General
-
Target
9939bea82bef38dff91be0182d26c13694dec687d1b8971bb2924076b89646f1
-
Size
3.3MB
-
Sample
231220-kycenaghg3
-
MD5
c81e236e8e7445375ee40d8e3f327873
-
SHA1
43fd1ac04a1793ceb60061c402c3f2bab67daa1c
-
SHA256
9939bea82bef38dff91be0182d26c13694dec687d1b8971bb2924076b89646f1
-
SHA512
f9a385117ca8b1c2a407c9d3e2bb24dd084b595a6e35f1be5c6526b872bdad215b2d365cb5e2b86a2abdde1b5f12adef515a1f44d78ae4a15a1de84f9fe36a48
-
SSDEEP
98304:7ML/uN7+YiIEv6gbk2f4qn3KEPi/MvxlnciASbG9Qv7JvEH:likx2l3KEPUMZ6UK9Qvtm
Static task
static1
Behavioral task
behavioral1
Sample
9939bea82bef38dff91be0182d26c13694dec687d1b8971bb2924076b89646f1.apk
Behavioral task
behavioral2
Sample
9939bea82bef38dff91be0182d26c13694dec687d1b8971bb2924076b89646f1.apk
Resource
android-x64-20231215-en
Behavioral task
behavioral3
Sample
9939bea82bef38dff91be0182d26c13694dec687d1b8971bb2924076b89646f1.apk
Resource
android-x64-arm64-20231215-en
Malware Config
Targets
-
-
Target
9939bea82bef38dff91be0182d26c13694dec687d1b8971bb2924076b89646f1
-
Size
3.3MB
-
MD5
c81e236e8e7445375ee40d8e3f327873
-
SHA1
43fd1ac04a1793ceb60061c402c3f2bab67daa1c
-
SHA256
9939bea82bef38dff91be0182d26c13694dec687d1b8971bb2924076b89646f1
-
SHA512
f9a385117ca8b1c2a407c9d3e2bb24dd084b595a6e35f1be5c6526b872bdad215b2d365cb5e2b86a2abdde1b5f12adef515a1f44d78ae4a15a1de84f9fe36a48
-
SSDEEP
98304:7ML/uN7+YiIEv6gbk2f4qn3KEPi/MvxlnciASbG9Qv7JvEH:likx2l3KEPUMZ6UK9Qvtm
Score10/10-
Hydra payload
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Reads information about phone network operator.
-