General
-
Target
73fcd12578ff36a3575898e5c2f6bf9bba7cfb40f936d2092c6f81ec7ebe8975
-
Size
6.4MB
-
Sample
231220-apjr9sbggn
-
MD5
168b29ef92c0931eb31531fa049adc58
-
SHA1
02813110ec1d35371b69613b4226246c4745aa95
-
SHA256
73fcd12578ff36a3575898e5c2f6bf9bba7cfb40f936d2092c6f81ec7ebe8975
-
SHA512
e5f3788607294a31ccf41a6fde470ac08916eccdaca57caeb8cf2acf3e710f011e245bf91422c60fdef1a6a58ba9456f8e47ae0cda8882b57710a8c0259b88ce
-
SSDEEP
196608:UIOdjjuuxyUmCaK/fK/8K+t8qLpZ/7xceP77J:UIujjuukNKHk8VnH/FP7t
Static task
static1
Behavioral task
behavioral1
Sample
73fcd12578ff36a3575898e5c2f6bf9bba7cfb40f936d2092c6f81ec7ebe8975.apk
Resource
android-x86-arm-20231215-en
Behavioral task
behavioral2
Sample
73fcd12578ff36a3575898e5c2f6bf9bba7cfb40f936d2092c6f81ec7ebe8975.apk
Resource
android-x64-20231215-en
Behavioral task
behavioral3
Sample
73fcd12578ff36a3575898e5c2f6bf9bba7cfb40f936d2092c6f81ec7ebe8975.apk
Resource
android-x64-arm64-20231215-en
Malware Config
Targets
-
-
Target
73fcd12578ff36a3575898e5c2f6bf9bba7cfb40f936d2092c6f81ec7ebe8975
-
Size
6.4MB
-
MD5
168b29ef92c0931eb31531fa049adc58
-
SHA1
02813110ec1d35371b69613b4226246c4745aa95
-
SHA256
73fcd12578ff36a3575898e5c2f6bf9bba7cfb40f936d2092c6f81ec7ebe8975
-
SHA512
e5f3788607294a31ccf41a6fde470ac08916eccdaca57caeb8cf2acf3e710f011e245bf91422c60fdef1a6a58ba9456f8e47ae0cda8882b57710a8c0259b88ce
-
SSDEEP
196608:UIOdjjuuxyUmCaK/fK/8K+t8qLpZ/7xceP77J:UIujjuukNKHk8VnH/FP7t
Score10/10-
Hydra payload
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Reads information about phone network operator.
-