Overview

overview

10

Static

static

7

FlashPlayerV1.apk

android_x86

10

FlashPlayerV1.apk

android_x64

10

FlashPlayerV1.apk

android_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    FlashPlayerV1.apk

  • Size

    2.7MB

  • Sample

    220519-kcvdcadaf8

  • MD5

    dc09a6ce2314a97a4515df60a3628daa

  • SHA1

    f00e5ddd740e8bfc996a03258efe4fd9445afc2d

  • SHA256

    b7440319d58586bd84fcbce0573ec9c424fc5e8203f16a45bc689b035561d22c

  • SHA512

    8fbab5efe65d29961f1c91c0499578d531ef5651ca7d70d9e28f365318408fb29cb1758e68c1364236f3c8860d9c0963eaa703fcb75de27bf0763e49f99af40d

Score
10/10
hydraandroidbankerinfostealertrojan

Malware Config

Targets

    • Target

      FlashPlayerV1.apk

    • Size

      2.7MB

    • MD5

      dc09a6ce2314a97a4515df60a3628daa

    • SHA1

      f00e5ddd740e8bfc996a03258efe4fd9445afc2d

    • SHA256

      b7440319d58586bd84fcbce0573ec9c424fc5e8203f16a45bc689b035561d22c

    • SHA512

      8fbab5efe65d29961f1c91c0499578d531ef5651ca7d70d9e28f365318408fb29cb1758e68c1364236f3c8860d9c0963eaa703fcb75de27bf0763e49f99af40d

    Score
    10/10
    hydrabankerinfostealertrojan

    • Hydra

      Android banker and info stealer.

      bankertrojaninfostealerhydra

    • Hydra Payload

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Legitimate hosting services abused for malware hosting/C2

    • Reads information about phone network operator.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks