Overview

overview

10

Static

static

6

62e60ceec5...4b.apk

android-9-x86

10

62e60ceec5...4b.apk

android-10-x64

10

Analysis

  • max time kernel
    46s
  • max time network
    151s
  • platform
    android-9_x86
  • resource
    android-x86-arm-20240910-en
  • resource tags

    arch:armarch:x86image:android-x86-arm-20240910-enlocale:en-usos:android-9-x86system
  • submitted
    02/04/2025, 14:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    62e60ceec59fcccae04e3b2438d4c14b.apk

  • Size

    11.9MB

  • MD5

    62e60ceec59fcccae04e3b2438d4c14b

  • SHA1

    a8bfcdcc5e47eba05423baf596dc2fff696859c0

  • SHA256

    eb2551d6d27865c5ebbf4e7f9a6ed98f078ee908c2921a5579c7b061f7036593

  • SHA512

    67be94f7e84e8321740a7885ba08010c6033d63151c85f0718f31a80163575a0275c8b4a58fd8fce6430732a780b19d8ba8cb4f7cfe063990a162b10e3761591

  • SSDEEP

    196608:KaebzXTOzixTI4Hs5MvjB9CC/JGL9xp55/Ig3JhunN63vSTN:gzXT/js5M7jCoJGhbv1huOu

Score
10/10
tanglebotevasionimpactinfostealerspywaretrojan

Malware Config

Signatures

  • TangleBot

    TangleBot is an Android SMS malware first seen in September 2021.

    trojaninfostealerspywaretanglebot
  • TangleBot payload 1 IoCs
  • Tanglebot family
    tanglebot
  • Loads dropped Dex/Jar 1 TTPs 4 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.xinobideveloper.installer
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4212

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.xinobideveloper.installer/app_mph_dex/apk.crazy-v1.AndroidManifest.xml
    Filesize

    4.4MB

    MD5

    7ea973ca96f723638d634b907ab02a9f

    SHA1

    1162faeff741c4b554c90e69d6cb7d1f43ddf410

    SHA256

    5743b752567f711668176290c4cc4742d92cf3583faa6c2573e93c0b08d231dd

    SHA512

    42d49b51171dc95afe63d3a33a1f8a1efb464a2b597ced023c5e2bf418cdcbc33990a09514bfb5c942c8ee619fc94486a6f95396258b762fc6d17642b9a566cc

    Download Submit

  • /data/data/com.xinobideveloper.installer/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫
    Filesize

    10.2MB

    MD5

    f5a9acc34c161ad07541a490e017815f

    SHA1

    2d39da94b8f524aa72673fce0d8c0e8ed746ed3f

    SHA256

    6e232e6a382295a46e17bf6558605302d9f35049d711cf77799a0cb399f5fffe

    SHA512

    9227120570292e7ee7a9d85228957469b6eb79a9b9979c65d95f8a164f8cc10130926757aab6b161db1d6ad57b885e437af185112833ea31c7799b7c0ba64a9f

    Download Submit

  • /data/data/com.xinobideveloper.installer/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫.
    Filesize

    8B

    MD5

    437be17a9e715f52e0dc60de73054b64

    SHA1

    0828a1befab6af6d1ec94478d3e2b6d61509ae45

    SHA256

    350d088db5cf2f2040447153b25216ebd99803b41d71f2e41d0349eca6f6dbd2

    SHA512

    7e2a61dff563ef2c112d9660447956dd20e355e8b3473c5478491a50ceb285fc2a589c37bfd49de2910fae1dd25c320cbbc79c81210b2b68eb09e6ef161b4154

    Download Submit