General
-
Target
8de309b3b12ec3f0115d8522179c825d77f111a56aa268f7eacb68afaa4d33c3
-
Size
3.0MB
-
Sample
231220-hvxkbaggdr
-
MD5
43cd96c840d9f2c91ff47948ad7e734b
-
SHA1
3001104f5014c576a840fdf6f3734a44a2361404
-
SHA256
8de309b3b12ec3f0115d8522179c825d77f111a56aa268f7eacb68afaa4d33c3
-
SHA512
a4b6e533e9314728ef47aa7e448d0f890d24521b42c6bcfd6a57b6f3074a37016fca55eed8db4b40e1afb04b7fd8fd6b55bf04ae646db3b12ae134d4483cf20d
-
SSDEEP
49152:SEsaNpGD0I8RlP2Oe/SOVjdxTtWNWon/cQrS8Y9vpLMP3E:fsaNpGwJu7VjdxT0N8GS8Y9vpLMM
Static task
static1
Behavioral task
behavioral1
Sample
8de309b3b12ec3f0115d8522179c825d77f111a56aa268f7eacb68afaa4d33c3.apk
Resource
android-x86-arm-20231215-en
Behavioral task
behavioral2
Sample
8de309b3b12ec3f0115d8522179c825d77f111a56aa268f7eacb68afaa4d33c3.apk
Resource
android-x64-20231215-en
Behavioral task
behavioral3
Sample
8de309b3b12ec3f0115d8522179c825d77f111a56aa268f7eacb68afaa4d33c3.apk
Resource
android-x64-arm64-20231215-en
Malware Config
Targets
-
-
Target
8de309b3b12ec3f0115d8522179c825d77f111a56aa268f7eacb68afaa4d33c3
-
Size
3.0MB
-
MD5
43cd96c840d9f2c91ff47948ad7e734b
-
SHA1
3001104f5014c576a840fdf6f3734a44a2361404
-
SHA256
8de309b3b12ec3f0115d8522179c825d77f111a56aa268f7eacb68afaa4d33c3
-
SHA512
a4b6e533e9314728ef47aa7e448d0f890d24521b42c6bcfd6a57b6f3074a37016fca55eed8db4b40e1afb04b7fd8fd6b55bf04ae646db3b12ae134d4483cf20d
-
SSDEEP
49152:SEsaNpGD0I8RlP2Oe/SOVjdxTtWNWon/cQrS8Y9vpLMP3E:fsaNpGwJu7VjdxT0N8GS8Y9vpLMM
Score10/10-
Hydra payload
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Reads information about phone network operator.
-