Analysis
-
max time kernel
977151s -
platform
android_x86 -
resource
android-x86-arm -
submitted
12/08/2021, 11:59 UTC
Static task
static1
Behavioral task
behavioral1
Sample
20753_Video_Oynatıcı.apk
Resource
android-x86-arm
0 signatures
0 seconds
General
-
Target
20753_Video_Oynatıcı.apk
-
Size
3.0MB
-
MD5
7d4fbe19dceb54f2d090926ed3cd29aa
-
SHA1
0d235b7345fc3672c8fbd8d980f5598b643ff7e1
-
SHA256
0a50cbf672d0be762bc86f72fe6d9b02c025ee7cb78c60bde53ccbccb6a88857
-
SHA512
fa4a72357d5f8958040a7bd1c7f8794b21c9ccaca593ccc990aa0cd47800549cf93c570121c433dacf005b32dcd68b7ee067bddc2e0f904491598d6c15d9cf61
Score
10/10
Malware Config
Signatures
-
Hydra
Android banker and info stealer.
-
Loads dropped Dex/Jar 2 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/user/0/com.xormiofc.nbeyqyw/code_cache/secondary-dexes/base.apk.classes1.zip 4772 /system/bin/dex2oat /data/user/0/com.xormiofc.nbeyqyw/code_cache/secondary-dexes/base.apk.classes1.zip 4740 com.xormiofc.nbeyqyw -
Uses reflection 1 IoCs
description pid Process Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE 4740 com.xormiofc.nbeyqyw