General
-
Target
50d3bdd395bfa25063e6b614e9fd953a
-
Size
2.3MB
-
Sample
231219-s1za7sehdl
-
MD5
50d3bdd395bfa25063e6b614e9fd953a
-
SHA1
be8e1c074e1dd5df8d81b94288569d0078da4709
-
SHA256
c8f28fa18e582f5e37e2ef8c07df0c1eadf2aed88de3561f962b08224ed9445e
-
SHA512
89ec50f52f615403fc1c63f9c8624f71b1a491818a4bfa0e197054bfd4375cbcc7f133b56cfbe3f48da3c5f2837f82037306335114a64a0e72ef942f277ee14e
-
SSDEEP
49152:ALVzpOGT22h41pC7/IH/yP4JoN0+L6c57XYEVAAbrBwID+bcKFyNe:AL1pOMRWZNJUt6M4ar+IW1QQ
Malware Config
Targets
-
-
Target
50d3bdd395bfa25063e6b614e9fd953a
-
Size
2.3MB
-
MD5
50d3bdd395bfa25063e6b614e9fd953a
-
SHA1
be8e1c074e1dd5df8d81b94288569d0078da4709
-
SHA256
c8f28fa18e582f5e37e2ef8c07df0c1eadf2aed88de3561f962b08224ed9445e
-
SHA512
89ec50f52f615403fc1c63f9c8624f71b1a491818a4bfa0e197054bfd4375cbcc7f133b56cfbe3f48da3c5f2837f82037306335114a64a0e72ef942f277ee14e
-
SSDEEP
49152:ALVzpOGT22h41pC7/IH/yP4JoN0+L6c57XYEVAAbrBwID+bcKFyNe:AL1pOMRWZNJUt6M4ar+IW1QQ
Score10/10-
Hydra
Android banker and info stealer.
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Removes its main activity from the application launcher
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Requests enabling of the accessibility settings.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Reads information about phone network operator.
-