Overview

overview

10

Static

static

7

genryFok_build.apk

android-9-x86

1

genryFok_build.apk

android-10-x64

10

genryFok_build.apk

android-11-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    genryFok_build.apk

  • Size

    3.1MB

  • Sample

    220802-g4aw8sdbal

  • MD5

    0474a037018fdd6993258e197c38ae5b

  • SHA1

    4e0674b3ff4597ef2c31a26ec66bad7bad072e5d

  • SHA256

    1da384d97e0706d3478453fdf89a9b1f255aeeead52b166f53355c2dbfcfe50a

  • SHA512

    ac7e95e92c73384c3a088ad0fc4caac8018f463d3d6b9686092184cc9d8d81d56b70693c661de88d566e99b898bdb37662650a0e1e2b23dd74c517e7f950cab6

Score
10/10
hydraandroidbankerinfostealertrojan

Malware Config

Targets

    • Target

      genryFok_build.apk

    • Size

      3.1MB

    • MD5

      0474a037018fdd6993258e197c38ae5b

    • SHA1

      4e0674b3ff4597ef2c31a26ec66bad7bad072e5d

    • SHA256

      1da384d97e0706d3478453fdf89a9b1f255aeeead52b166f53355c2dbfcfe50a

    • SHA512

      ac7e95e92c73384c3a088ad0fc4caac8018f463d3d6b9686092184cc9d8d81d56b70693c661de88d566e99b898bdb37662650a0e1e2b23dd74c517e7f950cab6

    Score
    10/10
    hydrabankerinfostealertrojan

    • Hydra

      Android banker and info stealer.

      bankertrojaninfostealerhydra

    • Hydra payload

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Legitimate hosting services abused for malware hosting/C2

    • Reads information about phone network operator.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks