Overview

overview

10

Static

static

7

coba.apk

android_x86

10

coba.apk

android_x64

10

coba.apk

android_x64

10

Analysis

  • max time kernel
    2107983s
  • max time network
    68s
  • platform
    android_x86
  • resource
    android-x86-arm
  • submitted
    21-01-2022 17:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    coba.apk

  • Size

    7.6MB

  • MD5

    3c34283a5d814f161cb9478decfbcf24

  • SHA1

    071268de04cb1247c53ee24b3c7f1ddf4c8531cc

  • SHA256

    f46f1cfa313cdfacd0bb26a070d16f866d2f88c5e62da386966a921556024a48

  • SHA512

    5877ed100597cf92319d0268467ad283f44d2d408b3a8a4de8a8bd2c722a5cda4c0b0a0fd24fc9b7be2995018606116e440dcebd42c0f5044f8ddc2b0dd85def

Score
10/10
hydrabankerinfostealertrojan

Malware Config

Signatures

  • Hydra

    Android banker and info stealer.

    bankertrojaninfostealerhydra
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.

Processes

  • com.dzaslbss.pslfahl
    1⤵
    • Loads dropped Dex/Jar
    PID:5027
    • com.dzaslbss.pslfahl
      2⤵
        PID:5123
      • /system/bin/dex2oat
        2⤵
        • Loads dropped Dex/Jar
        PID:5123
      • com.dzaslbss.pslfahl
        2⤵
          PID:5554
        • toolbox
          2⤵
            PID:5554
          • com.dzaslbss.pslfahl
            2⤵
              PID:5602
            • /system/bin/sh
              2⤵
                PID:5602
              • /system/bin/ndk_translation_program_runner_binfmt_misc
                2⤵
                  PID:5602
                • com.dzaslbss.pslfahl
                  2⤵
                    PID:5684
                  • /system/bin/sh
                    2⤵
                      PID:5684
                    • /system/bin/ndk_translation_program_runner_binfmt_misc
                      2⤵
                        PID:5684
                        • /system/bin/ndk_translation_program_runner_binfmt_misc
                          3⤵
                            PID:5740
                      • /system/bin/ndk_translation_program_runner_binfmt_misc
                        1⤵
                          PID:5756

                        Network

                        MITRE ATT&CK Matrix

                        Replay Monitor

                        Loading Replay Monitor...

                        Downloads

                        • /data/user/0/com.dzaslbss.pslfahl/fagGIuygyg/hgT898ytffIygug/base.apk.UkGgHkh1.Gff
                          MD5

                          c67a1ff146394a47cfc8a4be4c7cfb99

                          SHA1

                          e5a92b1a2108f8455fc009a33d73f37d6a56c637

                          SHA256

                          1b62212d4249fc42105d640047a335c8f84e77d9422c8dcdd2cf367d0198a85d

                          SHA512

                          0f187d80ad4acb1823915ec5e4ab665c53d8f87bec2c6e824f6049a368eccc822203de76d6ce92254eaf03d4ecb45674ed7888553c230e2cf18893239f1fa7c1

                          Download Submit

                        • /data/user/0/com.dzaslbss.pslfahl/fagGIuygyg/hgT898ytffIygug/base.apk.UkGgHkh1.Gff
                          MD5

                          4574bc1a915418d5fc3507b80d28066d

                          SHA1

                          c668042653df25a5827a3989449d28e0541c5bfc

                          SHA256

                          b662d9b02eb5a70ca6408875a532b27541a521a721c490529b013d90ebcd8a18

                          SHA512

                          ed032f08f1246f306fd338eaa622e3d284f83f7eab6d3b956fa2d53ce059dc4c0eb41f9d5a8e26ef1ce9324c33dde4a334e52282cda0e96deda60faa098a36bd

                          Download Submit