General

  • Target

    c37ae32cd4bcce93797535082e2080a2

  • Size

    3.0MB

  • Sample

    240312-qpcxqabh66

  • MD5

    c37ae32cd4bcce93797535082e2080a2

  • SHA1

    ae84294f83e45c8a9180cb6a0e658181fdee62fc

  • SHA256

    2b305310db25d5ac714d4e5df898fa336e0bb3b86039b42ea37762f00956b3ff

  • SHA512

    6b1005ce7b3749d94126be73e926bfea988a3961a95a493bb879e3efaea93b62936a13589c063601fda32cc1403b0b9639661dfe7183bb395c6d23c431f6506e

  • SSDEEP

    49152:4MZfhiOsnVv0VdpuowM1EqMz3KDH8ZEesJfZhANAZdo5R0fe5Cn5z5Fa/SPxAqw5:4Qf9aVv0Vd8JQMmDcZsfZhu6o5K44rFq

Malware Config

Targets

    • Target

      c37ae32cd4bcce93797535082e2080a2

    • Size

      3.0MB

    • MD5

      c37ae32cd4bcce93797535082e2080a2

    • SHA1

      ae84294f83e45c8a9180cb6a0e658181fdee62fc

    • SHA256

      2b305310db25d5ac714d4e5df898fa336e0bb3b86039b42ea37762f00956b3ff

    • SHA512

      6b1005ce7b3749d94126be73e926bfea988a3961a95a493bb879e3efaea93b62936a13589c063601fda32cc1403b0b9639661dfe7183bb395c6d23c431f6506e

    • SSDEEP

      49152:4MZfhiOsnVv0VdpuowM1EqMz3KDH8ZEesJfZhANAZdo5R0fe5Cn5z5Fa/SPxAqw5:4Qf9aVv0Vd8JQMmDcZsfZhu6o5K44rFq

    • Hydra

      Android banker and info stealer.

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks