Overview

overview

10

Static

static

7

bfb16d1190...8b.apk

android-9-x86

10

bfb16d1190...8b.apk

android-10-x64

10

bfb16d1190...8b.apk

android-11-x64

10

AboutCompat.js

windows7-x64

1

AboutCompat.js

windows10-2004-x64

1

MultiSelection.js

windows7-x64

1

MultiSelection.js

windows10-2004-x64

1

aboutCompat.html

windows7-x64

1

aboutCompat.html

windows10-2004-x64

1

aboutCompat.js

windows7-x64

1

aboutCompat.js

windows10-2004-x64

1

aboutPage.js

windows7-x64

1

aboutPage.js

windows10-2004-x64

1

aboutPageP...ipt.js

windows7-x64

1

aboutPageP...ipt.js

windows10-2004-x64

1

adsTelemetry.js

windows7-x64

1

adsTelemetry.js

windows10-2004-x64

1

bridgeShop...tor.js

windows7-x64

1

bridgeShop...tor.js

windows10-2004-x64

1

errorPageScripts.js

windows7-x64

1

errorPageScripts.js

windows10-2004-x64

1

highRiskErrorPages.js

windows7-x64

1

highRiskErrorPages.js

windows10-2004-x64

1

icons.js

windows7-x64

1

icons.js

windows10-2004-x64

1

lowMediumE...ges.js

windows7-x64

1

lowMediumE...ges.js

windows10-2004-x64

1

reader.js

windows7-x64

1

reader.js

windows10-2004-x64

1

reader_theme.js

windows7-x64

1

reader_theme.js

windows10-2004-x64

1

run.js

windows7-x64

1

Analysis

  • max time kernel
    1846061s
  • max time network
    147s
  • platform
    android_x86
  • resource
    android-x86-arm-20231023-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231023-enlocale:en-usos:android-9-x86system
  • submitted
    26-10-2023 22:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bfb16d1190106657d4f1c190c313a91a9563028c5f0b8b10f198f802f9bb3f8b.apk

  • Size

    3.1MB

  • MD5

    3e5ad285d52d85c21e90ef0745e500ba

  • SHA1

    7102edcc2d35729840b6274b5ab23896797381d1

  • SHA256

    bfb16d1190106657d4f1c190c313a91a9563028c5f0b8b10f198f802f9bb3f8b

  • SHA512

    bab2dc47174d21842874c4ad9c8207bdd316df7e5dc0924e280b81d6d7758139a62af127720769daaf2f9428a61e42a35936cf0cca5345694d7d3c66250704d2

  • SSDEEP

    98304:X4Cd1luEfq5SBBoera1l8Dalc/IeGhOIo/fqk:N1xrBj+8D0Mkhg/1

Score
10/10
hydrabankerinfostealertrojan

Malware Config

Signatures

  • Hydra

    Android banker and info stealer.

    bankertrojaninfostealerhydra
  • Hydra payload 4 IoCs
  • Makes use of the framework's Accessibility service. 2 IoCs
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Requests enabling of the accessibility settings. 1 IoCs
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs
  • Looks up external IP address via web service 1 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Reads information about phone network operator.

Processes

  • com.fruit.marriage
    1⤵
    • Makes use of the framework's Accessibility service.
    • Loads dropped Dex/Jar
    • Requests enabling of the accessibility settings.
    PID:4257
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.fruit.marriage/app_DynamicOptDex/LmwqhB.json --output-vdex-fd=41 --oat-fd=42 --oat-location=/data/user/0/com.fruit.marriage/app_DynamicOptDex/oat/x86/LmwqhB.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4284

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.fruit.marriage/app_DynamicOptDex/LmwqhB.json
    Filesize

    1.9MB

    MD5

    97bb4ae579d36530699dec1a49d3c417

    SHA1

    a2ef6d0178ca7d44ad5fec3a42f5710e80df1f6e

    SHA256

    6f408fa6631c5f577c0ee62488797338098b605313038609244b4a5e386dc6b6

    SHA512

    7aff3d423355cb6aa276339bad95b77322ae9a85156774a38f25b20ff03f7f28ee055e9df40e6cfe4873c225a750cb8c673dd46de6454cd3ff2f0a86f168d7ad

    Download Submit

  • /data/data/com.fruit.marriage/app_DynamicOptDex/LmwqhB.json
    Filesize

    1.9MB

    MD5

    744696ff4904370f4769ccbcb63ea7fc

    SHA1

    98402c822ac9db3d48b97941d4c2f53321c296e6

    SHA256

    48d8f27cec2497d47d92476297687d831d42f86d2ca9cc06947c99719324e473

    SHA512

    c71b406b5063244b00b23feeec8ff76e0b85171eedb54056269208b4d0f23b409bdd1c234a570ae9ab056d8be64a5c82f5711f350ceebdf0d249718f881bb97a

    Download Submit

  • /data/user/0/com.fruit.marriage/app_DynamicOptDex/LmwqhB.json
    Filesize

    5.0MB

    MD5

    cac386f38c43b6e1c9ba238ea819e68d

    SHA1

    78e51142d4749d1ab5b8a4b0342820159e691a6f

    SHA256

    a2d8f5c347f43b1babed2d6b8aaaf450aab15e202d8b7e41632a2631528af3ce

    SHA512

    736ab8df87a7e2df30eae9345d2007b742de0ef23a371b964cde3d7a2bc9a5f4f4ea824b9100cfdffe7b7aedad10572274b4c6b0a39423583065c730080f2181

    Download Submit

  • /data/user/0/com.fruit.marriage/app_DynamicOptDex/LmwqhB.json
    Filesize

    5.0MB

    MD5

    eebf7a0ab2e5e6f513cffe44f958d94a

    SHA1

    0f5b6ed97ec7988694ee3e1bbaec29e14a62c106

    SHA256

    2a0cfd07d7e8407a136d5034a982a7e6d9e1729813676395751626a58fe3b056

    SHA512

    f20698ba9b007515e3b49d4987e3b0c098eebac43ea4ffef86fe02265481cc0589ef847c500c2329aab2be1408fb4eb8773baf2ccc5b43719dd42ee3437bc60a

    Download Submit