Overview

overview

10

Static

static

7

bawag-psk.apk

android_x86

10

bawag-psk.apk

android_x64

10

bawag-psk.apk

android_x64

10

Analysis

  • max time kernel
    3108315s
  • max time network
    99s
  • platform
    android_x86
  • resource
    android-x86-arm
  • submitted
    02-02-2022 07:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bawag-psk.apk

  • Size

    5.2MB

  • MD5

    c6797facaa0c79a3186387ee65219866

  • SHA1

    6576ea2be110d383b2ca04722dda635814bc565e

  • SHA256

    f5ebbc1b6bdf423b74ec36c8674c4a1b9b4da15603607df21608a99915aa8658

  • SHA512

    3a4beb10587392889385f5965866b7d123e5823664bfc6b146c9f2331e38ed59901057cb9134e13e7f4a427d757acd4cacb8671f0ad5fe616028af2e3e04d887

Score
10/10
hydrabankerinfostealertrojan

Malware Config

Signatures

  • Hydra

    Android banker and info stealer.

    bankertrojaninfostealerhydra
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Looks up external IP address via web service 1 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Reads information about phone network operator.

Processes

  • com.pepmqjty.kdwmpwq
    1⤵
    • Loads dropped Dex/Jar
    PID:5041
    • com.pepmqjty.kdwmpwq
      2⤵
        PID:5188
      • /system/bin/dex2oat
        2⤵
        • Loads dropped Dex/Jar
        PID:5188
      • com.pepmqjty.kdwmpwq
        2⤵
          PID:5425
        • toolbox
          2⤵
            PID:5425
          • com.pepmqjty.kdwmpwq
            2⤵
              PID:5479
            • /system/bin/sh
              2⤵
                PID:5479
              • /system/bin/ndk_translation_program_runner_binfmt_misc
                2⤵
                  PID:5479
                • com.pepmqjty.kdwmpwq
                  2⤵
                    PID:5670
                  • /system/bin/sh
                    2⤵
                      PID:5670
                    • /system/bin/ndk_translation_program_runner_binfmt_misc
                      2⤵
                        PID:5670
                        • /system/bin/ndk_translation_program_runner_binfmt_misc
                          3⤵
                            PID:5743
                      • /system/bin/ndk_translation_program_runner_binfmt_misc
                        1⤵
                          PID:5755

                        Network

                        MITRE ATT&CK Matrix

                        Replay Monitor

                        Loading Replay Monitor...

                        Downloads

                        • /data/user/0/com.pepmqjty.kdwmpwq/ukkgTeieyf/gu6tyyIgTupiGwU/base.apk.dfd8pji1.gha
                          MD5

                          bcb9f2993f12911c742286bd396b6302

                          SHA1

                          e1007dc5d11693673c981998509d977821109728

                          SHA256

                          eeacfbe5a17deff2fb1be6c554580bf334c535b66a8548e2e074d8eefbf56d29

                          SHA512

                          df08072ff35207d3a98ae709f99b84d6aa22002c261d8b20412cf9f1f3500524cf32d55effed95ebea42e99cd524d6dac32d8d8d39c9f8b544b0003caa6e2b79

                          Download Submit
                        • /data/user/0/com.pepmqjty.kdwmpwq/ukkgTeieyf/gu6tyyIgTupiGwU/base.apk.dfd8pji1.gha
                          MD5

                          40d8bd1065175ce3b95f78d423b3cedd

                          SHA1

                          7248e83bcd002a7cad7e1a249edbe0839c27c1b6

                          SHA256

                          5223cdeb9490f6cf1ad3626b152364b715d82ef2e276316e6452d392417ea187

                          SHA512

                          9545b41dd3c17b906360ad2448f1571debb4542398512506ae65e1f64c85d928e8f94f19badbf9d9acb38ce5fc44a028cca124fe16574b0dc5dd4f85d598940d

                          Download Submit