Overview

overview

10

Static

static

6

8c51df7bee...03.apk

android-9-x86

10

8c51df7bee...03.apk

android-10-x64

10

Analysis

  • max time kernel
    9s
  • max time network
    150s
  • platform
    android-10_x64
  • resource
    android-x64-20240910-en
  • resource tags

    arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system
  • submitted
    02/04/2025, 07:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8c51df7beedf6b5af934e3c9f43af603.apk

  • Size

    11.8MB

  • MD5

    8c51df7beedf6b5af934e3c9f43af603

  • SHA1

    6ac720ba2037ca8a2786b12c67b3455ab911f0c3

  • SHA256

    29fb5098e114d4b07be3544a073e835198673c7e9d2526575a1f85fe4231c65d

  • SHA512

    20523a55c8b2d03dfa27d093518ba3af8613b8639d561a0b930ac337cd0bbe434035c01406521f26f2ee1e753dd887c609ece6500a8b23d28555ca65d8aa050a

  • SSDEEP

    196608:vbzjWQcwVV+3bqy9tZrTSh9YGFngmd+JNHq4LMh5nqoF7bL:XCQemy9tZrYY0ng/qaU5nqoFvL

Score
10/10
tanglebotevasionimpactinfostealerspywaretrojan

Malware Config

Signatures

  • TangleBot

    TangleBot is an Android SMS malware first seen in September 2021.

    trojaninfostealerspywaretanglebot
  • TangleBot payload 1 IoCs
  • Tanglebot family
    tanglebot
  • Loads dropped Dex/Jar 1 TTPs 4 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.xinobideveloper.installer
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:5092

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.xinobideveloper.installer/app_mph_dex/apk.crazy-v1.AndroidManifest.xml
    Filesize

    4.4MB

    MD5

    7ea973ca96f723638d634b907ab02a9f

    SHA1

    1162faeff741c4b554c90e69d6cb7d1f43ddf410

    SHA256

    5743b752567f711668176290c4cc4742d92cf3583faa6c2573e93c0b08d231dd

    SHA512

    42d49b51171dc95afe63d3a33a1f8a1efb464a2b597ced023c5e2bf418cdcbc33990a09514bfb5c942c8ee619fc94486a6f95396258b762fc6d17642b9a566cc

    Download Submit

  • /data/data/com.xinobideveloper.installer/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫
    Filesize

    10.1MB

    MD5

    36e3f4d8d9aeb9141635461ea9ad65e9

    SHA1

    1eae25a01ed40dd99adc0e6a6480be7b1d532a31

    SHA256

    c087b8889150a4fc3b49a1e0467a1e333295fb54076352f883cf7946016391af

    SHA512

    5fb5e5443670600f6352a87adf7908f1d7490aac69a9a0556ba817c51540978acdc4dd2480888b52cfe0eaa70e95ba9f8967a001e49a26a77a3befa3df2d8f55

    Download Submit

  • /data/data/com.xinobideveloper.installer/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫.
    Filesize

    8B

    MD5

    24e5830679d5e2eb20ce4d8dae423124

    SHA1

    db167870d53a342d69e82fe3f9c700e6d329162f

    SHA256

    2d0d0f693a4a6f05caf2409f6cb71d717a3613d4f3fb19ef1b666e35e702c009

    SHA512

    c6aa4e6da4f905aaec38725c94475a7cb089609d7125de97b9e860def13f3822abdc536968289b43b2212010cbedea17bc01788df2eab511ac462a8e906d18e8

    Download Submit