General

  • Target

    08362_Video_Oynat.apk

  • Size

    4.5MB

  • Sample

    231215-pfybmacebp

  • MD5

    924f353957c8c786a2eeb6422a1bbe3b

  • SHA1

    7885e711692cfa73fcf165125593bfac3920432e

  • SHA256

    5b9049c392eaf83b12b98419f14ece1b00042592b003a17e4e6f0fb466281368

  • SHA512

    2a93593f79e61dfdc8feb7762f03c0924ebb141f06d71d5d80067fd8fa87d1589b936c89c3031dcc1dbef5c21384578cbf093d862748bdc8529bf044e58005f8

  • SSDEEP

    98304:FN+oQuYD9mydXOTrinkiclo30C683kGe3whpJvHFyxrCT:FyuqsfEjOg0tYkrgpFyNCT

Malware Config

Targets

    • Target

      08362_Video_Oynat.apk

    • Size

      4.5MB

    • MD5

      924f353957c8c786a2eeb6422a1bbe3b

    • SHA1

      7885e711692cfa73fcf165125593bfac3920432e

    • SHA256

      5b9049c392eaf83b12b98419f14ece1b00042592b003a17e4e6f0fb466281368

    • SHA512

      2a93593f79e61dfdc8feb7762f03c0924ebb141f06d71d5d80067fd8fa87d1589b936c89c3031dcc1dbef5c21384578cbf093d862748bdc8529bf044e58005f8

    • SSDEEP

      98304:FN+oQuYD9mydXOTrinkiclo30C683kGe3whpJvHFyxrCT:FyuqsfEjOg0tYkrgpFyNCT

    • Hydra

      Android banker and info stealer.

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks