Overview

overview

10

Static

static

7

bawag.apk

android_x86

10

bawag.apk

android_x64

10

bawag.apk

android_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bawag.apk

  • Size

    6.1MB

  • Sample

    220203-l4xs8afcbl

  • MD5

    f0db0430dc99ea4ec1099d7511f1677d

  • SHA1

    49f57f37ae162de72603b0aecc0b5979133819d2

  • SHA256

    a7f6a3bdcc8049e70ee08fa5e67966e83f6624b0231024dc20eeaad948307681

  • SHA512

    54c00ed3d0444a15b732e7427a1aa675803140e8ee4b183f311c075e2395e04d52bef5648d107e1ccf0002fe2d2e8990a118c3cf0a446a21ce13a0009821c41c

Score
10/10
hydraandroidbankerinfostealertrojan

Malware Config

Targets

    • Target

      bawag.apk

    • Size

      6.1MB

    • MD5

      f0db0430dc99ea4ec1099d7511f1677d

    • SHA1

      49f57f37ae162de72603b0aecc0b5979133819d2

    • SHA256

      a7f6a3bdcc8049e70ee08fa5e67966e83f6624b0231024dc20eeaad948307681

    • SHA512

      54c00ed3d0444a15b732e7427a1aa675803140e8ee4b183f311c075e2395e04d52bef5648d107e1ccf0002fe2d2e8990a118c3cf0a446a21ce13a0009821c41c

    Score
    10/10
    hydrabankerinfostealertrojan

    • Hydra

      Android banker and info stealer.

      bankertrojaninfostealerhydra

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Reads information about phone network operator.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks