com.example.bot.MainActivity
android.intent.action.MAIN
com.example.bot.zpokjkjlkjhjlkdfb
android.intent.action.SEND
android.intent.action.SENDTO
General
-
Target
e70e9e17f4083ab8a8620a9eed08ec1b06b598db1a8d3711992cfd219bf65afb.zip
-
Size
1.3MB
-
MD5
b0fa8413d3de444118fdf0484721d1a9
-
SHA1
0a84e6293aec49a028519146a976a9cde9255b48
-
SHA256
e70e9e17f4083ab8a8620a9eed08ec1b06b598db1a8d3711992cfd219bf65afb
-
SHA512
89afbe5852747dc5cdb63d343b93b4bc6058897b50a5a6b85e85a434a54be577a84f9a8ef8130daa9465f6b2a337d2f1be3753b0d4033bbe22db781f49d2d896
-
SSDEEP
24576:tsNyTbtadFkVk+7qic8JzoQ8TsrRyXhjv2SOQWZfXExtj:tsNsbs6VNhkOwxjvBWpUxtj
Score
10/10
Malware Config
Extracted
Family
aberebot
C2
https://api.telegram.org/bot1962569196:AAHM6U4h6BTtbS762JueoJUyaCXb4dBjeyA/getUpdates?offset=
https://api.telegram.org/bot1962569196:AAHM6U4h6BTtbS762JueoJUyaCXb4dBjeyA/sendMessage?chat_id=-1001612354163&text=
Signatures
-
Aberebot family
-
Aberebot payload 1 IoCs
-
Declares services with permission to bind to the system 2 IoCs
-
Requests dangerous framework permissions 10 IoCs
Files
-
e70e9e17f4083ab8a8620a9eed08ec1b06b598db1a8d3711992cfd219bf65afb.zip
Password: infected
-
ee20d6abcf80df3a02c99b977ae6c948d2449f573daa9204ccc9fab6825883f3.apk
com.example.autoclicker
com.example.bot.MainActivity