Analysis
-
max time kernel
814582s -
max time network
1206s -
platform
android_x64 -
resource
android-x64 -
submitted
06-01-2022 17:41
Static task
static1
Behavioral task
behavioral1
Sample
FlashPlayerV3.1(1).apk
Resource
android-x64
General
-
Target
FlashPlayerV3.1(1).apk
-
Size
7.0MB
-
MD5
f69b7ddc302f84020975facf50daf491
-
SHA1
e20a189c6b1bf590dfbb959b400683c297da6434
-
SHA256
e773c45b680de89a74a82793576c736c7a4c7ac7f303567bc0f71cd4e0b50131
-
SHA512
451e05ed161df87b2c5e1ecd18d4b2d2498c5899dc2c442d1e33f37072ee15dfb16f9c87f2d0141e866f69c71bcc1632174cf1da8507ad9aede7d5e71f739545
Malware Config
Signatures
-
Hydra
Android banker and info stealer.
-
Hydra Payload 2 IoCs
Processes:
resource yara_rule /data/user/0/com.art.shove/app_DynamicOptDex/cLkDDWy.json family_hydra /data/user/0/com.art.shove/app_DynamicOptDex/cLkDDWy.json family_hydra -
Loads dropped Dex/Jar 2 IoCs
Runs executable file dropped to the device during analysis.
Processes:
com.art.shoveioc pid process /data/user/0/com.art.shove/app_DynamicOptDex/cLkDDWy.json 3811 com.art.shove /data/user/0/com.art.shove/app_DynamicOptDex/cLkDDWy.json 3811 com.art.shove -
Reads information about phone network operator.
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/com.art.shove/app_DynamicOptDex/cLkDDWy.jsonMD5
781eae6c31e8eba9a5c5d849237c82d5
SHA1d68d30809e6ad3c9b68506735134905959d6c9bb
SHA2568ca429350474111a241d88f0b577b7f184e256e3fab04e3bd48f7045eb71de8d
SHA512e73becfd50920bc9c31f8550139cda546534460f4b60498900812b8e717a6739e8c663f46a4a7d70a712918f32eba63d762cacf4f1d2b9719394a5ca7f067f40
-
/data/user/0/com.art.shove/app_DynamicOptDex/cLkDDWy.jsonMD5
781eae6c31e8eba9a5c5d849237c82d5
SHA1d68d30809e6ad3c9b68506735134905959d6c9bb
SHA2568ca429350474111a241d88f0b577b7f184e256e3fab04e3bd48f7045eb71de8d
SHA512e73becfd50920bc9c31f8550139cda546534460f4b60498900812b8e717a6739e8c663f46a4a7d70a712918f32eba63d762cacf4f1d2b9719394a5ca7f067f40