hydra | f9a4dd42e1694b390c2c6e02b25c7cbf57947ab28aeea1f67ed54bc09de422d7

Resubmissions

30-07-2021 12:31

210730-tr61sakqpe 10

30-07-2021 12:28

210730-6jgqmjgpse 10

Analysis

max time kernel
4150785s
platform
android_x86
resource
android-x86-arm
submitted
30-07-2021 12:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

79624_Video_Oynatıcı.apk
Size

2.6MB
MD5

44c91f91f4c8904e7b21076d2d95fc42
SHA1

1f23ebc8c338f0ac6a42105c4dedd04b157e26f4
SHA256

f9a4dd42e1694b390c2c6e02b25c7cbf57947ab28aeea1f67ed54bc09de422d7
SHA512

347429dfef6a5dc1cac9454f65025c46124610910895337a68271c236ce7c105eb5773572ba01d4c80b2e1809089f249191980b07ffed15b4d2745647a202926

Score

10^/10

hydra banker infostealer obfuscation trojan

Malware Config

Signatures

Hydra
Android banker and info stealer.
banker trojan infostealer hydra

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

Processes:

/system/bin/dex2oatcom.axvfqumr.gzlamtk

ioc	pid	process
/data/user/0/com.axvfqumr.gzlamtk/code_cache/secondary-dexes/base.apk.classes1.zip	4839	/system/bin/dex2oat
/data/user/0/com.axvfqumr.gzlamtk/code_cache/secondary-dexes/base.apk.classes1.zip	4799	com.axvfqumr.gzlamtk

Requests enabling of the accessibility settings. 1 IoCs

Processes:

com.axvfqumr.gzlamtk

description ioc process

Intent action android.settings.ACCESSIBILITY_SETTINGS com.axvfqumr.gzlamtk
Uses reflection 1 IoCs
obfuscation

Processes:

com.axvfqumr.gzlamtk

description pid process

Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE 4799 com.axvfqumr.gzlamtk

description	ioc	process
Intent action	android.settings.ACCESSIBILITY_SETTINGS	com.axvfqumr.gzlamtk

description	pid	process
Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE	4799	com.axvfqumr.gzlamtk

com.axvfqumr.gzlamtk
1⤵
- Loads dropped Dex/Jar
- Requests enabling of the accessibility settings.
- Uses reflection
PID:4799

com.axvfqumr.gzlamtk
2⤵
PID:4839

/system/bin/dex2oat
2⤵
- Loads dropped Dex/Jar
PID:4839

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.axvfqumr.gzlamtk/code_cache/secondary-dexes/MultiDex.lock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.axvfqumr.gzlamtk/code_cache/secondary-dexes/base.apk.classes1.zip

Download Submit
/data/user/0/com.axvfqumr.gzlamtk/code_cache/secondary-dexes/base.apk.classes1.zip
MD5
f7945f81390b495e05f61be39a262e67

SHA1
04eb9ba4f6ead54a30c60a9acbea11611b52c33e

SHA256
e3a0ab466ca39a2a922ba08705e5e97abe6aaaec1c012113c18d11ce510b534c

SHA512
d266c57794dec4f734d16836d30a6a857f22be61bcc743890cab02a4f32a115c2e8be8c9e4785bb3740063de38d5aaa9ff93f0be1eb13e3ca7146a2e31a9d4f8

Download Submit
/data/user/0/com.axvfqumr.gzlamtk/code_cache/secondary-dexes/base.apk.classes1.zip.x86.flock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.axvfqumr.gzlamtk/code_cache/secondary-dexes/oat/x86/base.apk.classes1.odex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.axvfqumr.gzlamtk/code_cache/secondary-dexes/oat/x86/base.apk.classes1.vdex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.axvfqumr.gzlamtk/code_cache/secondary-dexes/tmp-base.apk.classes8665582525320896408.zip
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.axvfqumr.gzlamtk/shared_prefs/multidex.version.xml
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.axvfqumr.gzlamtk/shared_prefs/pref_name_setting.xml
MD5
4662cf415a8c0c794ed6a77fba5d93b6

SHA1
757d5862c29825388865e6a1382cba23aca3af14

SHA256
a18b418d8d3d18a7d2b0ec591149591bf58b0e688e39acbbd24307f0ed8bb376

SHA512
b1b8bfee9c2396efcf004ebd22dc97120b7c05c398ea57e54470ef5425e9aa76f301029c43bebae0deeba53a9787dfaf8ba3acb766c9459730566b8c8eaa1982

Download Submit
/data/user/0/com.axvfqumr.gzlamtk/shared_prefs/pref_name_setting.xml
MD5
2ba8748970269cd8d530403e580efd06

SHA1
a30e8d7a3e1e08b776a08c8012650efe6f101e94

SHA256
e9db41a0106d77c9774645e882d11f42a4c627a3b260e6e0a80dd848bf48ac59

SHA512
e76456a57a9c8cc021cdec3dad4a59d74c07e1e9c985e209e64428325526cf9c3fbe6f10a05182ee84b576879f9c03d6201e7d28dc274a25d3180d4662ecb1fb

Download Submit
/data/user/0/com.axvfqumr.gzlamtk/shared_prefs/pref_name_setting.xml
MD5
0875f2d5abddebb74c6a7144ca3feaac

SHA1
9a879d947d7d3ffa928df08af25bdcd0f67797c8

SHA256
bebb2ac2bd8035ad826fa92bf3d76054efe228859a2c84cd1b3d264471759ef5

SHA512
ab6c960cfeb22beda5dfa39454940c26cc12d246e5b8ecd7b7958be7d614fe70e0e99aba4fc5591a6f47a2380e50e705160353b6422707be7a4e26fec1ed589b

Download Submit
/data/user/0/com.axvfqumr.gzlamtk/shared_prefs/prefs30.xml
MD5
1c6b6a6a91f2ccf7ac553f9a439ad69e

SHA1
270b45bc1c3255f95fecf8bfa85f7dbfc8fb5748

SHA256
a7958ee3107cac53056bac67328f317cf9e3aaf4533e1072f0c4f0334ebbffa6

SHA512
8a61fcab1bc82977f72af693d4a749ad41df81a9a9c6eaafee0f4ffd36a34f069a259c6b20046a8bce58a6eab526df122cb82e8d093be73cf5ff9d41e489bf8e

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads