Overview

overview

10

Static

static

6

6e126b848c...82.apk

android-9-x86

10

6e126b848c...82.apk

android-10-x64

10

6e126b848c...82.apk

android-11-x64

10

vk_dex.apk

android-9-x86

vk_dex.apk

android-10-x64

vk_dex.apk

android-11-x64

Analysis

  • max time kernel
    2299620s
  • max time network
    147s
  • platform
    android_x64
  • resource
    android-x64-arm64-20231215-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
  • submitted
    19-12-2023 23:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6e126b848c0b8b714bed2e031799bfb86aa6c8f06665a1a1763ec691045c3682.apk

  • Size

    8.6MB

  • MD5

    f05a404eca2aeb0f0baa640fd3d0628b

  • SHA1

    1b823a1381d9cfcd0d64eea8041f610b1ffcaf76

  • SHA256

    6e126b848c0b8b714bed2e031799bfb86aa6c8f06665a1a1763ec691045c3682

  • SHA512

    97dd958ed47066b591410d10417bacb9ade4ceeeaa2ed84f9aeb4be7120a62723da19b9d21ba4bf4a42ce65ed289ce17854a7bcf0bca34c8a0c02206df782e32

  • SSDEEP

    196608:rHQNs41/gagNADWx0RiQdyjynFAL99AhJekNjhG1YyN2Lv3G:rwNTgaCsWabyj409WZjQ19N2/G

Score
10/10
hydrabankerinfostealertrojan

Malware Config

Signatures

  • Hydra

    Android banker and info stealer.

    bankertrojaninfostealerhydra
  • Makes use of the framework's Accessibility service 2 IoCs

    Retrieves information displayed on the phone screen using AccessibilityService.

  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Looks up external IP address via web service 1 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Reads information about phone network operator.

Processes

  • com.veefctqv.umehtvs
    1⤵
    • Makes use of the framework's Accessibility service
    • Loads dropped Dex/Jar
    PID:4453

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.veefctqv.umehtvs/vqcchbrmiq/lsafatkdczmuzcg/base.apk.qhasptw1.bme
    Filesize

    3.9MB

    MD5

    152982fd6a74135311c9eeb4667a6a29

    SHA1

    e3e3197afcbf6253cb8a9b41bb273a2778a1127c

    SHA256

    58d19e5b1e6aec570e3e6b9740aa2d250b0822a5db9912d536cee4569d6dd7f4

    SHA512

    921c0b04a9ba930af94cbeb54ddf80d862c8e3f17ab06458411dc6abdd7c04acaab573580d961347e69ca492d8ae7a01179c17fe3970b4be008974d36c3eba9a

    Download Submit
  • /data/user/0/com.veefctqv.umehtvs/vqcchbrmiq/lsafatkdczmuzcg/tmp-base.apk.qhasptw8475268339263905275.bme
    Filesize

    1.1MB

    MD5

    4bf1881445c3cbdcad1706333575a738

    SHA1

    ae3d6588aa89c423d3c5ce16288a35df4273742c

    SHA256

    876b211591e576036d262fd6f1d2835ea7c7ed02a7aaf974531e2ca2307b2bb6

    SHA512

    00a8043cc2135245e6cc385e49fe312bca0284aa479ea0600062f8dac2117aecba8836cc40db85dc5be51347761ffc16ae3a87d18eec6183508285993e0ed029

    Download Submit