Overview

overview

10

Static

static

6

f754fdb148...18.apk

android-9-x86

10

f754fdb148...18.apk

android-10-x64

10

f754fdb148...18.apk

android-11-x64

10

Analysis

  • max time kernel
    154s
  • max time network
    135s
  • platform
    android_x64
  • resource
    android-x64-20240221-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system
  • submitted
    18-04-2024 05:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f754fdb148454e2aaeac021374e7cd03_JaffaCakes118.apk

  • Size

    3.0MB

  • MD5

    f754fdb148454e2aaeac021374e7cd03

  • SHA1

    5eaaca3b46cc0b7027c8cf5cb30be9d270315da3

  • SHA256

    1101d16bdbd021d03cec94ac05abce0498ea5766923ac060caf6fa5d95ba98ca

  • SHA512

    ad8579d62005d129e5428e080f75799ab82ebe0e191648a2607c04d4649e5b48770a29f49611a2745e9b24419e1d3c34de7cb381976bdc9593014256c19a3412

  • SSDEEP

    49152:9/gDaS7maqfziYeH0Yf4l1pEH4Ct45d93ByYO9RGy1kz/KqD533nzQ4HXu:9/gDaS6Jzq04yu3tU939O9RXk/pJW

Score
10/10
hydrabankercollectiondiscoveryevasioninfostealertrojan

Malware Config

Signatures

  • Hydra

    Android banker and info stealer.

    bankertrojaninfostealerhydra
  • Makes use of the framework's Accessibility service 2 TTPs 2 IoCs

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectionevasion
  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Looks up external IP address via web service 1 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Reads information about phone network operator. 1 TTPs
    discovery

Processes

  • com.mnjgllsx.thwzxxs
    1⤵
    • Makes use of the framework's Accessibility service
    • Loads dropped Dex/Jar
    PID:5027

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.mnjgllsx.thwzxxs/code_cache/secondary-dexes/tmp-base.apk.classes669931285701066863.zip
    Filesize

    378KB

    MD5

    a194c01b0f489e2d5d0852df137ef5a3

    SHA1

    c831f079afd7b663e9028757b432ce641b1eb5da

    SHA256

    d20457a00e796956f5fc6ae7629b31f573af8b301f2291d23c5da5377664089d

    SHA512

    4c9cde46f142d0a12a2f69c645f734d1069f946d4ced563122c5cebaf1ac60121039124fa7b23731a7ae9de6c6c24d6071c424a4215c213cc38dd3f55f9af3e7

    Download Submit
  • /data/user/0/com.mnjgllsx.thwzxxs/code_cache/secondary-dexes/base.apk.classes1.zip
    Filesize

    902KB

    MD5

    a61e3eeb358109c5524437c12145ae24

    SHA1

    8171bbcc8e2286bee417af43850d0acc7344af91

    SHA256

    441ceca064bfaf4dbc3640b69c692b4930b9ef7fc6ccc91abbd04a30468c27e7

    SHA512

    ea2ce8a0c0f188a33cca84ee4f6ef2c9c810bf2b91efdefce9302cf5b04eaab513682bd45412cafc9f82c299cbd28acba5d74cb9c6f2820d8051315d3d2a8cdd

    Download Submit