General

  • Target

    8a8c858f34f3b62bcafb61154743131f

  • Size

    3.1MB

  • Sample

    240202-z3hjsshhdl

  • MD5

    8a8c858f34f3b62bcafb61154743131f

  • SHA1

    16676b0251e8994c407102226163423e57c57e72

  • SHA256

    e30a471eb9b435c0bd1c0cd077b3ff78f114bd77cfe922f061b09d6a2ab34ff5

  • SHA512

    3d8e441c7293f60266aeefadb1041d479bdd892567bbf520564cc1be3c0c1d1f0458b5fdd5884674ce722d90fb352c0693bf5d8526a4411065d16f3dec2a2b57

  • SSDEEP

    98304:EajRZA0Z9v7MfyuPtK1C653DKJn7TVMwsCMe0zK:EajR/QquFKo+DM7TVMYMJzK

Malware Config

Targets

    • Target

      8a8c858f34f3b62bcafb61154743131f

    • Size

      3.1MB

    • MD5

      8a8c858f34f3b62bcafb61154743131f

    • SHA1

      16676b0251e8994c407102226163423e57c57e72

    • SHA256

      e30a471eb9b435c0bd1c0cd077b3ff78f114bd77cfe922f061b09d6a2ab34ff5

    • SHA512

      3d8e441c7293f60266aeefadb1041d479bdd892567bbf520564cc1be3c0c1d1f0458b5fdd5884674ce722d90fb352c0693bf5d8526a4411065d16f3dec2a2b57

    • SSDEEP

      98304:EajRZA0Z9v7MfyuPtK1C653DKJn7TVMwsCMe0zK:EajR/QquFKo+DM7TVMYMJzK

    • Hydra

      Android banker and info stealer.

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks