General

  • Target

    6ebeb85ffe32db161606a7c53722b890

  • Size

    3.0MB

  • Sample

    240122-e77z2agdfk

  • MD5

    6ebeb85ffe32db161606a7c53722b890

  • SHA1

    dc93b4458efebbc4a15a330840f0c92359e4de95

  • SHA256

    5ce41f4ecbfa8fa2855689ec3cfc1015ccf17f00ad28fa3bd26b4b8c86c56ad9

  • SHA512

    6c89168da5662aef9e5753f802e16791668c1820971304b349f5560e829dfec272f13eb3726a4d0c0f339579b4ca006f1d4acc904513c71da69a0a4ecf7c2c69

  • SSDEEP

    49152:92UEyQygv2WCra6iKmRxdehYOE82PNSKpekboCtEQeiem9b5oZ9kw6PZzjC:92Qgv2WSa6ir8sSb6oCN5d7Pc

Malware Config

Targets

    • Target

      6ebeb85ffe32db161606a7c53722b890

    • Size

      3.0MB

    • MD5

      6ebeb85ffe32db161606a7c53722b890

    • SHA1

      dc93b4458efebbc4a15a330840f0c92359e4de95

    • SHA256

      5ce41f4ecbfa8fa2855689ec3cfc1015ccf17f00ad28fa3bd26b4b8c86c56ad9

    • SHA512

      6c89168da5662aef9e5753f802e16791668c1820971304b349f5560e829dfec272f13eb3726a4d0c0f339579b4ca006f1d4acc904513c71da69a0a4ecf7c2c69

    • SSDEEP

      49152:92UEyQygv2WCra6iKmRxdehYOE82PNSKpekboCtEQeiem9b5oZ9kw6PZzjC:92Qgv2WSa6ir8sSb6oCN5d7Pc

    • Hydra

      Android banker and info stealer.

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks