Overview

overview

10

Static

static

8

49506_Vide...ı.apk

android_x86

10

49506_Vide...ı.apk

android_x64

10

49506_Vide...ı.apk

android_x64

10

Resubmissions

23-08-2021 13:20

210823-sasf23rl4j 10

23-08-2021 13:15

210823-4cqyd4seh2 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    49506_Video_Oynatıcı.apk

  • Size

    3.2MB

  • Sample

    210823-sasf23rl4j

  • MD5

    45830da853df876cc3e46716c7da738b

  • SHA1

    cfac92065b0d115504e008683ec792e8ddc54925

  • SHA256

    ae6f5521304808c1871efeb9168ad649aa4996c9c55909c6c3580f43203a40b1

  • SHA512

    818de822cfb48c302f40990407914d5408d261dbad23541b2c8a458917995cfd26768b142943bd552302157ad71d45c92707fa1107bbacc4db87c4dd50e24917

Score
10/10
hydraandroidbankerinfostealerobfuscationtrojan

Malware Config

Targets

    • Target

      49506_Video_Oynatıcı.apk

    • Size

      3.2MB

    • MD5

      45830da853df876cc3e46716c7da738b

    • SHA1

      cfac92065b0d115504e008683ec792e8ddc54925

    • SHA256

      ae6f5521304808c1871efeb9168ad649aa4996c9c55909c6c3580f43203a40b1

    • SHA512

      818de822cfb48c302f40990407914d5408d261dbad23541b2c8a458917995cfd26768b142943bd552302157ad71d45c92707fa1107bbacc4db87c4dd50e24917

    Score
    10/10
    hydrabankerinfostealerobfuscationtrojan

    • Hydra

      Android banker and info stealer.

      bankertrojaninfostealerhydra

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests enabling of the accessibility settings.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Reads name of network operator

      Uses Android APIs to discover system information.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks