Overview

overview

10

Static

static

8

Android APK

android_x64

10

Resubmissions

14-02-2024 07:37

240214-jfx3zaea42 10

10-09-2021 11:39

210910-nsawesdbcl 10

Analysis

  • max time kernel
    3481380s
  • max time network
    41s
  • platform
    android_x64
  • resource
    android-x64
  • submitted
    10-09-2021 11:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dd8a5a1a8632d661f152f435b7afba825e474ec0d03d1c5ef8669fdc2b484165.apk

  • Size

    2.9MB

  • MD5

    1698651d6b8fd95574f62b046b4f68e5

  • SHA1

    ed0558bbfd7929cb4a28d6b095f68f26fcea4370

  • SHA256

    dd8a5a1a8632d661f152f435b7afba825e474ec0d03d1c5ef8669fdc2b484165

  • SHA512

    74d932cda56d661ade9dbf4ebcb0c092bee262a5475eded9b98010d00a97cbb6dc2083948e6ca568b238c1a801e52f096df35daa76160bfa8683bab41eb046a9

Score
10/10
sovabankerinfostealerobfuscationtrojan

Malware Config

Signatures

  • Sova

    Android banker first seen in July 2021.

    bankertrojaninfostealersova
  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Requests enabling of the accessibility settings. 1 IoCs
  • Looks up external IP address via web service 1 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Uses reflection 7 IoCs
    obfuscation

Processes

  • com.clqg.sbtkqsb.ixrooga
    1⤵
    • Loads dropped Dex/Jar
    • Requests enabling of the accessibility settings.
    • Uses reflection
    PID:3673

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads