Analysis
-
max time kernel
3533739s -
max time network
39s -
platform
android_x64 -
resource
android-x64 -
submitted
23-07-2021 09:07
General
-
Target
Vodafone-Netz.apk
-
Size
4.9MB
-
MD5
43245acd2bfc4fb651961933a72da0ad
-
SHA1
37b5b34250fe930132de9c4bd9efd1b6e5f3f0fa
-
SHA256
c393f0f03013dc249481462e58fa90c2cec561dc5cf4f9687930d1da8460bcbc
-
SHA512
d4ea92b758dcecba74309f31d17d54a1e9c9d4e2e3efafe6b05e3028d85f87fb501c90b1d3d9836c2bfa8362edd913f641efd0176d79fcd61fb15d4247eb6667
Malware Config
Extracted
hydra
https://sendmehere.site
Signatures
-
Hydra
Android banker and info stealer.
-
Hydra Payload 1 IoCs
-
Loads dropped Dex/Jar 2 IoCs
Runs executable file dropped to the device during analysis.
-
Uses reflection 3 IoCs
Processes
-
legal.advice.rigid1⤵
- Loads dropped Dex/Jar
- Uses reflection
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/legal.advice.rigid/app_DynamicOptDex/FJTIZ.jsonMD5
176b0149a0edd8497b8ce47da5bded0f
SHA1e3f6924c93e17bfb48c3f9b9c1ebcc067c355d04
SHA2564a6c409a0126c6ee43644d9f304e1676b47397d48dacb73aa14ad21489769b96
SHA512c5023df2dd812995bb006dde0c103d1885e53b6b270bb7134f315163fe227ae137f8f6737ce8f74defd1b069445897bc1f9bf4b11109bca1c73349ddded847a1
-
/data/user/0/legal.advice.rigid/app_DynamicOptDex/FJTIZ.jsonMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
/data/user/0/legal.advice.rigid/app_DynamicOptDex/FJTIZ.jsonMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
/data/user/0/legal.advice.rigid/app_DynamicOptDex/oat/FJTIZ.json.cur.profMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
/data/user/0/legal.advice.rigid/shared_prefs/pref_name_setting.xmlMD5
7c8fa82902cbb7036226d24d057d01da
SHA1cc877e1552bac5030ab39a1a2181d29d16a25e8c
SHA256165973f01a019801f611ac01266629ce4493978db218fc8ce453ee3a4c408a71
SHA512b507bac73a599cc8799214a9c2f8432ef04c83637cb529d72cfdf002db9d6ad8c6811f6b4617f05f69f9906e3faafac6d3d6415a8426ce608064341184a2228c
-
/data/user/0/legal.advice.rigid/shared_prefs/pref_name_setting.xmlMD5
3c199cff7e727002c04cd45c0e6b847e
SHA14ed73f1ab49b3e0cc5c7b643e8677278bbce3a29
SHA256646310da36ffe852495db6c1139665d4e84e4022710491cd9a314a4f6d81c0ed
SHA512732608c818dc77fb0025e4a91247519221a4d397fd1299ba6547e0ef9a5fa3e59a9ef0a167e81b6e759fe32768f578ea2cb5841722b32963e5d01e27e0c7d31c
-
/data/user/0/legal.advice.rigid/shared_prefs/prefs30.xmlMD5
12d6ab1d27552f5788e1667ec0eb1360
SHA1f0c1a775a55b7bb45fe65579b526cf4360c0c4d6
SHA25652e178aa40fd1c71b3a4e8fdfb73fba744ac754430d94697f4d2aaa6823c0d18
SHA51287eb0dba3f5fbb8801a5b8a07849c8634698d64333f77d548f4596221d2f3d7cba7288ebb0fe0b7f9357add2636b07c6e9cd24aa887dd6cce6d22a1b7e2d3d32