Extracted

• • Target

    800314641bb3520cdd6b776fec1ad58abc50164c452d3bf350b7d1fd7c3abf88.apk

  • Size

    3.3MB

  • MD5

    d27538ac77db11598e49713982d2e7d9

  • SHA1

    5a44571b96e002d7faaba95d49d16bd1d296fe98

  • SHA256

    800314641bb3520cdd6b776fec1ad58abc50164c452d3bf350b7d1fd7c3abf88

  • SHA512

    49eb797e7ff6e2ddef7978bc32280eec6dcd4c5a55674ddafcd515089629c68c8c49ef6f44c86d76dd668584f79e332f9b7bc1c08640d6307f5dcbd0d31dd4b5

  • SSDEEP

    98304:je5ZHZmUaOg6DL1TYMAX9Xam0iRVbS7DtSjpYkyAGSMlx4:a5NdaOD/5k9am0ibbSsj+JAGLE

  Score

  10^/10

  hydrabankerinfostealertrojan

  • Hydra

    Android banker and info stealer.

    bankertrojaninfostealerhydra

  • Hydra payload

  • Makes use of the framework's Accessibility service.

  • Loads dropped Dex/Jar

    Runs executable file dropped to the device during analysis.

  • Requests enabling of the accessibility settings.

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Reads information about phone network operator.

  behavioral1behavioral2