7a82e4d1c028cdf0b636af163a0246a3d201d67ddb60f8552733239ebac82673bac179de179cc78656b9d9cef1e2fde8
- SSDEEP
  
  196608:mB12mtwTYrqOBcjvLDxLB5WLDDKfYErSssdkpxHaNhJ/Ds:mBxmOBcjvLDxL2DKFrSuVaNbs
Score

10^/10

antidot banker collection credential_access defense_evasion discovery evasion execution infostealer persistence trojan
- Antidot
  Antidot is an Android banking trojan first seen in May 2024.
  banker trojan infostealer antidot
- Antidot family
  antidot
- Antidot payload
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Makes use of the framework's Accessibility service
  Retrieves information displayed on the phone screen using AccessibilityService.
  collection defense_evasion credential_access
- Queries the mobile country code (MCC)
  discovery
- Requests enabling of the accessibility settings.
behavioral2