General
-
Target
75f9f66bcbfb732b3720f9b56a5b56a3a671ff4386b0b7dc8195124b0db206c0
-
Size
3.2MB
-
Sample
231220-a5kphafhd8
-
MD5
abcef2353f293e694fe3073b53528441
-
SHA1
0ecf181ad163bf5dc4e316ac61b3d2453ade356c
-
SHA256
75f9f66bcbfb732b3720f9b56a5b56a3a671ff4386b0b7dc8195124b0db206c0
-
SHA512
253a63c8c677826085727ef6d73b01142503424c3f952515bd9e6bfe0b4900e9c1b08faeb98f3790042255994ff9d57f274066315981711c0f32e1936bf3a608
-
SSDEEP
98304:Vz2v/oOd4+e/h8WBJbiBUUPBnzvU0C/MHpCNnvB:koJ+e/h8WfmBxVRqMJC/
Static task
static1
Behavioral task
behavioral1
Sample
75f9f66bcbfb732b3720f9b56a5b56a3a671ff4386b0b7dc8195124b0db206c0.apk
Resource
android-x86-arm-20231215-en
Behavioral task
behavioral2
Sample
75f9f66bcbfb732b3720f9b56a5b56a3a671ff4386b0b7dc8195124b0db206c0.apk
Resource
android-x64-20231215-en
Behavioral task
behavioral3
Sample
75f9f66bcbfb732b3720f9b56a5b56a3a671ff4386b0b7dc8195124b0db206c0.apk
Resource
android-x64-arm64-20231215-en
Malware Config
Targets
-
-
Target
75f9f66bcbfb732b3720f9b56a5b56a3a671ff4386b0b7dc8195124b0db206c0
-
Size
3.2MB
-
MD5
abcef2353f293e694fe3073b53528441
-
SHA1
0ecf181ad163bf5dc4e316ac61b3d2453ade356c
-
SHA256
75f9f66bcbfb732b3720f9b56a5b56a3a671ff4386b0b7dc8195124b0db206c0
-
SHA512
253a63c8c677826085727ef6d73b01142503424c3f952515bd9e6bfe0b4900e9c1b08faeb98f3790042255994ff9d57f274066315981711c0f32e1936bf3a608
-
SSDEEP
98304:Vz2v/oOd4+e/h8WBJbiBUUPBnzvU0C/MHpCNnvB:koJ+e/h8WfmBxVRqMJC/
Score10/10-
Hydra payload
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Requests enabling of the accessibility settings.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Reads information about phone network operator.
-