Overview

overview

10

Static

static

7

5cb252c70a...77.apk

android_x86

10

5cb252c70a...77.apk

android_x64

10

5cb252c70a...77.apk

android_x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5cb252c70a223901b3005816ddd87a0e7e67f32bb44af63cb6dc1482f9bcd577

  • Size

    4.6MB

  • Sample

    220516-tvtdfaadh9

  • MD5

    04740989c14ab33a2ff2696db96d0c1f

  • SHA1

    997b7fa513c2c6ecce1247f129da6680e8a4c97b

  • SHA256

    5cb252c70a223901b3005816ddd87a0e7e67f32bb44af63cb6dc1482f9bcd577

  • SHA512

    fa1a714626215f057007bc5759b5ba6b0108da6c08f331643322ff05195ffa0929c1be2377e612c06fe427e9c643611eb6805251ef29fe3fbacd18cdcf117a28

Score
10/10
hydraandroidbankerinfostealertrojan

Malware Config

Targets

    • Target

      5cb252c70a223901b3005816ddd87a0e7e67f32bb44af63cb6dc1482f9bcd577

    • Size

      4.6MB

    • MD5

      04740989c14ab33a2ff2696db96d0c1f

    • SHA1

      997b7fa513c2c6ecce1247f129da6680e8a4c97b

    • SHA256

      5cb252c70a223901b3005816ddd87a0e7e67f32bb44af63cb6dc1482f9bcd577

    • SHA512

      fa1a714626215f057007bc5759b5ba6b0108da6c08f331643322ff05195ffa0929c1be2377e612c06fe427e9c643611eb6805251ef29fe3fbacd18cdcf117a28

    Score
    10/10
    hydrabankerinfostealertrojan

    • Hydra

      Android banker and info stealer.

      bankertrojaninfostealerhydra

    • Hydra Payload

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Reads information about phone network operator.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks