General
-
Target
519977b88f3c5bbb254def1847f40da2.apk
-
Size
22.3MB
-
Sample
250415-p5g1yaysa1
-
MD5
519977b88f3c5bbb254def1847f40da2
-
SHA1
f617f3124f7dcfe05a4f151d088c6d7f0b7db434
-
SHA256
a769c40ce48a38eed8897447081fc002d567535943befc4b51d866d134953588
-
SHA512
8aadc486c30bd651a12a96326419a5a161cbf08f78422b824e9fdfb817d92474fd79d23ef648fde9eba503ad994150f7a313ace444de8efb10120086df8a5779
-
SSDEEP
196608:0PTzrvsyWfkpQjfEOijaDSurXbOlLxdu6EmrRWZzzdOVZjcSpqviwh1YTY/mKd1u:0PT3jWfPOaOMbUDN8dOVZw6AikcYuCiv
Static task
static1
Behavioral task
behavioral1
Sample
519977b88f3c5bbb254def1847f40da2.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral2
Sample
519977b88f3c5bbb254def1847f40da2.apk
Resource
android-x64-20240910-en
Behavioral task
behavioral3
Sample
519977b88f3c5bbb254def1847f40da2.apk
Resource
android-x64-arm64-20240910-en
Behavioral task
behavioral4
Sample
bnl.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral5
Sample
bnl.apk
Resource
android-x64-20240910-en
Behavioral task
behavioral6
Sample
bnl.apk
Resource
android-x64-arm64-20240910-en
Behavioral task
behavioral7
Sample
hibank.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral8
Sample
hibank.apk
Resource
android-x64-20240910-en
Behavioral task
behavioral9
Sample
hibank.apk
Resource
android-x64-arm64-20240910-en
Malware Config
Extracted
bingomod
23.254.226.46
Targets
-
-
Target
519977b88f3c5bbb254def1847f40da2.apk
-
Size
22.3MB
-
MD5
519977b88f3c5bbb254def1847f40da2
-
SHA1
f617f3124f7dcfe05a4f151d088c6d7f0b7db434
-
SHA256
a769c40ce48a38eed8897447081fc002d567535943befc4b51d866d134953588
-
SHA512
8aadc486c30bd651a12a96326419a5a161cbf08f78422b824e9fdfb817d92474fd79d23ef648fde9eba503ad994150f7a313ace444de8efb10120086df8a5779
-
SSDEEP
196608:0PTzrvsyWfkpQjfEOijaDSurXbOlLxdu6EmrRWZzzdOVZjcSpqviwh1YTY/mKd1u:0PT3jWfPOaOMbUDN8dOVZw6AikcYuCiv
-
Bingomod family
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Acquires the wake lock
-
Performs UI accessibility actions on behalf of the user
Application may abuse the accessibility service to prevent their removal.
-
Queries the mobile country code (MCC)
-
Requests allowing to install additional applications from unknown sources.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-
Requests modifying system settings.
-
-
-
Target
bnl.apk
-
Size
5.2MB
-
MD5
9d0294a16cde2febdbd7aef859c7fc8b
-
SHA1
82e28e00a80187baf020ef3afbbaca6f19555e82
-
SHA256
90b8cf2581f3c10280f6351a101855b15e19ac3045e6a758a03d57719298d105
-
SHA512
233a1b43657b14a00f9ae71e6e244e16ad7d4bee81ce00c2f06a824fe130079d2ed300afd911fea5cbfc115a6b6242e6e1901d23db4a282320aebdb1aad439e7
-
SSDEEP
98304:5tvemxMTKAXhaIc6Lx2LIvREdA+aONYXa6llRhwAHB6L33PyVvxYC+ATPwFPXwVV:PvemyvgLM6dwONYXa4RDHBYUvxYTTFPe
Score1/10 -
-
-
Target
hibank.apk
-
Size
5.1MB
-
MD5
ab16f0a62bb447076a83bcd2d897f940
-
SHA1
face2eb39ebb4fb06a8360eb8909ac421ab7f28f
-
SHA256
8d5422d1756415d0cc6a087870f46f9e8f4290ee681a48700a702da38d7806c3
-
SHA512
861a077c07d5be3c5e9356a2a74bee22524f4da18b1d92429168881f0225e92df86c89c21df1e588da5de3aa5f702dfc025ddaa62cff5e4dda566c7886670467
-
SSDEEP
98304:a7V2/NhFNfLjkg1ttUO3z/ButMfjPoZ6Uq+xuA3KykBtuheMySaPwFPX+eX:a7OrfUSsOzB/jW66ayNhS2FPXPX
Score1/10 -
MITRE ATT&CK Mobile v16
Defense Evasion
Hide Artifacts
1User Evasion
1Impair Defenses
1Prevent Application Removal
1Input Injection
1Subvert Trust Controls
1Code Signing Policy Modification
1Virtualization/Sandbox Evasion
2System Checks
2Credential Access
Clipboard Data
1Input Capture
2GUI Input Capture
1Keylogging
1