sova | 3eb7efa71648ae819f1bff89399717805129487081e8261dd65bf596f2467054

Resubmissions

13-10-2022 15:48

221013-s89f5sbhen 10

06-10-2022 16:41

05-10-2022 13:53

31-08-2022 20:23

31-08-2022 20:11

31-08-2022 19:40

31-08-2022 17:36

31-08-2022 17:32

Analysis

max time kernel
2922334s
max time network
159s
platform
android_x64
resource
android-x64-20220823-en
resource tags

androidarch:x64arch:x86image:android-x64-20220823-enlocale:en-usos:android-10-x64system
submitted
06-10-2022 16:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ndQOhY0ypd.apk
Size

5.2MB
MD5

ca559118f4605b0316a13b8cfa321f65
SHA1

5ef4d5784738d79f22f9bc5e8db7c94985bc1a3a
SHA256

3eb7efa71648ae819f1bff89399717805129487081e8261dd65bf596f2467054
SHA512

091f07d51e9d7c924666f28a30b03e5ff887e239ad2ed9a99cbd65e7b9350c6fc89cafdbbe05de27f8ea6dc90ff8484c1b692fc891b58fcc6104fa6878e8f3d7
SSDEEP

98304:+Ld3yR0X7GPzP21DeReIrJ0jJMooanGHNdyc7scnuB5k9MWdU:+LxyR0X7Qz/diMolGfyXcNMWdU

Score

10^/10

sova sova_v4 banker infostealer trojan

Malware Config

Signatures

SOVA_v4 payload 1 IoCs

resource	yara_rule
behavioral2/memory/4856-0.dex	family_sova_v4

Sova
Android banker first seen in July 2021.
banker trojan infostealer sova

Sova payload 1 IoCs

resource	yara_rule
behavioral2/memory/4856-0.dex	family_sova

Sova_v4
Android banker first seen in July 2021.
banker trojan infostealer sova_v4

Loads dropped Dex/Jar 1 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.slhytrowb.wfxaicaiw/ihoftigt8f/ffkyffUhHfh8I89/base.apk.hkyhafI1.g8k	4856	com.slhytrowb.wfxaicaiw

com.slhytrowb.wfxaicaiw
1⤵
- Loads dropped Dex/Jar
PID:4856

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.slhytrowb.wfxaicaiw/app_webview/Cookies

Filesize
64KB

MD5
9b23e6a88d5a95f155f205cb04b93cd0

SHA1
b62dccbbef087a0731f226b96d15d35d8aa5e5fc

SHA256
f2f3c3c0c7f085399a6f9a464c1ac30a59ceeb5a4b7026286fa5609e6e8ef857

SHA512
bce5f25d98e2e8296c4101b62082dcb6a43902f3431ff6f725e41be6b9aece76e887ef94c4818baf4da845708fd76fd51c37fb6915710c870647593868f27482

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/app_webview/Cookies-journal

Filesize
1KB

MD5
8bbcf39c0074ef0469691b2ea03f2332

SHA1
bfbe10fb97aef61034505db3efbb8c3a698c53d6

SHA256
edcd88fd23d9ca16367d977aa7dbf59d2cdc1a1c0797ec7dda016e11d546f865

SHA512
83efb59a78b7aa8768f764b5257959acffd06c0f9ec519cfe121e72b872a9b4195d278369c7d62e51f1655cb3f50ce01e5a95db3cc305d9408d10c712635ed84

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/app_webview/GPUCache/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/app_webview/GPUCache/index-dir/temp-index

Filesize
96B

MD5
bc13ffdf4068cf3ee112e196acd69738

SHA1
fa06fe2d017f74fcb9951b8a795cd69b4edb0bc1

SHA256
3dc5b182085b7b06ec94e154805e98bf223932547182099dc085329c2a696ef4

SHA512
862cbd6a6b295a746a75728d8fc1ac5cf2667965b725b38cf28c5fbbd02883e29b6049150dceff7a2981f21e75547f84dffa829399d833e5a10ba98f5335c058

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/app_webview/Web Data

Filesize
112KB

MD5
b663831f8cc130493476d94f2d7a5330

SHA1
043a1956ab8e40821d67043f8a9110a8eb36fb93

SHA256
c109aa8bfc364d5fd0756f1c9d35ee3d6df31325061ac70d8469f28cfc882ab7

SHA512
e8ee923192cdf16318febdc23362f3eeaf5c914b923f80cd3a91a2e83e94bced54460d4ef1e54accc26a7d54b89e2e10c00097e60002cf6427298dc5f18fed16

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/app_webview/Web Data-journal

Filesize
1KB

MD5
c02d088dda85f67605edef15ec423663

SHA1
7b2fe368044543dde3329e0d2648d9157ffaeb39

SHA256
42d4390f6d8e1e68be9bc91b56f2bcabfa9a7998c8c6a8eb103cd4aef386a872

SHA512
e252401a1c3f73fe88dbf2d7074d733a977cc27d4542ae3796e341303602f1bf0dc9b554a73ba3a78615f65c1e0008aecf0197c6f54ba39e6bd723b9bcc93313

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/app_webview/metrics_guid

Filesize
36B

MD5
bcf9feabf3b46b71d2db37603ebceb8b

SHA1
761bfddce50e7e73b791ddef1c82f0733cf43058

SHA256
a05071629fbab3303f8598ce374d9a3dc9a3a183e00c20832a700c8dabdec5bd

SHA512
c54df52eec1cf9e196a2ce4371434e722445f57ab10cdac59f9f1940c0b9d2099cb14f7fbf99bdf5b35542bbe07c2ee5d2ea899a73a32a9293da802b94bc3765

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/cache/WebView/Crashpad/settings.dat

Filesize
40B

MD5
c445152764ca9e5cc2fb9809a47afddc

SHA1
fcf514eed683f4770e1d2e6388fdad2e239145a6

SHA256
a225bf8cc8b9f8898a313087e4baa6f90227c9da0bee7eae1a642469ab3347f5

SHA512
96808c86976c77884b15d941b2f7c0b688f712dad2b7f50a0e17cdbb04c404927fc645474ffff158cf43e94877f591a5dc063efc462d25b496c4a0c919d6d206

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/cache/org.chromium.android_webview/1c8cab44519da61b_0

Filesize
340B

MD5
80820283ef777f8dc30a51c05ebe503c

SHA1
139d8c1ba3b34efab7ebc1cdc5044500abfc2290

SHA256
a584e17fdbabb02d34c0d83c23350bc9db9a9839badc5272bab1a2d9d151b132

SHA512
cded306868af1fcf836d30600c9b5585e1119a3181d2608467071e7ec867843bc3c64256e88461fd9b605e484e157c1828e03b9e0f6cb75a42a51283f33f13a4

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/cache/org.chromium.android_webview/Code Cache/js/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-index

Filesize
96B

MD5
544e75f4beb48c2d8ec89d436c0a19bd

SHA1
307c4f53a55131fecb678c319bbaee5cf6a01b60

SHA256
880c43776750b2d6e85b7c4cd2eeff056338460782d72c88d7c3e4dc90a090f3

SHA512
0e09aacdaefd87f4d5707596e81b73d1ae9cfa2af7a6a4b4acaa699f0a28e43564ec8c555081fd07622637febe3d0a48f9e92536c577a5e334810901ed2d86d9

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/cache/org.chromium.android_webview/e4db911cfa09c606_0

Filesize
520B

MD5
5e825535913d4021e85192bb9560b825

SHA1
33aaa817de7358769185b139e54355d3585cfafc

SHA256
40dbda1f4318758873d4a80d21f9da4919ddb8cac53ddf2ee94480d0585789d6

SHA512
aefeb124c2f7679ccdf4fb4acdc12d3f1553692d56cba96828133ffe3c61e91027c7a755c670f8610a53970ebfc53f5ece5f2d7d65a4e01969544013d8b4baae

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/cache/org.chromium.android_webview/ee7454f6f7222f8a_0

Filesize
338B

MD5
ef11061a2bbde73ad896d5f4d6d3a4d5

SHA1
0f34c91b18d4cd058348e0769b7eba1cbc5f5973

SHA256
ae4acb30bf49099c24e888a7a6bb6164dcf8d7074ea2e23a4ce593f843622b63

SHA512
d20d08620c3e1aee5113c0ba57b8066fc0cf13dac68356d9a620c8349a401bdca1610a180c1a7f727ba695bb1e7c368cd15bce6282f5c313d1921c21effa3d79

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/cache/org.chromium.android_webview/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/cache/org.chromium.android_webview/index-dir/temp-index

Filesize
96B

MD5
1fe2783376cb67c18676a77153e8833d

SHA1
db5c87d8562b4eb9485a1ba1b1ecbc8de2d3bbef

SHA256
8e3acc7068b75b53d1c07456f4740d17636ddf9a7000124d07aa08451f4f410b

SHA512
057d4fdbae6c748cd5eb84592df75d2f97f66923d56ecad7266603e11f772bd1a4e68e82142265a926bc61d6b3d6291521f98b717481ba47184ad412cd9b0082

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/cache/org.chromium.android_webview/index-dir/temp-index

Filesize
96B

MD5
b21f509c68dd8e8fc93650c2df7688e4

SHA1
2acd24ab85875644bebe4b99ceb1f3024b0c7e62

SHA256
22c0790b66510756bbcf6cef070324838479bb75f1016b102850982a2a98f130

SHA512
65f16a9548318b077eb32472e7c8be3897efc1e33c1f85f5d93eb8b8b28eec9beeca87a6cc2ebafede3229e2e5edea73a089fbd6b16f8bbbf266f455004783ec

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/ihoftigt8f/ffkyffUhHfh8I89/base.apk.hkyhafI1.g8k

Filesize
1.7MB

MD5
2426b919cdc0753cfda937d3a87d6226

SHA1
f258933ea1ecdb552475032b89fc2b3c83e0e6f0

SHA256
e7c8f9bacba13bdadf4c74cf356dc7734b0a269bf1bf02695fbba37f87eaeb98

SHA512
2cbb1dbee4a7d8bba818b416b7015ba5128cf77b9ba53906fd6efc2940ee71341e62292a79e43eaaf061a6cd4c21a96893354ab4b8b54e35708b768de5fbf21e

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/shared_prefs/WebViewChromiumPrefs.xml

Filesize
127B

MD5
6ef709b8536878951e87c29a1518fc2b

SHA1
24376c70b00152501b3d98df61fa7db435339172

SHA256
10b13d894f36d4391fcc31313a244d5f6cd89c8e8c03347282e281c4af13c0a6

SHA512
96547eff6779251a5c4941e812ec56ed273e9270265005723e1f2864688b04f3b852a90145fba4ea0ddf1e02b39d99e33d28f761b07a04d46e0e4257d8909ff9

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/shared_prefs/com.android.launcher3.prefs.xml

Filesize
128B

MD5
20837fd8daf2a2de8d6c4ccd8e90653a

SHA1
7ac08617bd4585151c239325aea243d9eca586f7

SHA256
e05f0ae0ee70ef2efac07e999da273b5f506462b67549f9080f6cdf469d70cec

SHA512
a4fd7ac1ce847a84fe4f47c2e7079f00b16b86213fe840b70e3a55992a043da99ca6fe1c9a723e709e2ee3985ed3b7c5a299d1cf5b29e8228f3f81d3cbb6876a

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/shared_prefs/multidex.version.xml

Filesize
307B

MD5
660a5867957424d150b7131a6f364aa8

SHA1
edd2bef5addb7dfc5e6fdb66fcfdec80f20e2194

SHA256
9ea2ba08de8326ae1bfd2c5ce672839bc20d032562d88b8711f228c177a0c6c5

SHA512
c2b2ffc7d6e06d2cb61c8c180c04f1126f6b596cf66c2e2f35111ba457846576bd674699700170ab692bfa29e428dcae5516f29c3ec96277573492fffc2aeabd

Download Submit