harly | 1a468bacd31357e04b8e5d4b1d2e0f1089e38d2f734855b52c915bd1e6ac838c | Triage

Sharing

General

Target

Poco Camera - Photo Effect_1.0.1.apk
Size

32.9MB
Sample

221230-mnrgyaaf9w
MD5

5289a6c4355fe890b559b1c11fb17579
SHA1

584bab1091decce0c3b40d0fc45660bc85e09af0
SHA256

1a468bacd31357e04b8e5d4b1d2e0f1089e38d2f734855b52c915bd1e6ac838c
SHA512

13fc091f3ec94aae7d61b1841ea5e8ad3370e02beee8a1903723a9dc9b23db142bf1dbd736a65eed51f89b0e4addf9fb9718e3498d83acc22a66717f25ef458e
SSDEEP

786432:BonFa+SvyGFNcJftoy9OnkDX51CJiB5JDXjP:Boj6yGYtWjkjSiZDTP

Score

10^/10

harly android infostealer ransomware trojan

Malware Config

Extracted

Family

harly

C2

https://app.aidclean.com

Targets

- Target
  
  Poco Camera - Photo Effect_1.0.1.apk
- Size
  
  32.9MB
- MD5
  
  5289a6c4355fe890b559b1c11fb17579
- SHA1
  
  584bab1091decce0c3b40d0fc45660bc85e09af0
- SHA256
  
  1a468bacd31357e04b8e5d4b1d2e0f1089e38d2f734855b52c915bd1e6ac838c
- SHA512
  
  13fc091f3ec94aae7d61b1841ea5e8ad3370e02beee8a1903723a9dc9b23db142bf1dbd736a65eed51f89b0e4addf9fb9718e3498d83acc22a66717f25ef458e
- SSDEEP
  
  786432:BonFa+SvyGFNcJftoy9OnkDX51CJiB5JDXjP:Boj6yGYtWjkjSiZDTP
Score

10^/10

ransomware harly infostealer trojan
- Harly
  Harly is an Android trojan subscriber first seen in September 2022.
  trojan infostealer harly
- Checks Android system properties for emulator presence.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads information about phone network operator.
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

harlyinfostealerransomwaretrojan