Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

7

481598d7c1...f4.apk

android-9-x86

10

481598d7c1...f4.apk

android-10-x64

10

481598d7c1...f4.apk

android-11-x64

10

Analysis

  • max time kernel
    3483406s
  • max time network
    160s
  • platform
    android_x64
  • resource
    android-x64-arm64-20220823-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20220823-enlocale:en-usos:android-11-x64system
  • submitted
    20/01/2023, 14:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    481598d7c10e3dfd538e8c21141ab337c2074047227a58f8f639eb374e971cf4.apk

  • Size

    2.0MB

  • MD5

    9c493810258eeca47b5001fd0c968111

  • SHA1

    9461d1a5f6ae935a1ba6bc2d05e76e55ac79f639

  • SHA256

    481598d7c10e3dfd538e8c21141ab337c2074047227a58f8f639eb374e971cf4

  • SHA512

    7cd767cacd064def4443f21b346b4a78b8573dc760714210eda5f4284a4a236b795e73cc0e2c50f7837693741416007bcf913034dc28dd21a5084099ca68a172

  • SSDEEP

    49152:j/j9ArJ/vPFDdpfE/81ZRPRNdoIIVVYG2FrGJ:j/jOxvFz1rRNdobVVYREJ

Score
10/10
hydrabankerinfostealertrojan

Malware Config

Signatures

  • Hydra

    Android banker and info stealer.

    bankertrojaninfostealerhydra
  • Hydra payload 1 IoCs
  • Makes use of the framework's Accessibility service. 2 IoCs
  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Looks up external IP address via web service 1 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Reads information about phone network operator.

Processes

  • com.piano.length
    1⤵
    • Makes use of the framework's Accessibility service.
    • Loads dropped Dex/Jar
    PID:4418

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.piano.length/app_DynamicOptDex/uEEipJ.json
    Filesize

    239KB

    MD5

    06c02ab9f5fbb12ec78c0f00b9cd144f

    SHA1

    92965fccde619291b2cd21a93d4a22d79b4b9094

    SHA256

    96f1e4cd48ef797a8fc5e740dae6f3a527d0543788d18b967fd8996748241cda

    SHA512

    80c2388fe41ad6791ab7282c396a0fa8414f96a84de0290751b57b87963f4b42f33c6f0e439369cebdc54f4f9fcb8c20ac1cc6b5b2a11b0931d67a2317080cd0

    Download Submit

  • /data/user/0/com.piano.length/app_DynamicOptDex/uEEipJ.json
    Filesize

    574KB

    MD5

    4f7ca869e2a2aa71565ddd0213377ef4

    SHA1

    7d36e39122864983eefeae7acda4c5895571aefb

    SHA256

    885da90d332750c7f2fef12a1fc61d9aae32a323b0bd13b2309bbc6ee3f221e5

    SHA512

    70097ab3164541abeb0aa661c7d92a1d4fd1f1b5deb7b605a5e510d7bfd84622f143305846fc6b31be0e5d7015bb56eca7fbf6063e84d840b7cd3bd07a4f500f

    Download Submit

  • /data/user/0/com.piano.length/shared_prefs/pref_name_setting.xml
    Filesize

    131B

    MD5

    99906591310ddc26748b3a604ccde036

    SHA1

    4826b28d3683a99e10132999778b1f650223a593

    SHA256

    fb6c16987439db4666c0a1493c659ede60609e0413e1f079730368bddc812b97

    SHA512

    5e9061a7485e8d7e196635818a0ce16ec1780f8940255a681492abaf60b7b35b88923a34a95b8c6ee652c3e3f72f8efdf7b7192b69813371980444eded09f82c

    Download Submit