General

  • Target

    62fb51c219728f90500e55b65c7a6d01

  • Size

    3.0MB

  • Sample

    240117-s6ylvsafb7

  • MD5

    62fb51c219728f90500e55b65c7a6d01

  • SHA1

    e8a874600e78886e5525aafbeb7d6284e980c169

  • SHA256

    4c9b59f488b0b3dcbf725bdf5f956fb18600da0687edf728a647590cf4c6ce67

  • SHA512

    1558dc6267509fc9191576c6262f124e3b3670954f16d56feebd94d503133995a0c34855de3af8d32e6b9b84df60acef8a452baed320b816c45201ecb807d816

  • SSDEEP

    49152:JaGqhp1D63F6EKYEqmyiewjnKDf0JuhUTSo8+/oWb0x4puM/X97f4Jkl5I+kcW5M:JO/1wQqmyWWD0Wo88rs4cwxQJg+vcWW

Malware Config

Targets

    • Target

      62fb51c219728f90500e55b65c7a6d01

    • Size

      3.0MB

    • MD5

      62fb51c219728f90500e55b65c7a6d01

    • SHA1

      e8a874600e78886e5525aafbeb7d6284e980c169

    • SHA256

      4c9b59f488b0b3dcbf725bdf5f956fb18600da0687edf728a647590cf4c6ce67

    • SHA512

      1558dc6267509fc9191576c6262f124e3b3670954f16d56feebd94d503133995a0c34855de3af8d32e6b9b84df60acef8a452baed320b816c45201ecb807d816

    • SSDEEP

      49152:JaGqhp1D63F6EKYEqmyiewjnKDf0JuhUTSo8+/oWb0x4puM/X97f4Jkl5I+kcW5M:JO/1wQqmyWWD0Wo88rs4cwxQJg+vcWW

    • Hydra

      Android banker and info stealer.

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks