Overview

overview

10

Static

static

7

bawag-psk.apk

android_x86

10

bawag-psk.apk

android_x64

10

bawag-psk.apk

android_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bawag-psk.apk

  • Size

    5.2MB

  • Sample

    220202-hxm4nahddn

  • MD5

    c6797facaa0c79a3186387ee65219866

  • SHA1

    6576ea2be110d383b2ca04722dda635814bc565e

  • SHA256

    f5ebbc1b6bdf423b74ec36c8674c4a1b9b4da15603607df21608a99915aa8658

  • SHA512

    3a4beb10587392889385f5965866b7d123e5823664bfc6b146c9f2331e38ed59901057cb9134e13e7f4a427d757acd4cacb8671f0ad5fe616028af2e3e04d887

Score
10/10
hydraandroidbankerinfostealertrojan

Malware Config

Targets

    • Target

      bawag-psk.apk

    • Size

      5.2MB

    • MD5

      c6797facaa0c79a3186387ee65219866

    • SHA1

      6576ea2be110d383b2ca04722dda635814bc565e

    • SHA256

      f5ebbc1b6bdf423b74ec36c8674c4a1b9b4da15603607df21608a99915aa8658

    • SHA512

      3a4beb10587392889385f5965866b7d123e5823664bfc6b146c9f2331e38ed59901057cb9134e13e7f4a427d757acd4cacb8671f0ad5fe616028af2e3e04d887

    Score
    10/10
    hydrabankerinfostealertrojan

    • Hydra

      Android banker and info stealer.

      bankertrojaninfostealerhydra

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Reads information about phone network operator.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks