Overview

overview

10

Static

static

6

6e126b848c...82.apk

android-9-x86

10

6e126b848c...82.apk

android-10-x64

10

6e126b848c...82.apk

android-11-x64

10

vk_dex.apk

android-9-x86

vk_dex.apk

android-10-x64

vk_dex.apk

android-11-x64

Analysis

  • max time kernel
    2299609s
  • max time network
    143s
  • platform
    android_x64
  • resource
    android-x64-20231215-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
  • submitted
    19-12-2023 23:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6e126b848c0b8b714bed2e031799bfb86aa6c8f06665a1a1763ec691045c3682.apk

  • Size

    8.6MB

  • MD5

    f05a404eca2aeb0f0baa640fd3d0628b

  • SHA1

    1b823a1381d9cfcd0d64eea8041f610b1ffcaf76

  • SHA256

    6e126b848c0b8b714bed2e031799bfb86aa6c8f06665a1a1763ec691045c3682

  • SHA512

    97dd958ed47066b591410d10417bacb9ade4ceeeaa2ed84f9aeb4be7120a62723da19b9d21ba4bf4a42ce65ed289ce17854a7bcf0bca34c8a0c02206df782e32

  • SSDEEP

    196608:rHQNs41/gagNADWx0RiQdyjynFAL99AhJekNjhG1YyN2Lv3G:rwNTgaCsWabyj409WZjQ19N2/G

Score
10/10
hydrabankerinfostealertrojan

Malware Config

Signatures

  • Hydra

    Android banker and info stealer.

    bankertrojaninfostealerhydra
  • Makes use of the framework's Accessibility service 2 IoCs

    Retrieves information displayed on the phone screen using AccessibilityService.

  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Looks up external IP address via web service 1 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Reads information about phone network operator.

Processes

  • com.veefctqv.umehtvs
    1⤵
    • Makes use of the framework's Accessibility service
    • Loads dropped Dex/Jar
    PID:5090

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.veefctqv.umehtvs/app_torfiles/torrc
    Filesize

    336B

    MD5

    d117cd2ef847e9eda982fbad85f39861

    SHA1

    d27302a6882e4b6ddb6b7c4de1175c6b2f81ae91

    SHA256

    11c8e9d173a68364fce7ab4b9108a0dc97561880f8722be2a1d0ef12ce8e3b61

    SHA512

    df568c7e4ddd6943455da52681b001cd8281ca96630784a292dce75adf6a2dabe60540657ff86bc0deba6483981f7d2b62930a85ca7a21bf6a8d0597feead8a2

    Download Submit

  • /data/data/com.veefctqv.umehtvs/vqcchbrmiq/lsafatkdczmuzcg/tmp-base.apk.qhasptw6688918640666793942.bme
    Filesize

    54KB

    MD5

    cd5132d597d588ef88bac0ed9a4b412c

    SHA1

    cbc955078d312bf98d745e1fa874030aa8fc4a62

    SHA256

    b89e544cb4f9d3daa392a5dd606a92b4982b214204abea9a5a2a9d1e510bfaf6

    SHA512

    04597d1c0db1c35cc126c29ea3285420413a31300a2bc00e104bbb65b212c650645000759f928d856e708107cf737f2312443c679e3b54d22e1fcd993c99b317

    Download Submit

  • /data/user/0/com.veefctqv.umehtvs/vqcchbrmiq/lsafatkdczmuzcg/base.apk.qhasptw1.bme
    Filesize

    3.9MB

    MD5

    152982fd6a74135311c9eeb4667a6a29

    SHA1

    e3e3197afcbf6253cb8a9b41bb273a2778a1127c

    SHA256

    58d19e5b1e6aec570e3e6b9740aa2d250b0822a5db9912d536cee4569d6dd7f4

    SHA512

    921c0b04a9ba930af94cbeb54ddf80d862c8e3f17ab06458411dc6abdd7c04acaab573580d961347e69ca492d8ae7a01179c17fe3970b4be008974d36c3eba9a

    Download Submit