General

  • Target

    e70e9e17f4083ab8a8620a9eed08ec1b06b598db1a8d3711992cfd219bf65afb.zip

  • Size

    1.3MB

  • MD5

    b0fa8413d3de444118fdf0484721d1a9

  • SHA1

    0a84e6293aec49a028519146a976a9cde9255b48

  • SHA256

    e70e9e17f4083ab8a8620a9eed08ec1b06b598db1a8d3711992cfd219bf65afb

  • SHA512

    89afbe5852747dc5cdb63d343b93b4bc6058897b50a5a6b85e85a434a54be577a84f9a8ef8130daa9465f6b2a337d2f1be3753b0d4033bbe22db781f49d2d896

  • SSDEEP

    24576:tsNyTbtadFkVk+7qic8JzoQ8TsrRyXhjv2SOQWZfXExtj:tsNsbs6VNhkOwxjvBWpUxtj

Score
10/10

Malware Config

Extracted

Family

aberebot

C2

https://api.telegram.org/bot1962569196:AAHM6U4h6BTtbS762JueoJUyaCXb4dBjeyA/getUpdates?offset=

https://api.telegram.org/bot1962569196:AAHM6U4h6BTtbS762JueoJUyaCXb4dBjeyA/sendMessage?chat_id=-1001612354163&text=

Signatures

  • Aberebot family
  • Aberebot payload 1 IoCs
  • Declares services with permission to bind to the system 2 IoCs
  • Requests dangerous framework permissions 10 IoCs

Files

  • e70e9e17f4083ab8a8620a9eed08ec1b06b598db1a8d3711992cfd219bf65afb.zip
    .zip

    Password: infected

  • ee20d6abcf80df3a02c99b977ae6c948d2449f573daa9204ccc9fab6825883f3.apk
    .apk android

    com.example.autoclicker

    com.example.bot.MainActivity