General

  • Target

    Telekom-Netz.apk

  • Size

    4.8MB

  • Sample

    210726-sh7dh5qgyx

  • MD5

    7e0fb2f9a44f5f0fd16b13a057073c4a

  • SHA1

    a05f51771024502c146840cd976007fa53c09ed1

  • SHA256

    65f49dd1523e0e28ff85f339142b6f36e36203e88ae969ef6e8fb8d3e48c171c

  • SHA512

    0909a1a7d883022f6afbfab5decc3841f8a1b0d0c993fb5730656eef38ee321cae2dcdf32cf11ce3650bdf33bc96f63803a424c104358131f76a9e629c224792

Malware Config

Extracted

Family

hydra

C2

https://sendmehere.site

Targets

    • Target

      Telekom-Netz.apk

    • Size

      4.8MB

    • MD5

      7e0fb2f9a44f5f0fd16b13a057073c4a

    • SHA1

      a05f51771024502c146840cd976007fa53c09ed1

    • SHA256

      65f49dd1523e0e28ff85f339142b6f36e36203e88ae969ef6e8fb8d3e48c171c

    • SHA512

      0909a1a7d883022f6afbfab5decc3841f8a1b0d0c993fb5730656eef38ee321cae2dcdf32cf11ce3650bdf33bc96f63803a424c104358131f76a9e629c224792

    • Hydra

      Android banker and info stealer.

    • Hydra Payload

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

MITRE ATT&CK Matrix

Tasks