Overview

overview

10

Static

static

8

Android APK

android_x64

10

Analysis

  • max time kernel
    3793242s
  • max time network
    115s
  • platform
    android_x64
  • resource
    android-x64-arm64
  • submitted
    26-07-2021 09:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Telekom-Netz.apk

  • Size

    4.8MB

  • MD5

    7e0fb2f9a44f5f0fd16b13a057073c4a

  • SHA1

    a05f51771024502c146840cd976007fa53c09ed1

  • SHA256

    65f49dd1523e0e28ff85f339142b6f36e36203e88ae969ef6e8fb8d3e48c171c

  • SHA512

    0909a1a7d883022f6afbfab5decc3841f8a1b0d0c993fb5730656eef38ee321cae2dcdf32cf11ce3650bdf33bc96f63803a424c104358131f76a9e629c224792

Score
10/10
hydrabankerinfostealerobfuscationtrojan

Malware Config

Extracted

Family

hydra

C2

https://sendmehere.site

Signatures

  • Hydra

    Android banker and info stealer.

    bankertrojaninfostealerhydra
  • Hydra Payload 1 IoCs
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses reflection 3 IoCs
    obfuscation

Processes

  • fork.walk.elder
    1⤵
    • Loads dropped Dex/Jar
    • Uses reflection
    PID:4313

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/fork.walk.elder/app_DynamicOptDex/oat/orQR.json.cur.prof
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/fork.walk.elder/app_DynamicOptDex/orQR.json
    MD5

    45de85b6580748f906d9faf838cd921d

    SHA1

    613828b6262d81e86d50faf276f80ff0aa4cb506

    SHA256

    16ee8ff9501e199e184430c5203d23f2f5e0ceec89da579dc2bb0cf9c33850ab

    SHA512

    64bc690be7856b7d9cf696403d37f601d8dbefabc454e5e3d15733cc10365d82e89758c82b398e19c7d50f08abddfc349e5a3b33b781757fe4427192c8e1374a

    Download Submit

  • /data/user/0/fork.walk.elder/app_DynamicOptDex/orQR.json
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/fork.walk.elder/app_DynamicOptDex/orQR.json
    MD5

    6f038f3787e42510e4173ca1aae2e115

    SHA1

    3e97fe2e94cdde996ecac2ae167062328b78acce

    SHA256

    326b4f05011f0638e00136b69006f19abda44f00a8bfd0a3dea710eb20e47374

    SHA512

    754a339a52ef94427c4871f27293910353daab9cbc001ceea9406d2b8ce9efbfcaf43629395df28d6f43de4d1be4f5cc16e0b7aea9b2d749380ff210ac033120

    Download Submit

  • /data/user/0/fork.walk.elder/shared_prefs/pref_name_setting.xml
    MD5

    5684d3b5f0e70efebfa5005f8358f443

    SHA1

    5ded1c10d227467e75071c83a0e919c614d6f442

    SHA256

    f2438cf035b67a3119c5f69277f09e584ca268ebe2bcffc8c20a092b6c549414

    SHA512

    172f622bb9ab0b4d552fca7c7ed578a66a08ce58d9dd23a539fe49406406ecc2e27a5bf8dc9208076ba0eb16271989a75b910086e890e6b9fc4a91fdcc3e0000

    Download Submit

  • /data/user/0/fork.walk.elder/shared_prefs/pref_name_setting.xml
    MD5

    4de7b3699ecfa6df394477159d6033e9

    SHA1

    b64118fb746248b14b25fd1730f85ad46bb02b61

    SHA256

    24468d9af4c39f19974a2c2aed499e580ab273f2366c6b892f4680d116c52042

    SHA512

    2e6049e90c84044d25674556b3040930a557a3a9e75cdb69b295ac7beeeab8563938c34419fc66a89c88dce7e868ad51a3ced73aef22486c7cacb0356f92b14c

    Download Submit

  • /data/user/0/fork.walk.elder/shared_prefs/prefs30.xml
    MD5

    1c6b6a6a91f2ccf7ac553f9a439ad69e

    SHA1

    270b45bc1c3255f95fecf8bfa85f7dbfc8fb5748

    SHA256

    a7958ee3107cac53056bac67328f317cf9e3aaf4533e1072f0c4f0334ebbffa6

    SHA512

    8a61fcab1bc82977f72af693d4a749ad41df81a9a9c6eaafee0f4ffd36a34f069a259c6b20046a8bce58a6eab526df122cb82e8d093be73cf5ff9d41e489bf8e

    Download Submit