Overview

overview

10

Static

static

6

f297915767...18.apk

android-9-x86

10

f297915767...18.apk

android-10-x64

10

f297915767...18.apk

android-11-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f2979157677fc7d394eebf9274546651_JaffaCakes118

  • Size

    3.1MB

  • Sample

    241215-gltavswjg1

  • MD5

    f2979157677fc7d394eebf9274546651

  • SHA1

    d8bab05fb8bb87a72a6fd699b1283d4939242ee8

  • SHA256

    a8c9c4f38f72cf8cd3cd819936f1c1ea9670541ded180327f7b096a3370f2186

  • SHA512

    4527f0905e04780ac8b1a5feb34c2e76010f89566f5507a4bbf7cf45e0f6c735caddbd8ce4d66573c2e06162c4adf42123c009bbc52fe1693983e0dca3946623

  • SSDEEP

    98304:vGYQyg+2RD7fCqx+wDbgHpADqYfanqgDlZIK:vGYTgRK4gJKqYSnvhOK

Score
10/10
hydraandroidbankercollectioncredential_accessdiscoveryevasioninfostealerpersistencetrojan

Malware Config

Targets

    • Target

      f2979157677fc7d394eebf9274546651_JaffaCakes118

    • Size

      3.1MB

    • MD5

      f2979157677fc7d394eebf9274546651

    • SHA1

      d8bab05fb8bb87a72a6fd699b1283d4939242ee8

    • SHA256

      a8c9c4f38f72cf8cd3cd819936f1c1ea9670541ded180327f7b096a3370f2186

    • SHA512

      4527f0905e04780ac8b1a5feb34c2e76010f89566f5507a4bbf7cf45e0f6c735caddbd8ce4d66573c2e06162c4adf42123c009bbc52fe1693983e0dca3946623

    • SSDEEP

      98304:vGYQyg+2RD7fCqx+wDbgHpADqYfanqgDlZIK:vGYTgRK4gJKqYSnvhOK

    Score
    10/10
    hydrabankercollectioncredential_accessdiscoveryevasioninfostealerpersistencetrojan

    • Hydra

      Android banker and info stealer.

      bankertrojaninfostealerhydra

    • Hydra family

      hydra

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

      collectionevasioncredential_access

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Queries information about active data network

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks