efb92fb17348eb10ba3a93ab004422c30bcf8ae72f302872e9ef3263c47133a7.apk

General
Target

efb92fb17348eb10ba3a93ab004422c30bcf8ae72f302872e9ef3263c47133a7.apk

Size

2MB

Sample

210909-2bx7aacael

Score
10 /10
MD5

03f51334546586d0b56ee81d3df9fd7a

SHA1

b45ff7ff0126a88d6782d6871c472577cb7b103c

SHA256

efb92fb17348eb10ba3a93ab004422c30bcf8ae72f302872e9ef3263c47133a7

SHA512

0024bdc9185322613bf2e081702dbeceb3efd0ba9168860ec7572890d5135cb77182923f917dccc4fbffb09a38ebc92c4f2ff527f53cbfdf29e595d77e3608d9

Malware Config
Targets
Target

efb92fb17348eb10ba3a93ab004422c30bcf8ae72f302872e9ef3263c47133a7.apk

MD5

03f51334546586d0b56ee81d3df9fd7a

Filesize

2MB

Score
10 /10
SHA1

b45ff7ff0126a88d6782d6871c472577cb7b103c

SHA256

efb92fb17348eb10ba3a93ab004422c30bcf8ae72f302872e9ef3263c47133a7

SHA512

0024bdc9185322613bf2e081702dbeceb3efd0ba9168860ec7572890d5135cb77182923f917dccc4fbffb09a38ebc92c4f2ff527f53cbfdf29e595d77e3608d9

Tags

Signatures

  • Sova

    Description

    Android banker first seen in July 2021.

    Tags

  • Loads dropped Dex/Jar

    Description

    Runs executable file dropped to the device during analysis.

  • Requests enabling of the accessibility settings.

  • Looks up external IP address via web service

    Description

    Uses a legitimate IP lookup service to find the infected system's external IP.

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          8/10