Overview

overview

10

Static

static

8

Android APK

android_x64

10

Analysis

  • max time kernel
    3481444s
  • max time network
    141s
  • platform
    android_x64
  • resource
    android-x64
  • submitted
    10-09-2021 11:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8a6889610a18296e812fabd0a4ceb8b75caadc5cec1b39e8173c3e0093fd3a57.apk

  • Size

    569KB

  • MD5

    01b6f0220794476fe19a54c049600ab3

  • SHA1

    eb9dfde47a393bca666e947f285f16c20baf6c32

  • SHA256

    8a6889610a18296e812fabd0a4ceb8b75caadc5cec1b39e8173c3e0093fd3a57

  • SHA512

    ac3031a6dbc5bb0d1e609979336487f14efe58f8e87480e5ef7f79c2abae56977ca444bbb5bbc7970d9c416f9c754b9fedf2bdef3b7b311c2e95e07350f9c892

Score
10/10
sovabankerinfostealerobfuscationtrojan

Malware Config

Signatures

  • Sova

    Android banker first seen in July 2021.

    bankertrojaninfostealersova
  • Requests enabling of the accessibility settings. 1 IoCs
  • Looks up external IP address via web service 1 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Uses reflection 6 IoCs
    obfuscation

Processes

  • com.adobe.flashplayer
    1⤵
    • Requests enabling of the accessibility settings.
    • Uses reflection
    PID:3590

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads