hydra | 78d97e56b62a69a14febd66d7b4e9e981a8ddf0771ffdfae8db7bd68a2ff15b6

Resubmissions

01-08-2021 06:03

210801-lda7ervm9x 10

01-08-2021 06:01

210801-av1pnzgzw6 10

Analysis

max time kernel
5141s
platform
android_x86
resource
android-x86-arm
submitted
01-08-2021 06:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

26453_Video_Oynatıcı.apk
Size

2.6MB
MD5

662b452b490d5c18d14acfa19d35a96e
SHA1

a66b8869b84bac5662c34359ce20d7e6006cad4e
SHA256

78d97e56b62a69a14febd66d7b4e9e981a8ddf0771ffdfae8db7bd68a2ff15b6
SHA512

6377e7bd773227b2d45d29626344ac7cbac4e104a57f19e369b1a18520cfdde6660dfb53f5fbe1a8845c425c38b641bb8f9e11f40060af8e270f56767a787d5c

Score

10^/10

hydra banker infostealer obfuscation trojan

Malware Config

Signatures

Hydra
Android banker and info stealer.
banker trojan infostealer hydra

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

Processes:

/system/bin/dex2oatcom.loducwqi.ocuxbeu

ioc	pid	process
/data/user/0/com.loducwqi.ocuxbeu/code_cache/secondary-dexes/base.apk.classes1.zip	5061	/system/bin/dex2oat
/data/user/0/com.loducwqi.ocuxbeu/code_cache/secondary-dexes/base.apk.classes1.zip	5033	com.loducwqi.ocuxbeu

Requests enabling of the accessibility settings. 1 IoCs

Processes:

com.loducwqi.ocuxbeu

description ioc process

Intent action android.settings.ACCESSIBILITY_SETTINGS com.loducwqi.ocuxbeu
Uses reflection 1 IoCs
obfuscation

Processes:

com.loducwqi.ocuxbeu

description pid process

Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE 5033 com.loducwqi.ocuxbeu

description	ioc	process
Intent action	android.settings.ACCESSIBILITY_SETTINGS	com.loducwqi.ocuxbeu

description	pid	process
Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE	5033	com.loducwqi.ocuxbeu

com.loducwqi.ocuxbeu
1⤵
- Loads dropped Dex/Jar
- Requests enabling of the accessibility settings.
- Uses reflection
PID:5033
- com.loducwqi.ocuxbeu
  2⤵
  PID:5061
- /system/bin/dex2oat
  2⤵
  - Loads dropped Dex/Jar
  PID:5061

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.loducwqi.ocuxbeu/code_cache/secondary-dexes/MultiDex.lock

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/code_cache/secondary-dexes/base.apk.classes1.zip

MD5
9ae8ccfc59065716293cbab93c2aafb1

SHA1
b57f63cb1542b105042d981be92b591c1aed210c

SHA256
3be9bc7c7ad894bca06b47f663d56f60f20429d5b810803fff33f321dfdaf85f

SHA512
ca41fa071520eff877fd5dd677cf24657860be47202822c0f27099aea30beb80964c63f2da179236db61a4048a93ee6974d40e6fd948856b7dda83e343ef2d0a

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/code_cache/secondary-dexes/base.apk.classes1.zip

MD5
9d88949f84d9c61c8d1a9401543d8613

SHA1
170f295ee783f4b420cc8693ebbbd6462a3fa89f

SHA256
ee8cf0a9a6b7608c6f23065362ccaedd3a551655d95f54d2543ba4fb7c9275d8

SHA512
4826387c8562b98f647324b6f82bccdca6f2205cbb748f0f69fc29bda6a7afaab0ce66d2c6f22bf183a04c9bef8524a1812db8d2380fce55733644f5694a58ad

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/code_cache/secondary-dexes/base.apk.classes1.zip.x86.flock

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/code_cache/secondary-dexes/oat/x86/base.apk.classes1.odex

MD5
be63395358cc3b0e16b66f294c476138

SHA1
f2d54377bf469cde65a60966e8a9de556a263d6c

SHA256
6055c58e269e55a9adc8558a6b1a7b7f482de7748bbd83a3ffcd5e624e2042bf

SHA512
b270679578494fbc0a29c8efea7ebb1b18a2ff6a03937f89c68fca835a7210b5b7f662e2d27e01d8f6118066aaa054de71ac5cab36c5e868ccfe4d6c25432c77

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/code_cache/secondary-dexes/oat/x86/base.apk.classes1.vdex

MD5
04454bf3acb6464f666efefca2e64471

SHA1
9d3e06702b18807c08496a75bcd60a354b51e596

SHA256
19ea461aca8e9ff82f7f2a8721b19833111e59372e7c1f5eb965d3d03a717505

SHA512
dff08a61d375f9c2220776e5a91c6972a9cf87ad3a8e60ea0b1d0634d9cf4cabe0203b44a5a9273b16180f299149f615a4d3c545306fe6ebe7821d705f42906a

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/code_cache/secondary-dexes/tmp-base.apk.classes1100892912730807558.zip

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/shared_prefs/multidex.version.xml

MD5
48ab2d648b583d69bd67ce009b23b966

SHA1
d5a02eab107d4e6eb285b1955625b4bb77aee33e

SHA256
a170466f96abbdf1f575662b661d1dc3ba0199b7e8710eecbca2b2aad86f8091

SHA512
1367e7528a9e661e9d44463f78ca3df10c5c659687f02438ff23b68760d4bc469aeaeedae0dd3f774a688fc68480e65e626606ceda665328b8bbd42fe44404d6

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/shared_prefs/pref_name_setting.xml

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/shared_prefs/pref_name_setting.xml

MD5
86755f77c0d839bf4e0ae8bd955e765d

SHA1
2dc05952924988be6eb79fdf136809b7c8906dfe

SHA256
24aa17194bfb7414c699f24c5db86373e493ae7885fba1f4c642a13958f148f4

SHA512
05d2b96445c97416f64c7c9465dc4f0c11e1fa81f0ee88c0b40f84699aacaa3bd26e654923337cb1202b191bc32d359c4f76d6f0d17ae187e5dacee531ba09ff

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/shared_prefs/pref_name_setting.xml

MD5
038c02e73576e1103dea08160280a890

SHA1
8d591cb8bca55d2509293376ccfd951a864339ad

SHA256
fc7558e15962fba32ff67d2bee33604d671790eb52bf78a03e168358da82354f

SHA512
ce49b7fb4578928fd82be4ff31c2265684080874e8ab30d0c0c4e36769a4125701d9bf3f610fd4896174f8e1821fcf40969aa86b3c03c7902fc071ff06647907

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/shared_prefs/prefs30.xml

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit