General

  • Target

    723d4d2c92d5d6da8fe7c30e21a3fe01

  • Size

    2.6MB

  • Sample

    240124-pnffsaabh6

  • MD5

    723d4d2c92d5d6da8fe7c30e21a3fe01

  • SHA1

    a898aaf26cbccc88c372c59414be88d5e3e7991a

  • SHA256

    9cbdd422daf93e15b2135f0f6feebf7428eaaaba4aeaf18c12e882e67a849c89

  • SHA512

    96b26e1462ba1cc02505c14ee1f54798b1f176c0a95a0564294980315038f5d2eaa02f0c558edd24fefb18dc52f20412044cecab9926b2ccba989bfc3284c895

  • SSDEEP

    49152:bxNEjeXAouzDMDACtf0gx9wfZBobdydftLkvBy/54VgVFzIz+OQ:bxFpuzDJCtf0gx9wRdx6W+VeB6u

Malware Config

Targets

    • Target

      723d4d2c92d5d6da8fe7c30e21a3fe01

    • Size

      2.6MB

    • MD5

      723d4d2c92d5d6da8fe7c30e21a3fe01

    • SHA1

      a898aaf26cbccc88c372c59414be88d5e3e7991a

    • SHA256

      9cbdd422daf93e15b2135f0f6feebf7428eaaaba4aeaf18c12e882e67a849c89

    • SHA512

      96b26e1462ba1cc02505c14ee1f54798b1f176c0a95a0564294980315038f5d2eaa02f0c558edd24fefb18dc52f20412044cecab9926b2ccba989bfc3284c895

    • SSDEEP

      49152:bxNEjeXAouzDMDACtf0gx9wfZBobdydftLkvBy/54VgVFzIz+OQ:bxFpuzDJCtf0gx9wRdx6W+VeB6u

    • Hydra

      Android banker and info stealer.

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks