hydra | f9a4dd42e1694b390c2c6e02b25c7cbf57947ab28aeea1f67ed54bc09de422d7

Resubmissions

30-07-2021 12:31

210730-tr61sakqpe 10

30-07-2021 12:28

210730-6jgqmjgpse 10

Analysis

max time kernel
4150542s
platform
android_x86
resource
android-x86-arm
submitted
30-07-2021 12:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

79624_Video_Oynatıcı.apk
Size

2.6MB
MD5

44c91f91f4c8904e7b21076d2d95fc42
SHA1

1f23ebc8c338f0ac6a42105c4dedd04b157e26f4
SHA256

f9a4dd42e1694b390c2c6e02b25c7cbf57947ab28aeea1f67ed54bc09de422d7
SHA512

347429dfef6a5dc1cac9454f65025c46124610910895337a68271c236ce7c105eb5773572ba01d4c80b2e1809089f249191980b07ffed15b4d2745647a202926

Score

10^/10

hydra banker infostealer obfuscation trojan

Malware Config

Signatures

Hydra
Android banker and info stealer.
banker trojan infostealer hydra

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

Processes:

/system/bin/dex2oatcom.axvfqumr.gzlamtk

ioc	pid	process
/data/user/0/com.axvfqumr.gzlamtk/code_cache/secondary-dexes/base.apk.classes1.zip	4775	/system/bin/dex2oat
/data/user/0/com.axvfqumr.gzlamtk/code_cache/secondary-dexes/base.apk.classes1.zip	4729	com.axvfqumr.gzlamtk

Requests enabling of the accessibility settings. 1 IoCs

Processes:

com.axvfqumr.gzlamtk

description ioc process

Intent action android.settings.ACCESSIBILITY_SETTINGS com.axvfqumr.gzlamtk
Uses reflection 1 IoCs
obfuscation

Processes:

com.axvfqumr.gzlamtk

description pid process

Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE 4729 com.axvfqumr.gzlamtk

description	ioc	process
Intent action	android.settings.ACCESSIBILITY_SETTINGS	com.axvfqumr.gzlamtk

description	pid	process
Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE	4729	com.axvfqumr.gzlamtk

com.axvfqumr.gzlamtk
1⤵
- Loads dropped Dex/Jar
- Requests enabling of the accessibility settings.
- Uses reflection
PID:4729

com.axvfqumr.gzlamtk
2⤵
PID:4775

/system/bin/dex2oat
2⤵
- Loads dropped Dex/Jar
PID:4775

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.axvfqumr.gzlamtk/code_cache/secondary-dexes/MultiDex.lock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.axvfqumr.gzlamtk/code_cache/secondary-dexes/base.apk.classes1.zip
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.axvfqumr.gzlamtk/code_cache/secondary-dexes/base.apk.classes1.zip
MD5
009d5aa9ade8b7626144887eb356749a

SHA1
0c90de0b01b9ed510e7bb9141f805c2be0958b4e

SHA256
e77620c9f4e3057cd9726edfd9a8d54059826b4a11d38ba0d9cb37caf250a030

SHA512
2b8a9654345df31714e89017d3832c152a1abdcd8a0729a5762405d31960ac7ff81e188481600c78081690cb082c967423c6a1e6d8dbb81773ac5c07e0a23db6

Download Submit
/data/user/0/com.axvfqumr.gzlamtk/code_cache/secondary-dexes/base.apk.classes1.zip.x86.flock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.axvfqumr.gzlamtk/code_cache/secondary-dexes/oat/x86/base.apk.classes1.odex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.axvfqumr.gzlamtk/code_cache/secondary-dexes/oat/x86/base.apk.classes1.vdex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.axvfqumr.gzlamtk/code_cache/secondary-dexes/tmp-base.apk.classes4309444463039259700.zip
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.axvfqumr.gzlamtk/shared_prefs/multidex.version.xml
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.axvfqumr.gzlamtk/shared_prefs/pref_name_setting.xml
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.axvfqumr.gzlamtk/shared_prefs/pref_name_setting.xml
MD5
e134c9eefab6287f907cde730b6b022a

SHA1
30dff918cd01a5d2f4bdb23240b61d221a0792c8

SHA256
8932159554fa8f4e4950aff48653e82df933f0c8beb357811002c731736a39b0

SHA512
3eaac85c3e96301adc298cdb727d777205c0b3a2ea6e99ffbe27d130c788c5e9e44fe3e1a407236867bf71d709d6e45b83ad70c1fa4a14646889397f1ff51473

Download Submit
/data/user/0/com.axvfqumr.gzlamtk/shared_prefs/pref_name_setting.xml
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.axvfqumr.gzlamtk/shared_prefs/prefs30.xml
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads