Overview

overview

10

Static

static

6

a65b691f75...ce.apk

android-9-x86

10

a65b691f75...ce.apk

android-13-x64

10

Analysis

  • max time kernel
    23s
  • max time network
    150s
  • platform
    android-13_x64
  • resource
    android-33-x64-arm64-20240910-en
  • resource tags

    arch:arm64arch:x64arch:x86image:android-33-x64-arm64-20240910-enlocale:en-usos:android-13-x64system
  • submitted
    01/04/2025, 07:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a65b691f75944a4f453f95a970d54ece.apk

  • Size

    11.8MB

  • MD5

    a65b691f75944a4f453f95a970d54ece

  • SHA1

    4e76f501ea7156e56b1faf5a7cab70e871f53333

  • SHA256

    cfbf40c22e9f6cbdb956376cbb845991dfb9aaefcfc6a1340a609a446627ce03

  • SHA512

    39078e810d12211fefe0309bea0cfd66148b5454d2249bb22f8970aa89c68d0ccc34ba9502418c2eaf9401053a80d8cfe1a582fb4bbead13ab6aea022a561ba3

  • SSDEEP

    196608:mlpvDcrLpoEZ+aWBPWCY2nKpE0oImJzxPj385IYnknb9knfAyIEE5UOs5GL:SpvWpV+HWHBQIU4IYknbGfA+E5RxL

Score
10/10
tanglebotevasionimpactinfostealerspywaretrojan

Malware Config

Signatures

  • TangleBot

    TangleBot is an Android SMS malware first seen in September 2021.

    trojaninfostealerspywaretanglebot
  • TangleBot payload 1 IoCs
  • Tanglebot family
    tanglebot
  • Loads dropped Dex/Jar 1 TTPs 2 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.xinobideveloper.installer
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4437

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.xinobideveloper.installer/app_mph_dex/apk.crazy-v1.AndroidManifest.xml
    Filesize

    4.4MB

    MD5

    7ea973ca96f723638d634b907ab02a9f

    SHA1

    1162faeff741c4b554c90e69d6cb7d1f43ddf410

    SHA256

    5743b752567f711668176290c4cc4742d92cf3583faa6c2573e93c0b08d231dd

    SHA512

    42d49b51171dc95afe63d3a33a1f8a1efb464a2b597ced023c5e2bf418cdcbc33990a09514bfb5c942c8ee619fc94486a6f95396258b762fc6d17642b9a566cc

    Download Submit

  • /data/data/com.xinobideveloper.installer/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫
    Filesize

    10.1MB

    MD5

    717b0ca3c470ca2f483da9c7d45fb2f3

    SHA1

    eb1edf28e475dbf5dad73dd874855b02ad0d83c9

    SHA256

    f1133254cb577ff28df6c9e6cf6fe92e62b5380245321f7a76845a3891530cc2

    SHA512

    a789c86d007da29261009b6d347ae61db5eb84c82345106002923fe4b4420bfe6182527f7f0ab90a78444474ad991cbe3c47c22a80cc1c74d2ce5218498cfab4

    Download Submit

  • /data/data/com.xinobideveloper.installer/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫.
    Filesize

    8B

    MD5

    495009ed6c56ed735599c653d5e37143

    SHA1

    fa6eb3320d59d1fe9c4795a293fcc2cb2933be33

    SHA256

    698cb8ee15faa27d7afeb1374c02cf8417d50905da1636b749d7c263c7e5cbd6

    SHA512

    f01056454c9164ed9b2412af7c0ce21a8adee7294eb27d78e441315e4c6fcd33dd03592b6e915774f821e0120ec552f6985343b5d4e066fc30f80fa26830d641

    Download Submit