Overview

overview

10

Static

static

6

56520eabdb...18.apk

android-9-x86

10

56520eabdb...18.apk

android-10-x64

10

56520eabdb...18.apk

android-11-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    56520eabdbd97a436868305176e2d1ba_JaffaCakes118

  • Size

    3.0MB

  • Sample

    241018-jyl4esydpj

  • MD5

    56520eabdbd97a436868305176e2d1ba

  • SHA1

    08fbc7b29cd3e9b414e81ca65b4c51ef2cf77825

  • SHA256

    1c2695d5314b46ab77ff6ea879318161310d792f4e5339926bb0aa5dd5421bf6

  • SHA512

    b8d84cded022bf776b9939aa3abd868eca6c4f6f532a9de2ce1e99c35e33445c519b22f0a1ee90674145371d720c67de8430d208811c936b420171ea9bcf74de

  • SSDEEP

    49152:8/7yT/hx1qoB+bpbwdXe/w1arsCIauzN5t9PYUMf5MK28V4D9zwfsKt5Mt:8/+/DY++bp8dXe/w4sWCNRPYpHn0zwUF

Score
10/10
hydraandroidbankercollectioncredential_accessdiscoveryevasioninfostealerpersistencetrojan

Malware Config

Targets

    • Target

      56520eabdbd97a436868305176e2d1ba_JaffaCakes118

    • Size

      3.0MB

    • MD5

      56520eabdbd97a436868305176e2d1ba

    • SHA1

      08fbc7b29cd3e9b414e81ca65b4c51ef2cf77825

    • SHA256

      1c2695d5314b46ab77ff6ea879318161310d792f4e5339926bb0aa5dd5421bf6

    • SHA512

      b8d84cded022bf776b9939aa3abd868eca6c4f6f532a9de2ce1e99c35e33445c519b22f0a1ee90674145371d720c67de8430d208811c936b420171ea9bcf74de

    • SSDEEP

      49152:8/7yT/hx1qoB+bpbwdXe/w1arsCIauzN5t9PYUMf5MK28V4D9zwfsKt5Mt:8/+/DY++bp8dXe/w4sWCNRPYpHn0zwUF

    Score
    10/10
    hydrabankercollectioncredential_accessdiscoveryevasioninfostealerpersistencetrojan

    • Hydra

      Android banker and info stealer.

      bankertrojaninfostealerhydra

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

      collectionevasioncredential_access

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Queries information about active data network

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks