Overview

overview

10

Static

static

6

5402e8cd66...b5.apk

 

5402e8cd66...b5.apk

android-10-x64

10

5402e8cd66...b5.apk

android-11-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5402e8cd66ea098debe860ef7c915cb5

  • Size

    3.3MB

  • Sample

    231222-c32lcaaeg7

  • MD5

    5402e8cd66ea098debe860ef7c915cb5

  • SHA1

    77f25bcf33b05147ca5731c3e3fae317f0f00e25

  • SHA256

    a812b9ddae471115767559606b93ec92e7149377c57ef7609867d1cf4f405a93

  • SHA512

    a1f6851cd7aff86d3980b66c0fdbc5bb2d585a938a435c8e1b52778da088695bb6868e20111954bc5064cb3151d9298dd8d767db120ef22cbaeaf6f53835b79b

  • SSDEEP

    98304:+4u0TfW6P/o2sgc8MSUFpq4tXgweF7Y1Bf0K:+4u0TfRS8zaAEXgweF7aBcK

Score
10/10
hydraandroidbankerinfostealertrojan

Malware Config

Targets

    • Target

      5402e8cd66ea098debe860ef7c915cb5

    • Size

      3.3MB

    • MD5

      5402e8cd66ea098debe860ef7c915cb5

    • SHA1

      77f25bcf33b05147ca5731c3e3fae317f0f00e25

    • SHA256

      a812b9ddae471115767559606b93ec92e7149377c57ef7609867d1cf4f405a93

    • SHA512

      a1f6851cd7aff86d3980b66c0fdbc5bb2d585a938a435c8e1b52778da088695bb6868e20111954bc5064cb3151d9298dd8d767db120ef22cbaeaf6f53835b79b

    • SSDEEP

      98304:+4u0TfW6P/o2sgc8MSUFpq4tXgweF7Y1Bf0K:+4u0TfRS8zaAEXgweF7aBcK

    Score
    10/10
    hydrabankerinfostealertrojan

    • Hydra

      Android banker and info stealer.

      bankertrojaninfostealerhydra

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Reads information about phone network operator.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks