hydra | 20c9ada9d408cd2a2e8202574deb7e0ceb04b9366884a4364c1ab8197d91748e

Analysis

Target

26574_Video_Oynatıcı.apk
Size

3.8MB
MD5

5cb878467cbb030bbaf09c6f6ab524f4
SHA1

383e2f00b78eee433a9e8a2a3273e2fc15e52cfc
SHA256

20c9ada9d408cd2a2e8202574deb7e0ceb04b9366884a4364c1ab8197d91748e
SHA512

898058050b56d99cf22170c0fd7e5a142a7f3304da40fda1d3bd130b6672d0d3dd51448a29ea6e49218b083ee01f88134b8f9816411bdf774c1724f830096192

Score

10^/10

Family

hydra

http://lolamaefarmer5823.online

Loads dropped Dex/Jar 1 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.hagehdqn.jkldglx/gkfcfJfunu/vufbnkUfjtnz8bg/base.apk.fbbwxtf1.vgh	3725	com.hagehdqn.jkldglx

Reads name of network operator 1 IoCs

Uses Android APIs to discover system information.

description	ioc	Process
Framework API call	android.telephony.TelephonyManager.getNetworkOperatorName	com.hagehdqn.jkldglx

Uses reflection 3 IoCs

obfuscation

description	pid	Process
Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE	3725	com.hagehdqn.jkldglx
Acesses field javax.security.auth.x500.X500Principal.thisX500Name	3725	com.hagehdqn.jkldglx
Acesses field javax.security.auth.x500.X500Principal.thisX500Name	3725	com.hagehdqn.jkldglx