Overview

overview

10

Static

static

7

easybank.apk

android_x86

10

easybank.apk

android_x64

10

easybank.apk

android_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    easybank.apk

  • Size

    3.3MB

  • Sample

    220404-n4kj1ahghl

  • MD5

    0be21ed38f88c3bf697a3bcd6b223eb7

  • SHA1

    da6e3303184c21a5bbda6db09dba07147d244ba2

  • SHA256

    8c2a2324ad2210b46b74c9addd35c14c96da10052e97b205071ab59a8b1b17ba

  • SHA512

    6130452648c06f7922a3f5e9edfa30d75974d05440b3584fd1a71837aaa457c129ea0bd0fecd8b1414b86d861211771d597c3f2a4ffe84a9d50d1a287172e120

Score
10/10
hydraandroidbankerinfostealertrojan

Malware Config

Targets

    • Target

      easybank.apk

    • Size

      3.3MB

    • MD5

      0be21ed38f88c3bf697a3bcd6b223eb7

    • SHA1

      da6e3303184c21a5bbda6db09dba07147d244ba2

    • SHA256

      8c2a2324ad2210b46b74c9addd35c14c96da10052e97b205071ab59a8b1b17ba

    • SHA512

      6130452648c06f7922a3f5e9edfa30d75974d05440b3584fd1a71837aaa457c129ea0bd0fecd8b1414b86d861211771d597c3f2a4ffe84a9d50d1a287172e120

    Score
    10/10
    hydrabankerinfostealertrojan

    • Hydra

      Android banker and info stealer.

      bankertrojaninfostealerhydra

    • Hydra Payload

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Legitimate hosting services abused for malware hosting/C2

    • Reads information about phone network operator.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks