Extracted

• • Target

    Google_chrome.apk

  • Size

    2.5MB

  • MD5

    2cd5f2c9f3bf4b0070479446a6c38597

  • SHA1

    f3efb1aa48d6c6e5c75d977c3b2712ee862505cb

  • SHA256

    734605a1f30870dd8fb211c8afd53afa71b3fcb138094f589098d799e589e99b

  • SHA512

    75a958e097472b88d124c1ce98cbdc3255bca13ddbb1784def9d98ab2fab965e3281777378af08b17f13e64c887a5496832c7cbc95cfd47ce0af382e90a186c6

  • SSDEEP

    49152:JsxNWnuixVhcnaoipPckKfNFBwA3QMhmGU6Os0y2NvjxwLw9:saujndwylFBwAASlUTs0ZrW8

  Score

  10^/10

  hydrabankerinfostealertrojan

  • Hydra

    Android banker and info stealer.

    bankertrojaninfostealerhydra

  • Hydra payload

  • Makes use of the framework's Accessibility service.

  • Loads dropped Dex/Jar

    Runs executable file dropped to the device during analysis.

  • Requests enabling of the accessibility settings.

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Reads information about phone network operator.

  behavioral1behavioral2