General

  • Target

    d1a5c66378309b76ab1bfc4369cc6394

  • Size

    3.3MB

  • Sample

    240317-xvp8kaea6z

  • MD5

    d1a5c66378309b76ab1bfc4369cc6394

  • SHA1

    ac88ee53a0b57e88e086e91bbaf9d27a94db6b48

  • SHA256

    33c1d6d89201c1edff15a2330d8db18a498bfd71421edf583dd9cf0325a3acbc

  • SHA512

    72e80300202e3d0ad2d7a706d191337986d1560d4305ff1a10d33b495516c02228a7907dce7dd341250fdb67a82d21fc3f6800aa3854f8223144bdb3da935b9d

  • SSDEEP

    49152:esb7wQ3ghrG8fEVI0SLvHA/a7JryCyO2V3ACcEEiXFSTb5AI5Wk+PGo0Apf:esnwNP0QvwCm3tFSHWvG5Apf

Malware Config

Targets

    • Target

      d1a5c66378309b76ab1bfc4369cc6394

    • Size

      3.3MB

    • MD5

      d1a5c66378309b76ab1bfc4369cc6394

    • SHA1

      ac88ee53a0b57e88e086e91bbaf9d27a94db6b48

    • SHA256

      33c1d6d89201c1edff15a2330d8db18a498bfd71421edf583dd9cf0325a3acbc

    • SHA512

      72e80300202e3d0ad2d7a706d191337986d1560d4305ff1a10d33b495516c02228a7907dce7dd341250fdb67a82d21fc3f6800aa3854f8223144bdb3da935b9d

    • SSDEEP

      49152:esb7wQ3ghrG8fEVI0SLvHA/a7JryCyO2V3ACcEEiXFSTb5AI5Wk+PGo0Apf:esnwNP0QvwCm3tFSHWvG5Apf

    • Hydra

      Android banker and info stealer.

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks