Overview

overview

10

Static

static

6

a7f6a3bdcc...81.apk

 

a7f6a3bdcc...81.apk

android-10-x64

10

a7f6a3bdcc...81.apk

android-11-x64

10

Analysis

  • max time kernel
    2511632s
  • max time network
    176s
  • platform
    android_x64
  • resource
    android-x64-20231215-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
  • submitted
    20-12-2023 11:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a7f6a3bdcc8049e70ee08fa5e67966e83f6624b0231024dc20eeaad948307681.apk

  • Size

    6.1MB

  • MD5

    f0db0430dc99ea4ec1099d7511f1677d

  • SHA1

    49f57f37ae162de72603b0aecc0b5979133819d2

  • SHA256

    a7f6a3bdcc8049e70ee08fa5e67966e83f6624b0231024dc20eeaad948307681

  • SHA512

    54c00ed3d0444a15b732e7427a1aa675803140e8ee4b183f311c075e2395e04d52bef5648d107e1ccf0002fe2d2e8990a118c3cf0a446a21ce13a0009821c41c

  • SSDEEP

    196608:FH44nzjyoKMtr4rIaRCZEApuQJOj2OkE0TFc:x3nPptrWR6EAkinTFc

Score
10/10
hydrabankerinfostealertrojan

Malware Config

Signatures

  • Hydra

    Android banker and info stealer.

    bankertrojaninfostealerhydra
  • Hydra payload 1 IoCs
  • Makes use of the framework's Accessibility service 2 IoCs

    Retrieves information displayed on the phone screen using AccessibilityService.

  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs
  • Looks up external IP address via web service 1 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Reads information about phone network operator.

Processes

  • com.vdycsthh.rrdlvkz
    1⤵
    • Makes use of the framework's Accessibility service
    • Loads dropped Dex/Jar
    PID:4994

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.vdycsthh.rrdlvkz/9fgk8aGGgI/yyIfIo78IHgjayi/tmp-base.apk.TdaTIjy6033835925614892246.kGy
    Filesize

    545KB

    MD5

    05e82385c3cf81e6bfa5050fdeaa7b88

    SHA1

    805a565339b36f0fcfa0e1215b764859ef9c63e3

    SHA256

    75f147bdb8728d892218418726f4c93d43893002def8d4193e3812d96be38118

    SHA512

    5024e66056bbb49b112ee999b38d17e6da4ab973a15c781e50f6ff19f719e12ce3e75ee222775d76b2dd7598574362953f699c892c6fb98cd737c2d5d1d12958

    Download Submit

  • /data/user/0/com.vdycsthh.rrdlvkz/9fgk8aGGgI/yyIfIo78IHgjayi/base.apk.TdaTIjy1.kGy
    Filesize

    7.4MB

    MD5

    8993b5c4987c3f37a701d78401eb1312

    SHA1

    94cf44aaca2a787d8836d3b7df2b62ae765c048d

    SHA256

    a7097b0ecbbe52f77688f9d61e3ff203c95f191b5e8ea026454cc9af4db73418

    SHA512

    901a826f9dc421adcb9486a427770075762d950a819b0a5b29032e0d407723a4e4fb279d25e369575de844ed97edb8361244a36929f92ac4eaf13e61675df129

    Download Submit