Overview

overview

8

Static

static

6

4301d7592b...d3.apk

android-9-x86

8

4301d7592b...d3.apk

android-10-x64

8

4301d7592b...d3.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4301d7592b2f99e51a063d868b915884316fb7fd1bc08f3d283a16166c2cead3.bin

  • Size

    4.1MB

  • Sample

    250328-123zsatpw9

  • MD5

    197a8546b376f953c54c5b084bea6712

  • SHA1

    4354e75bfb5696b6043494e55df17b5ff343d16e

  • SHA256

    4301d7592b2f99e51a063d868b915884316fb7fd1bc08f3d283a16166c2cead3

  • SHA512

    143ec93168bfadbc6335dccb04269b469a2a4c8dcfc1933d42ae48150d9f81e0917b4e8d0a31f50c44ee0662f5a6a27fd2612acab0996fe083dcc9b98f1a3207

  • SSDEEP

    98304:7oekLOs4iOVuf7FBupQKprjuZMYdFL+e2b8gkbKEEKmMq1M8ux:7oZLBTvkG2e9dbSKmtu

Score
8/10
androidbankerdefense_evasiondiscoverypersistence

Malware Config

Targets

    • Target

      4301d7592b2f99e51a063d868b915884316fb7fd1bc08f3d283a16166c2cead3.bin

    • Size

      4.1MB

    • MD5

      197a8546b376f953c54c5b084bea6712

    • SHA1

      4354e75bfb5696b6043494e55df17b5ff343d16e

    • SHA256

      4301d7592b2f99e51a063d868b915884316fb7fd1bc08f3d283a16166c2cead3

    • SHA512

      143ec93168bfadbc6335dccb04269b469a2a4c8dcfc1933d42ae48150d9f81e0917b4e8d0a31f50c44ee0662f5a6a27fd2612acab0996fe083dcc9b98f1a3207

    • SSDEEP

      98304:7oekLOs4iOVuf7FBupQKprjuZMYdFL+e2b8gkbKEEKmMq1M8ux:7oZLBTvkG2e9dbSKmtu

    Score
    8/10
    bankerdefense_evasiondiscoverypersistence

    • Checks if the Android device is rooted.

      defense_evasion

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Declares services with permission to bind to the system

    • Legitimate hosting services abused for malware hosting/C2

    • Requests dangerous framework permissions

    behavioral1behavioral2behavioral3

MITRE ATT&CK Enterprise v15

MITRE ATT&CK Mobile v15

Tasks