Overview

overview

10

Static

static

6

44c17995d8...2f.apk

android-9-x86

10

44c17995d8...2f.apk

android-10-x64

10

44c17995d8...2f.apk

android-11-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    44c17995d85ed465c7578706ecefca2f

  • Size

    3.0MB

  • Sample

    240105-3ypzvseba5

  • MD5

    44c17995d85ed465c7578706ecefca2f

  • SHA1

    f068002deee22200bcdac3cb2858f0f1534409cf

  • SHA256

    bd885c9d5f15c5fb15adb2cb6c30073bbfd3ffe202b6b7918f26dcfcd652fbb7

  • SHA512

    8a276d3fe9bd96944b6b02b7228958b7781d2dfb1d0560525b64c0fde20c82a48e6153f3e183999fecf22cfb874ef8feb9e4c19972f371cab6faa4e7da575b58

  • SSDEEP

    49152:CU+AC9HyG9tQtYd2W2Rw/qo9VNzySmGlu4j5Wrp2qOSDGnnDR2/d:CU+99SLid7Ow/9VNzyzGlbgphdDk16

Score
10/10
hydraandroidbankerinfostealertrojan

Malware Config

Targets

    • Target

      44c17995d85ed465c7578706ecefca2f

    • Size

      3.0MB

    • MD5

      44c17995d85ed465c7578706ecefca2f

    • SHA1

      f068002deee22200bcdac3cb2858f0f1534409cf

    • SHA256

      bd885c9d5f15c5fb15adb2cb6c30073bbfd3ffe202b6b7918f26dcfcd652fbb7

    • SHA512

      8a276d3fe9bd96944b6b02b7228958b7781d2dfb1d0560525b64c0fde20c82a48e6153f3e183999fecf22cfb874ef8feb9e4c19972f371cab6faa4e7da575b58

    • SSDEEP

      49152:CU+AC9HyG9tQtYd2W2Rw/qo9VNzySmGlu4j5Wrp2qOSDGnnDR2/d:CU+99SLid7Ow/9VNzyzGlbgphdDk16

    Score
    10/10
    hydrabankerinfostealertrojan

    • Hydra

      Android banker and info stealer.

      bankertrojaninfostealerhydra

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Reads information about phone network operator.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks