Overview

overview

10

Static

static

7

bawag-psk.apk

android_x86

10

bawag-psk.apk

android_x64

10

bawag-psk.apk

android_x64

10

Resubmissions

02-02-2022 15:07

220202-shh69saden 10

02-02-2022 12:20

220202-phr8dshhgj 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bawag-psk.apk

  • Size

    5.2MB

  • Sample

    220202-shh69saden

  • MD5

    808d04a446489dd95be086b58ea05349

  • SHA1

    0a0f78b8c67dff543aa521c40825038871b2c388

  • SHA256

    6180ced96b5f13d0fa66fc76e9a390fd134462da158cef5073e5204bcacaba6f

  • SHA512

    f7c131227ef92a0c7c59bc5ebabb3365e06e230836605dca517fe6266322f88b32ce3eb407ebb03cb5add5e7f70dcae4c85fe7a62159f5020b633a27f034dfc2

Score
10/10
hydraandroidbankerinfostealertrojan

Malware Config

Targets

    • Target

      bawag-psk.apk

    • Size

      5.2MB

    • MD5

      808d04a446489dd95be086b58ea05349

    • SHA1

      0a0f78b8c67dff543aa521c40825038871b2c388

    • SHA256

      6180ced96b5f13d0fa66fc76e9a390fd134462da158cef5073e5204bcacaba6f

    • SHA512

      f7c131227ef92a0c7c59bc5ebabb3365e06e230836605dca517fe6266322f88b32ce3eb407ebb03cb5add5e7f70dcae4c85fe7a62159f5020b633a27f034dfc2

    Score
    10/10
    hydrabankerinfostealertrojan

    • Hydra

      Android banker and info stealer.

      bankertrojaninfostealerhydra

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Reads information about phone network operator.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks