Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

6

73fcd12578...75.apk

android-9-x86

10

73fcd12578...75.apk

android-10-x64

10

73fcd12578...75.apk

android-11-x64

10

Analysis

  • max time kernel
    2271593s
  • max time network
    156s
  • platform
    android_x64
  • resource
    android-x64-arm64-20231215-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
  • submitted
    20/12/2023, 00:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    73fcd12578ff36a3575898e5c2f6bf9bba7cfb40f936d2092c6f81ec7ebe8975.apk

  • Size

    6.4MB

  • MD5

    168b29ef92c0931eb31531fa049adc58

  • SHA1

    02813110ec1d35371b69613b4226246c4745aa95

  • SHA256

    73fcd12578ff36a3575898e5c2f6bf9bba7cfb40f936d2092c6f81ec7ebe8975

  • SHA512

    e5f3788607294a31ccf41a6fde470ac08916eccdaca57caeb8cf2acf3e710f011e245bf91422c60fdef1a6a58ba9456f8e47ae0cda8882b57710a8c0259b88ce

  • SSDEEP

    196608:UIOdjjuuxyUmCaK/fK/8K+t8qLpZ/7xceP77J:UIujjuukNKHk8VnH/FP7t

Score
10/10
hydrabankerinfostealertrojan

Malware Config

Signatures

  • Hydra

    Android banker and info stealer.

    bankertrojaninfostealerhydra
  • Hydra payload 1 IoCs
  • Makes use of the framework's Accessibility service 2 IoCs

    Retrieves information displayed on the phone screen using AccessibilityService.

  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs
  • Looks up external IP address via web service 1 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Reads information about phone network operator.

Processes

  • com.dazgytun.vfohonn
    1⤵
    • Makes use of the framework's Accessibility service
    • Loads dropped Dex/Jar
    PID:4614

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.dazgytun.vfohonn/uIU7G8gH8F/HfgU98qGygiuyuI/base.apk.gFg88py1.F8u
    Filesize

    7.4MB

    MD5

    596ea494f59e8bf2768ce30a98a6ce06

    SHA1

    bf7ef788bfbf671f23617d5322ad1a7db4a27123

    SHA256

    13e0b11f7733a44824d0fd56034fcf43e2b73b3709dac4e7dcc97260952f1518

    SHA512

    565b337eed6f8f476f91f41a94f9fa29042564be70570d81c10fb759b0a16db45db580d01ad642b95b3d686c40a53f27c1e0470f4007ec776ea75542169bac05

    Download Submit

  • /data/user/0/com.dazgytun.vfohonn/uIU7G8gH8F/HfgU98qGygiuyuI/tmp-base.apk.gFg88py3526127071834448994.F8u
    Filesize

    1.4MB

    MD5

    6ee5292878de973ee7bccefc99117078

    SHA1

    89ade14f507ecf86203c4c012b401e065a236ca5

    SHA256

    b958a3c16e3874a2bf5718b8f111357f470ad752b4c141d979e8f5f5755a26e1

    SHA512

    3d1ee2ca8bf9213240b2746eaedf41071da21a760e3c122d9c7eba2fbdd21cf1ed98799cb3295bb3ced8705fb46cdb4d7c936fd8575ce0f8dd066adbe120498b

    Download Submit