Overview

overview

10

Static

static

6

011376f46a...ce.apk

android-9-x86

10

011376f46a...ce.apk

android-10-x64

10

011376f46a...ce.apk

android-11-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    011376f46a9ce15f6871530ba02465ce

  • Size

    4.8MB

  • Sample

    231224-rvw38ahec6

  • MD5

    011376f46a9ce15f6871530ba02465ce

  • SHA1

    d94107888bdfbffcabc6ccb1608f741ee220e97e

  • SHA256

    3640f09bff39e3a943195ecac50c30017890013dadc9d8528fd2220e218f9abe

  • SHA512

    30738bad30be433c0a6b59b28b5478bb8530f54c13ac32cbb21315d7ecef1a4e742ed76683cfb071850281bdd7dfb01117f091126528b3f3f615ed88429d6a99

  • SSDEEP

    98304:6bWNylJAL3ubx87R5wA40fdQtSiUythyCmXsl4gh:6iolJAL3ubx87HwA4WfiUyth/usKgh

Score
10/10
hydraandroidbankerinfostealertrojan

Malware Config

Targets

    • Target

      011376f46a9ce15f6871530ba02465ce

    • Size

      4.8MB

    • MD5

      011376f46a9ce15f6871530ba02465ce

    • SHA1

      d94107888bdfbffcabc6ccb1608f741ee220e97e

    • SHA256

      3640f09bff39e3a943195ecac50c30017890013dadc9d8528fd2220e218f9abe

    • SHA512

      30738bad30be433c0a6b59b28b5478bb8530f54c13ac32cbb21315d7ecef1a4e742ed76683cfb071850281bdd7dfb01117f091126528b3f3f615ed88429d6a99

    • SSDEEP

      98304:6bWNylJAL3ubx87R5wA40fdQtSiUythyCmXsl4gh:6iolJAL3ubx87HwA4WfiUyth/usKgh

    Score
    10/10
    hydrabankerinfostealertrojan

    • Hydra

      Android banker and info stealer.

      bankertrojaninfostealerhydra

    • Hydra payload

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Reads information about phone network operator.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks