General

  • Target

    8421a95ea4edfe3a06cb6c78db58848b

  • Size

    3.0MB

  • Sample

    240131-l59jeabfdj

  • MD5

    8421a95ea4edfe3a06cb6c78db58848b

  • SHA1

    7b31ba4b4b2b5971ddbc812689c8ac28f28bd2a8

  • SHA256

    77b51738442f4d1b388db76db05388bd358b19f21c1f663e7993f9e32a7d6278

  • SHA512

    aaccf4c3343a3c0218b62e8545baeb8f2c3ebc1401001844303bb4f3d75b45538c7a99dc01482ee79990bbfe5bedd9edc27c614931d30f5a244488acbc409bb1

  • SSDEEP

    49152:v+afhiOsnVv0VdZNg6ieo3jGkIuFMEh4X64AKdA90Y3xnb5n5UgQCVSHn:vdf9aVv0Vd7rmXIWRj90WFusV0n

Malware Config

Targets

    • Target

      8421a95ea4edfe3a06cb6c78db58848b

    • Size

      3.0MB

    • MD5

      8421a95ea4edfe3a06cb6c78db58848b

    • SHA1

      7b31ba4b4b2b5971ddbc812689c8ac28f28bd2a8

    • SHA256

      77b51738442f4d1b388db76db05388bd358b19f21c1f663e7993f9e32a7d6278

    • SHA512

      aaccf4c3343a3c0218b62e8545baeb8f2c3ebc1401001844303bb4f3d75b45538c7a99dc01482ee79990bbfe5bedd9edc27c614931d30f5a244488acbc409bb1

    • SSDEEP

      49152:v+afhiOsnVv0VdZNg6ieo3jGkIuFMEh4X64AKdA90Y3xnb5n5UgQCVSHn:vdf9aVv0Vd7rmXIWRj90WFusV0n

    • Hydra

      Android banker and info stealer.

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks