Extracted

• • Target

    eBayMobile12.18.apk

  • Size

    2.9MB

  • MD5

    8e3c3a0e489ab0c9ab00a59c81c19b90

  • SHA1

    ce53f47c5a8c0f025692eb936e33417468b2f82c

  • SHA256

    4d0c0b814eae82d294710a5849cf137ca8c89ab0421be80b7c59bd4af3738d12

  • SHA512

    b5f1226f487314af61e1bc2e322b435ceacea0b7f431a6ca93d5420c25f6ea390be676f80d148aad662b0742b2211f839e7d41ec07e355ab531253ccbefb7990

  • SSDEEP

    49152:Ucz4N3NNy9zYz2nHZiGtXyPXLjMRfbpwlwbYZ1dWyIALZLtrTFfW8di8JD2w1:L6s9sza5iyC/sRfVwab0d0AzTFftEQr1

  Score

  10^/10

  hydrabankerinfostealertrojan

  • Hydra

    Android banker and info stealer.

    bankertrojaninfostealerhydra

  • Hydra payload

  • Makes use of the framework's Accessibility service.

  • Loads dropped Dex/Jar

    Runs executable file dropped to the device during analysis.

  • Requests enabling of the accessibility settings.

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Reads information about phone network operator.

  behavioral1behavioral2behavioral3