hydra | 8b321553f1a269ee4b68a02162ba2d14c71a92907b6001ff3db0fe5bae6b3430

Analysis

max time kernel
144s
max time network
157s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
03-03-2024 14:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8b321553f1a269ee4b68a02162ba2d14c71a92907b6001ff3db0fe5bae6b3430.apk
Size

2.8MB
MD5

d1a68785559ae6b0049a2bd1798277a1
SHA1

8ea0706e77e57810ff1bc9073f3701772f032557
SHA256

8b321553f1a269ee4b68a02162ba2d14c71a92907b6001ff3db0fe5bae6b3430
SHA512

b4c676c19dedf7b582598bc8bc9d3bf260b3847564d7da755cf9e694abdf2ad3555da526b7ff847dcbddf75b9d1183924a29078d181b313fcec18c8b5349637a
SSDEEP

49152:Ucz4N3omNn0M+CGN3SPXLD8S/obeUQGkfC1T3Eb0KizuNAGq6BXk2M:LrmR0vCSC/robeZGkfk0xA1XX

Score

10^/10

hydra banker collection discovery evasion infostealer stealth trojan

Malware Config

Extracted

Family

hydra

http://lalabanda.com

Signatures

Hydra
Android banker and info stealer.
banker trojan infostealer hydra

Hydra payload 2 IoCs

resource	yara_rule
behavioral1/memory/4179-0.dex	family_hydra1
behavioral1/memory/4179-0.dex	family_hydra2

Makes use of the framework's Accessibility service 2 TTPs 3 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

collection evasion

Input Injection

T1516

Screen Capture

T1513

description	ioc	Process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByViewId	com.wife.dizzy
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText	com.wife.dizzy
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	com.wife.dizzy

Removes its main activity from the application launcher 1 TTPs 1 IoCs

stealth trojan evasion

Suppress Application Icon

T1628.001

pid	Process
4179	com.wife.dizzy

Loads dropped Dex/Jar 1 TTPs 1 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.wife.dizzy/app_DynamicOptDex/KCFj.json	4179	com.wife.dizzy

Requests enabling of the accessibility settings. 1 IoCs

description	ioc	Process
Intent action	android.settings.ACCESSIBILITY_SETTINGS	com.wife.dizzy

Looks up external IP address via web service 1 IoCs

Uses a legitimate IP lookup service to find the infected system's external IP.

flow	ioc
14	ip-api.com

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Requests disabling of battery optimizations (often used to enable hiding in the background). 1 IoCs

evasion

description	ioc	Process
Intent action	android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS	com.wife.dizzy

com.wife.dizzy
1⤵
- Makes use of the framework's Accessibility service
- Removes its main activity from the application launcher
- Loads dropped Dex/Jar
- Requests enabling of the accessibility settings.
- Requests disabling of battery optimizations (often used to enable hiding in the background).
PID:4179

Network

DNS

lalabanda.com

Remote address:

1.1.1.1:53

Request

lalabanda.com

IN A

Response
DNS

www.google.com

Remote address:

1.1.1.1:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.187.228
DNS

android.apis.google.com

Remote address:

1.1.1.1:53

Request

android.apis.google.com

IN A

Response

android.apis.google.com

IN CNAME

clients.l.google.com

clients.l.google.com

IN A

172.217.16.238
DNS

ip-api.com

Remote address:

1.1.1.1:53

Request

ip-api.com

IN A

Response

ip-api.com

IN A

208.95.112.1
GET

http://ip-api.com/json

Remote address:

208.95.112.1:80

Request

GET /json HTTP/1.1
Authorization: abb68339ff58976d
Content-Type: application/json
User-Agent: Dalvik/2.1.0 (Linux; U; Android 9; Pixel 2 Build/PSR1.180720.122)
Host: ip-api.com
Connection: Keep-Alive
Accept-Encoding: gzip

Response

HTTP/1.1 200 OK

Date: Sun, 03 Mar 2024 14:30:16 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 313
Access-Control-Allow-Origin: *
X-Ttl: 58
X-Rl: 43
DNS

static.xx.fbcdn.net

Remote address:

1.1.1.1:53

Request

static.xx.fbcdn.net

IN A

Response

static.xx.fbcdn.net

IN CNAME

scontent.xx.fbcdn.net

scontent.xx.fbcdn.net

IN A

157.240.214.11
DNS

m.youtube.com

Remote address:

1.1.1.1:53

Request

m.youtube.com

IN A

Response

m.youtube.com

IN A

142.250.178.14
DNS

images-na.ssl-images-amazon.com

Remote address:

1.1.1.1:53

Request

images-na.ssl-images-amazon.com

IN A

Response

images-na.ssl-images-amazon.com

IN CNAME

m.media-amazon.com

m.media-amazon.com

IN CNAME

tp.c47710ee9-frontier.media-amazon.com

tp.c47710ee9-frontier.media-amazon.com

IN CNAME

f.media-amazon.com

f.media-amazon.com

IN CNAME

media.amazon.map.fastly.net

media.amazon.map.fastly.net

IN A

151.101.129.16

media.amazon.map.fastly.net

IN A

151.101.1.16

media.amazon.map.fastly.net

IN A

151.101.193.16

media.amazon.map.fastly.net

IN A

151.101.65.16
DNS

en.m.wikipedia.org

Remote address:

1.1.1.1:53

Request

en.m.wikipedia.org

IN A

Response

en.m.wikipedia.org

IN CNAME

dyna.wikimedia.org

dyna.wikimedia.org

IN A

185.15.59.224
DNS

a.espncdn.com

Remote address:

1.1.1.1:53

Request

a.espncdn.com

IN A

Response

a.espncdn.com

IN CNAME

a.espncdn.com.stls.edgesuite.net

a.espncdn.com.stls.edgesuite.net

IN CNAME

a1793.dscg1.akamai.net

a1793.dscg1.akamai.net

IN A

104.86.110.176

a1793.dscg1.akamai.net

IN A

2.18.66.227
DNS

s.yimg.com

Remote address:

1.1.1.1:53

Request

s.yimg.com

IN A

Response

s.yimg.com

IN CNAME

edge.gycpi.b.yahoodns.net

edge.gycpi.b.yahoodns.net

IN A

87.248.114.11

edge.gycpi.b.yahoodns.net

IN A

87.248.114.12
DNS

ir.ebaystatic.com

Remote address:

1.1.1.1:53

Request

ir.ebaystatic.com

IN A

Response

ir.ebaystatic.com

IN CNAME

ir.ebaycdn.net

ir.ebaycdn.net

IN CNAME

ipv4.slot11847.ebay.com.edgekey.net

ipv4.slot11847.ebay.com.edgekey.net

IN CNAME

e11847.a.akamaiedge.net

e11847.a.akamaiedge.net

IN A

2.23.161.98
DNS

www.instagram.com

Remote address:

1.1.1.1:53

Request

www.instagram.com

IN A

Response

www.instagram.com

IN CNAME

z-p42-instagram.c10r.instagram.com

z-p42-instagram.c10r.instagram.com

IN A

163.70.147.174
GET

http://a.espncdn.com/wireless/mw5/r1/images/bookmark-icons/espn_icon-152x152.min.png

Remote address:

104.86.110.176:80

Request

GET /wireless/mw5/r1/images/bookmark-icons/espn_icon-152x152.min.png HTTP/1.1
Host: a.espncdn.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 9; AOSP on IA Emulator Build/PSR1.180720.122) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Mobile Safari/537.36
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Sat, 02 Jun 2018 13:44:29 GMT
ETag: "9ac9e9363b76587769dda7c61107e9a9"
Server: AmazonS3
Content-Type: image/png
Content-Length: 2790
Accept-Ranges: bytes
Cache-Control: max-age=4440
Date: Sun, 03 Mar 2024 14:31:42 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
DNS

www.google.com

Remote address:

1.1.1.1:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.187.228
DNS

update.googleapis.com

Remote address:

1.1.1.1:53

Request

update.googleapis.com

IN A

Response

update.googleapis.com

IN A

142.250.200.3
DNS

tmwnymvlmtbxq

Remote address:

1.1.1.1:53

Request

tmwnymvlmtbxq

IN A

Response
DNS

yammvsdskyfhd

Remote address:

1.1.1.1:53

Request

yammvsdskyfhd

IN A

Response
DNS

vksxziorcq

Remote address:

1.1.1.1:53

Request

vksxziorcq

IN A

Response
DNS

safebrowsing.googleapis.com

Remote address:

1.1.1.1:53

Request

safebrowsing.googleapis.com

IN A

Response

safebrowsing.googleapis.com

IN A

142.250.187.234
DNS

accounts.google.com

Remote address:

1.1.1.1:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

74.125.71.84
DNS

www.youtube.com

Remote address:

1.1.1.1:53

Request

www.youtube.com

IN A

Response

www.youtube.com

IN CNAME

youtube-ui.l.google.com

youtube-ui.l.google.com

IN A

142.250.200.14

youtube-ui.l.google.com

IN A

172.217.169.46

youtube-ui.l.google.com

IN A

172.217.169.78

youtube-ui.l.google.com

IN A

216.58.204.78

youtube-ui.l.google.com

IN A

216.58.212.238

youtube-ui.l.google.com

IN A

142.250.187.238

youtube-ui.l.google.com

IN A

142.250.180.14

youtube-ui.l.google.com

IN A

142.250.200.46

youtube-ui.l.google.com

IN A

142.250.187.206

youtube-ui.l.google.com

IN A

216.58.201.110

youtube-ui.l.google.com

IN A

142.250.179.238

youtube-ui.l.google.com

IN A

216.58.213.14

youtube-ui.l.google.com

IN A

142.250.178.14

youtube-ui.l.google.com

IN A

216.58.212.206

youtube-ui.l.google.com

IN A

172.217.16.238
DNS

gstatic.com

Remote address:

1.1.1.1:53

Request

gstatic.com

IN A
DNS

gstatic.com

Remote address:

1.1.1.1:53

Request

gstatic.com

IN A

Response

gstatic.com

IN A

216.58.212.227
DNS

jnn-pa.googleapis.com

Remote address:

1.1.1.1:53

Request

jnn-pa.googleapis.com

IN A

Response

jnn-pa.googleapis.com

IN A

172.217.169.42

jnn-pa.googleapis.com

IN A

216.58.213.10

jnn-pa.googleapis.com

IN A

142.250.187.202

jnn-pa.googleapis.com

IN A

172.217.169.74

jnn-pa.googleapis.com

IN A

216.58.201.106

jnn-pa.googleapis.com

IN A

216.58.204.74

jnn-pa.googleapis.com

IN A

172.217.16.234

jnn-pa.googleapis.com

IN A

216.58.212.202

jnn-pa.googleapis.com

IN A

142.250.200.42

jnn-pa.googleapis.com

IN A

142.250.200.10

jnn-pa.googleapis.com

IN A

216.58.212.234

jnn-pa.googleapis.com

IN A

142.250.179.234

jnn-pa.googleapis.com

IN A

142.250.180.10

jnn-pa.googleapis.com

IN A

142.250.178.10

jnn-pa.googleapis.com

IN A

142.250.187.234
DNS

consent.youtube.com

Remote address:

1.1.1.1:53

Request

consent.youtube.com

IN A

Response

consent.youtube.com

IN A

216.58.212.238
DNS

i.ytimg.com

Remote address:

1.1.1.1:53

Request

i.ytimg.com

IN A

Response

i.ytimg.com

IN A

172.217.169.54

i.ytimg.com

IN A

142.250.187.246

i.ytimg.com

IN A

216.58.201.118

i.ytimg.com

IN A

216.58.212.214

i.ytimg.com

IN A

142.250.200.54

i.ytimg.com

IN A

172.217.169.86

i.ytimg.com

IN A

216.58.204.86

i.ytimg.com

IN A

142.250.187.214

i.ytimg.com

IN A

142.250.200.22

i.ytimg.com

IN A

142.250.180.22

i.ytimg.com

IN A

172.217.169.22

i.ytimg.com

IN A

142.250.179.246

i.ytimg.com

IN A

142.250.178.22

i.ytimg.com

IN A

172.217.16.246
DNS

googleads.g.doubleclick.net

Remote address:

1.1.1.1:53

Request

googleads.g.doubleclick.net

IN A

Response

googleads.g.doubleclick.net

IN A

172.217.169.66
DNS

static.doubleclick.net

Remote address:

1.1.1.1:53

Request

static.doubleclick.net

IN A

Response

static.doubleclick.net

IN A

216.58.201.102
DNS

play.google.com

Remote address:

1.1.1.1:53

Request

play.google.com

IN A

Response

play.google.com

IN A

142.250.187.238
DNS

rr4---sn-4g5edn6k.googlevideo.com

Remote address:

1.1.1.1:53

Request

rr4---sn-4g5edn6k.googlevideo.com

IN A

Response

rr4---sn-4g5edn6k.googlevideo.com

IN CNAME

rr4.sn-4g5edn6k.googlevideo.com

rr4.sn-4g5edn6k.googlevideo.com

IN A

74.125.111.137
DNS

yt3.ggpht.com

Remote address:

1.1.1.1:53

Request

yt3.ggpht.com

IN A

Response

yt3.ggpht.com

IN CNAME

photos-ugc.l.googleusercontent.com

photos-ugc.l.googleusercontent.com

IN A

142.250.187.225

142.250.187.228:443

www.google.com

tls

19.6kB
36.3kB
50
70
142.250.200.14:443

tls, https

858 B
40 B
1
1
142.250.200.14:443

tls, https

858 B
40 B
1
1
172.217.16.238:443

android.apis.google.com

tls

5.1kB
8.7kB
22
23
208.95.112.1:80

http://ip-api.com/json

http

451 B
662 B
5
4

HTTP Request

GET http://ip-api.com/json

HTTP Response

200
157.240.214.11:443

static.xx.fbcdn.net

tls

1.6kB
7.2kB
17
15
142.250.178.14:443

m.youtube.com

tls

3.7kB
111.6kB
58
83
151.101.129.16:443

images-na.ssl-images-amazon.com

tls

1.4kB
9.5kB
13
15
87.248.114.11:443

s.yimg.com

tls

1.5kB
13.1kB
16
15
185.15.59.224:443

en.m.wikipedia.org

tls

1.3kB
6.9kB
12
9
104.86.110.176:80

http://a.espncdn.com/wireless/mw5/r1/images/bookmark-icons/espn_icon-152x152.min.png

http

679 B
3.4kB
6
5

HTTP Request

GET http://a.espncdn.com/wireless/mw5/r1/images/bookmark-icons/espn_icon-152x152.min.png

HTTP Response

200
163.70.147.174:443

www.instagram.com

tls

2.6kB
41.1kB
36
40
2.23.161.98:443

ir.ebaystatic.com

tls

1.5kB
14.5kB
16
21
142.250.187.228:443

www.google.com

tls

3.2kB
34.9kB
33
49
142.250.187.228:443

www.google.com

tls

2.1kB
11.1kB
21
22
142.250.200.3:443

update.googleapis.com

tls

2.8kB
8.0kB
11
15
142.250.178.14:443

m.youtube.com

tls

94.3kB
1.5MB
666
1303
142.250.187.234:443

safebrowsing.googleapis.com

tls

9.9kB
383.0kB
166
266
74.125.71.84:443

accounts.google.com

tls

8.6kB
240.8kB
109
199
172.217.169.42:443

jnn-pa.googleapis.com

tls

11.7kB
152.3kB
97
162
216.58.212.238:443

consent.youtube.com

tls

1.1kB
7.7kB
13
12
216.58.212.238:443

consent.youtube.com

tls

3.5kB
66.7kB
37
61
172.217.169.54:443

i.ytimg.com

tls

5.2kB
146.1kB
69
118
172.217.169.54:443

i.ytimg.com

tls

799 B
5.5kB
7
8
172.217.169.54:443

i.ytimg.com

tls

971 B
5.5kB
11
9
172.217.169.66:443

googleads.g.doubleclick.net

tls

1.9kB
7.0kB
17
20
216.58.201.102:443

static.doubleclick.net

tls

1.5kB
6.2kB
12
14
142.250.187.238:443

play.google.com

tls

1.7kB
8.4kB
18
16
74.125.111.137:443

rr4---sn-4g5edn6k.googlevideo.com

tls

26.7kB
901.5kB
310
644
74.125.111.137:443

rr4---sn-4g5edn6k.googlevideo.com

tls

3.5kB
75.6kB
30
58
142.250.187.238:443

play.google.com

tls

2.4kB
8.9kB
15
18
142.250.187.225:443

yt3.ggpht.com

tls

1.8kB
13.7kB
16
18

224.0.0.251:5353

4.8kB
23
1.1.1.1:53

lalabanda.com

dns

59 B
132 B
1
1

DNS Request

lalabanda.com
1.1.1.1:53

www.google.com

dns

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

142.250.187.228
142.250.187.228:443

www.google.com

https

1.5kB
49 B
2
1
1.1.1.1:53

android.apis.google.com

dns

69 B
109 B
1
1

DNS Request

android.apis.google.com

DNS Response

172.217.16.238
1.1.1.1:53

ip-api.com

dns

56 B
72 B
1
1

DNS Request

ip-api.com

DNS Response

208.95.112.1
1.1.1.1:53

static.xx.fbcdn.net

dns

65 B
104 B
1
1

DNS Request

static.xx.fbcdn.net

DNS Response

157.240.214.11
1.1.1.1:53

m.youtube.com

dns

59 B
75 B
1
1

DNS Request

m.youtube.com

DNS Response

142.250.178.14
1.1.1.1:53

images-na.ssl-images-amazon.com

dns

77 B
263 B
1
1

DNS Request

images-na.ssl-images-amazon.com

DNS Response

151.101.129.16

151.101.1.16

151.101.193.16

151.101.65.16
1.1.1.1:53

en.m.wikipedia.org

dns

64 B
109 B
1
1

DNS Request

en.m.wikipedia.org

DNS Response

185.15.59.224
1.1.1.1:53

a.espncdn.com

dns

59 B
170 B
1
1

DNS Request

a.espncdn.com

DNS Response

104.86.110.176

2.18.66.227
1.1.1.1:53

s.yimg.com

dns

56 B
127 B
1
1

DNS Request

s.yimg.com

DNS Response

87.248.114.11

87.248.114.12
1.1.1.1:53

ir.ebaystatic.com

dns

63 B
187 B
1
1

DNS Request

ir.ebaystatic.com

DNS Response

2.23.161.98
1.1.1.1:53

www.instagram.com

dns

63 B
114 B
1
1

DNS Request

www.instagram.com

DNS Response

163.70.147.174
1.1.1.1:53

www.google.com

dns

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

142.250.187.228
1.1.1.1:53

update.googleapis.com

dns

67 B
83 B
1
1

DNS Request

update.googleapis.com

DNS Response

142.250.200.3
1.1.1.1:53

tmwnymvlmtbxq

dns

59 B
134 B
1
1

DNS Request

tmwnymvlmtbxq
1.1.1.1:53

yammvsdskyfhd

dns

59 B
134 B
1
1

DNS Request

yammvsdskyfhd
1.1.1.1:53

vksxziorcq

dns

56 B
131 B
1
1

DNS Request

vksxziorcq
1.1.1.1:53

safebrowsing.googleapis.com

dns

73 B
89 B
1
1

DNS Request

safebrowsing.googleapis.com

DNS Response

142.250.187.234
1.1.1.1:53

accounts.google.com

dns

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

74.125.71.84
1.1.1.1:53

www.youtube.com

dns

61 B
335 B
1
1

DNS Request

www.youtube.com

DNS Response

142.250.200.14

172.217.169.46

172.217.169.78

216.58.204.78

216.58.212.238

142.250.187.238

142.250.180.14

142.250.200.46

142.250.187.206

216.58.201.110

142.250.179.238

216.58.213.14

142.250.178.14

216.58.212.206

172.217.16.238
1.1.1.1:53

gstatic.com

dns

57 B
1

DNS Request

gstatic.com
1.1.1.1:53

gstatic.com

dns

57 B
73 B
1
1

DNS Request

gstatic.com

DNS Response

216.58.212.227
1.1.1.1:53

jnn-pa.googleapis.com

dns

67 B
307 B
1
1

DNS Request

jnn-pa.googleapis.com

DNS Response

172.217.169.42

216.58.213.10

142.250.187.202

172.217.169.74

216.58.201.106

216.58.204.74

172.217.16.234

216.58.212.202

142.250.200.42

142.250.200.10

216.58.212.234

142.250.179.234

142.250.180.10

142.250.178.10

142.250.187.234
1.1.1.1:53

consent.youtube.com

dns

65 B
81 B
1
1

DNS Request

consent.youtube.com

DNS Response

216.58.212.238
1.1.1.1:53

i.ytimg.com

dns

57 B
281 B
1
1

DNS Request

i.ytimg.com

DNS Response

172.217.169.54

142.250.187.246

216.58.201.118

216.58.212.214

142.250.200.54

172.217.169.86

216.58.204.86

142.250.187.214

142.250.200.22

142.250.180.22

172.217.169.22

142.250.179.246

142.250.178.22

172.217.16.246
1.1.1.1:53

googleads.g.doubleclick.net

dns

73 B
89 B
1
1

DNS Request

googleads.g.doubleclick.net

DNS Response

172.217.169.66
1.1.1.1:53

static.doubleclick.net

dns

68 B
84 B
1
1

DNS Request

static.doubleclick.net

DNS Response

216.58.201.102
1.1.1.1:53

play.google.com

dns

61 B
77 B
1
1

DNS Request

play.google.com

DNS Response

142.250.187.238
1.1.1.1:53

rr4---sn-4g5edn6k.googlevideo.com

dns

79 B
125 B
1
1

DNS Request

rr4---sn-4g5edn6k.googlevideo.com

DNS Response

74.125.111.137
1.1.1.1:53

yt3.ggpht.com

dns

59 B
120 B
1
1

DNS Request

yt3.ggpht.com

DNS Response

142.250.187.225

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Hide Artifacts

T1628

Suppress Application Icon

T1628.001

Input Injection

T1516

Credential Access

Discovery

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Screen Capture

T1513

Command and Control

Exfiltration

Impact

Input Injection

T1516

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.wife.dizzy/app_DynamicOptDex/KCFj.json

Filesize
1.3MB

MD5
f84f5fda1df953a8fbe24c17bacdf3ae

SHA1
044b7ca9f5988e175bea21312e81043aa17c9027

SHA256
e31d73a78d821a4ee86e55c77432c3c52ef01a8cb7be18fda83faf50772f7ffa

SHA512
0fb2a6900c79f673df5089ead0bfbbff7582cd17c0094cff3c90cfab2e2f64eb3b1d0ceebb70f6df113b7a68ae13e837477a3e9512efa33530901ccff52bbfd7

Download Submit
/data/data/com.wife.dizzy/app_DynamicOptDex/KCFj.json

Filesize
115KB

MD5
2d517260c7d5da9f044841c96fef77cf

SHA1
0c1b54c115b52ad84aef9d4b5befe2085d0a529f

SHA256
0f98b487a0592a3b9378028da86f3778669e4fd8a76acd9564d7717db5473fef

SHA512
0a987c0bcdb16d3cda6e3621167296706f5418c027f22ac4ada00e2684aa93a7ca7da0fe9e785ab95e836808ea679e5aa341adc7f3174f2e9d919cfacca39f78

Download Submit
/data/data/com.wife.dizzy/app_DynamicOptDex/oat/KCFj.json.cur.prof

Filesize
1KB

MD5
5b751f7cf225c81c15088861992b7ab0

SHA1
e5811fdebce674b3c8475ac8cd6f0202d1300c7e

SHA256
bc003d79e1b6907b42b11eb85291892e674b36077c01d3406ecabf3ce35873fe

SHA512
a55f2d5174f565d900243d4d9d92788c0cb8de4d530b8385cadc221f89b007f987c0e882ec04ba141806e0888531da5b20809b756bbe97468661ed474309a119

Download Submit
/data/data/com.wife.dizzy/app_DynamicOptDex/oat/KCFj.json.cur.prof

Filesize
1KB

MD5
e3408990526b863bc01adbbd1971b8a7

SHA1
eb378071b019c05e60c289bdccc41f394e4844ff

SHA256
cb2a51d12c2dc2b293676a8407b12224b0b14a8634ff28310831df92e87d419d

SHA512
bb2069ccea9d04e791ffaf52956dc06501ad719e048eceb3c324faeb027872c1c4b7d1876c9afd90aff933a233cfabf44e8393b4fb96e23edda6252bd58f4a71

Download Submit
/data/user/0/com.wife.dizzy/app_DynamicOptDex/KCFj.json

Filesize
3.6MB

MD5
7135f1564d788d4f037d1fce183fb480

SHA1
d0b34f23799c14770a8b5fc1f1a1d81697bb6f53

SHA256
df7bbead42e925c5b6b349c89c5fa85b8dbd113317acf05fed32243b4827f6b3

SHA512
d4ad950737096138a221850f58180962b5a29e81b4b6866f041f2ca7d3b0d03a2262ce7e081eb71c72d28c057e760521bb986136729be506b934f44ec04ebea2

Download Submit

Analysis

Sharing

General

Malware Config

Extracted

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.