Overview

overview

10

Static

static

7

afe9d5ea1d...08.apk

android_x86

10

afe9d5ea1d...08.apk

android_x64

10

afe9d5ea1d...08.apk

android_x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    afe9d5ea1d5b43b83c35ec40464a1dbe05ffeb563c059cba0b8e153a90d87e08

  • Size

    4.7MB

  • Sample

    220516-tvsf5sadh8

  • MD5

    0463719b17d6d11d364aefe067669468

  • SHA1

    e7dc170ecb885081a95c9ca6940bbb2b8c6d2ae9

  • SHA256

    afe9d5ea1d5b43b83c35ec40464a1dbe05ffeb563c059cba0b8e153a90d87e08

  • SHA512

    b97a43174028b3ded889f0f3c77947b847da2a45d81a8fd03b4057c7e1f3c3de91488c3c85beb99ecdca55ed55669e6418d05cc1b653676cd4a1afd1660aa8f7

Score
10/10
hydraandroidbankerinfostealertrojan

Malware Config

Targets

    • Target

      afe9d5ea1d5b43b83c35ec40464a1dbe05ffeb563c059cba0b8e153a90d87e08

    • Size

      4.7MB

    • MD5

      0463719b17d6d11d364aefe067669468

    • SHA1

      e7dc170ecb885081a95c9ca6940bbb2b8c6d2ae9

    • SHA256

      afe9d5ea1d5b43b83c35ec40464a1dbe05ffeb563c059cba0b8e153a90d87e08

    • SHA512

      b97a43174028b3ded889f0f3c77947b847da2a45d81a8fd03b4057c7e1f3c3de91488c3c85beb99ecdca55ed55669e6418d05cc1b653676cd4a1afd1660aa8f7

    Score
    10/10
    hydrabankerinfostealertrojan

    • Hydra

      Android banker and info stealer.

      bankertrojaninfostealerhydra

    • Hydra Payload

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Reads information about phone network operator.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks