Analysis
-
max time kernel
7002s -
max time network
44s -
platform
android_x64 -
resource
android-x64 -
submitted
01-08-2021 06:28
Static task
static1
Behavioral task
behavioral1
Sample
86207_Video_Oynatıcı.apk
Resource
android-x86-arm
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
86207_Video_Oynatıcı.apk
Resource
android-x64-arm64
0 signatures
0 seconds
Behavioral task
behavioral3
Sample
86207_Video_Oynatıcı.apk
Resource
android-x64
0 signatures
0 seconds
General
-
Target
86207_Video_Oynatıcı.apk
-
Size
2.6MB
-
MD5
be3f91e3c4126d50cd746d11a169ddab
-
SHA1
627c358b17a0221d9d856a1d3d229f6f19e8acf7
-
SHA256
3e69bc260954f7afcd9a36dcfd1a93e9d24ca680bbc370913c023f70d1e761b1
-
SHA512
c343a7c079289afa50cf76d416ae7d646214bfe79ed20b1dc4e91bb682e94a4d136fbc350b7fa5ef41ade33244dfb943358354eded2052fd875edb81f4dddea2
Score
10/10
Malware Config
Signatures
-
Hydra
Android banker and info stealer.
-
Loads dropped Dex/Jar 1 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/user/0/com.hzjvbika.mjfcpqt/code_cache/secondary-dexes/base.apk.classes1.zip 3767 com.hzjvbika.mjfcpqt -
Uses reflection 3 IoCs
description pid Process Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE 3767 com.hzjvbika.mjfcpqt Acesses field javax.security.auth.x500.X500Principal.thisX500Name 3767 com.hzjvbika.mjfcpqt Acesses field javax.security.auth.x500.X500Principal.thisX500Name 3767 com.hzjvbika.mjfcpqt