Overview

overview

10

Static

static

7

a1.apk

android_x86

10

a1.apk

android_x64

10

a1.apk

android_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a1.apk

  • Size

    5.5MB

  • Sample

    220215-kg1qxscgh8

  • MD5

    99c0124bd826def2b7061ce7ff37b2e3

  • SHA1

    0217ace39fe25d09fa3ffad7594b3ab954aba097

  • SHA256

    26845b2bcec8c8d0bf31ca021ddc631c99a10fbeeaa4ddbbc9bdc73de1bb3a2c

  • SHA512

    d4b81e7c67b90eec445ecb6edb994b5419f9ed11cb83b6d1ea6702f6fbd67d92f32d349ce9a47c110b3ecdf7b3f5ba5212891e3caf1a28352c73ec959cef5740

Score
10/10
hydraandroidbankerinfostealertrojan

Malware Config

Targets

    • Target

      a1.apk

    • Size

      5.5MB

    • MD5

      99c0124bd826def2b7061ce7ff37b2e3

    • SHA1

      0217ace39fe25d09fa3ffad7594b3ab954aba097

    • SHA256

      26845b2bcec8c8d0bf31ca021ddc631c99a10fbeeaa4ddbbc9bdc73de1bb3a2c

    • SHA512

      d4b81e7c67b90eec445ecb6edb994b5419f9ed11cb83b6d1ea6702f6fbd67d92f32d349ce9a47c110b3ecdf7b3f5ba5212891e3caf1a28352c73ec959cef5740

    Score
    10/10
    hydrabankerinfostealertrojan

    • Hydra

      Android banker and info stealer.

      bankertrojaninfostealerhydra

    • Makes use of the framework's Accessibility service.

    • Checks Qemu related system properties.

      Checks for Android system properties related to Qemu for Emulator detection.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Reads information about phone network operator.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks