Analysis
-
max time kernel
6763s -
platform
android_x86 -
resource
android-x86-arm -
submitted
01-08-2021 06:27
Static task
static1
Behavioral task
behavioral1
Sample
01836_Video_Oynatıcı.apk
Resource
android-x86-arm
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
01836_Video_Oynatıcı.apk
Resource
android-x64-arm64
0 signatures
0 seconds
Behavioral task
behavioral3
Sample
01836_Video_Oynatıcı.apk
Resource
android-x64
0 signatures
0 seconds
General
-
Target
01836_Video_Oynatıcı.apk
-
Size
2.6MB
-
MD5
5f08b7472011f988eb20f0b9619408a4
-
SHA1
35f6b95f50b8a4dd63a4e353b7e92deec0216f5b
-
SHA256
8e6271b1777abb0402a1b08bda491a17e4743d57053e312f3ff8918fb0dcfb55
-
SHA512
db54bce5751f89c764d6843c44d325b4cf7efdb17721ea4902a47175337acecb38c115e62e254b8cc8275d1de65a0d025212b3649629460b35d61f2d5b3a2e49
Score
10/10
Malware Config
Signatures
-
Hydra
Android banker and info stealer.
-
Loads dropped Dex/Jar 2 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/user/0/com.zhnfylbf.qdbnohw/code_cache/secondary-dexes/base.apk.classes1.zip 4898 /system/bin/dex2oat /data/user/0/com.zhnfylbf.qdbnohw/code_cache/secondary-dexes/base.apk.classes1.zip 4866 com.zhnfylbf.qdbnohw -
Requests enabling of the accessibility settings. 1 IoCs
description ioc Process Intent action android.settings.ACCESSIBILITY_SETTINGS com.zhnfylbf.qdbnohw -
Uses reflection 1 IoCs
description pid Process Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE 4866 com.zhnfylbf.qdbnohw