hydra | 78d97e56b62a69a14febd66d7b4e9e981a8ddf0771ffdfae8db7bd68a2ff15b6

Resubmissions

01-08-2021 06:03

210801-lda7ervm9x 10

01-08-2021 06:01

210801-av1pnzgzw6 10

Analysis

max time kernel
5350s
platform
android_x86
resource
android-x86-arm
submitted
01-08-2021 06:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

26453_Video_Oynatıcı.apk
Size

2.6MB
MD5

662b452b490d5c18d14acfa19d35a96e
SHA1

a66b8869b84bac5662c34359ce20d7e6006cad4e
SHA256

78d97e56b62a69a14febd66d7b4e9e981a8ddf0771ffdfae8db7bd68a2ff15b6
SHA512

6377e7bd773227b2d45d29626344ac7cbac4e104a57f19e369b1a18520cfdde6660dfb53f5fbe1a8845c425c38b641bb8f9e11f40060af8e270f56767a787d5c

Score

10^/10

hydra banker infostealer obfuscation trojan

Malware Config

Signatures

Hydra
Android banker and info stealer.
banker trojan infostealer hydra

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

Processes:

/system/bin/dex2oatcom.loducwqi.ocuxbeu

ioc	pid	process
/data/user/0/com.loducwqi.ocuxbeu/code_cache/secondary-dexes/base.apk.classes1.zip	4763	/system/bin/dex2oat
/data/user/0/com.loducwqi.ocuxbeu/code_cache/secondary-dexes/base.apk.classes1.zip	4727	com.loducwqi.ocuxbeu

Requests enabling of the accessibility settings. 1 IoCs

Processes:

com.loducwqi.ocuxbeu

description ioc process

Intent action android.settings.ACCESSIBILITY_SETTINGS com.loducwqi.ocuxbeu
Uses reflection 1 IoCs
obfuscation

Processes:

com.loducwqi.ocuxbeu

description pid process

Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE 4727 com.loducwqi.ocuxbeu

description	ioc	process
Intent action	android.settings.ACCESSIBILITY_SETTINGS	com.loducwqi.ocuxbeu

description	pid	process
Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE	4727	com.loducwqi.ocuxbeu

com.loducwqi.ocuxbeu
1⤵
- Loads dropped Dex/Jar
- Requests enabling of the accessibility settings.
- Uses reflection
PID:4727
- com.loducwqi.ocuxbeu
  2⤵
  PID:4763
- /system/bin/dex2oat
  2⤵
  - Loads dropped Dex/Jar
  PID:4763

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.loducwqi.ocuxbeu/code_cache/secondary-dexes/MultiDex.lock

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/code_cache/secondary-dexes/base.apk.classes1.zip

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/code_cache/secondary-dexes/base.apk.classes1.zip

MD5
9815bbb9d9350898f681f890097a498c

SHA1
b0b8b63f06aa4579f6333088b2c46ed801826afa

SHA256
ec8a90cc4cd49c0898a929b4822e2e6331dfacbe1cd9eb93dbdc85fd893c9461

SHA512
f93a786892b559539a266448682773fe1db2319396939aea745af1ad35ad0ce1fdd4d8d33c5d26918e70481fe7d2ed1bd54d5730579b40d9fcb2c8eb43f4bfca

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/code_cache/secondary-dexes/base.apk.classes1.zip.x86.flock

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/code_cache/secondary-dexes/oat/x86/base.apk.classes1.odex

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/code_cache/secondary-dexes/oat/x86/base.apk.classes1.vdex

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/code_cache/secondary-dexes/tmp-base.apk.classes3982077481865397519.zip

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/shared_prefs/multidex.version.xml

MD5
e054aa5e58c3d2d37bd062082dca7de9

SHA1
c54fdc2937f5b22338cc284167bd597d4cdba2d8

SHA256
d72f9c4569cf3202ef3af311c35ead05d50e2e2dc159e8940e601bbec7ddc89d

SHA512
b0c6a8c48e79b211e4e2e5695a4ce676fa85d4b23f847f05699c31797f1423fb1148ae92e12ba4bf74a415ce75d5e2b983ef1850da7db711bc9be20a66528929

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/shared_prefs/pref_name_setting.xml

MD5
09347509a391034970e911142d170083

SHA1
6ff48deaca19215dc8eefc429fc94c7d24adf22e

SHA256
b589dc3eb0cb7f24f5545a0a48acf4f0487dc1bd4a36f63b9cc9f076244a28cf

SHA512
d924ec20cf1f884dda5aa7cdea5856a126b25f24f6b16bc69bb3eaf4e3a765554dd5208721986d37342e12ec8f5379d9c348580dae92d2da053cd53183b647c5

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/shared_prefs/pref_name_setting.xml

MD5
e911ca90797aff501fa87dcfb6bc4045

SHA1
4be603837bb442cfa8e84c4b35b0585c1c878519

SHA256
5463d77386fd4679afff189b332abbae4b09fa948b278b18151ebb3d3d4bd67e

SHA512
d94565988852130c7fd60a78947383fc05b55c2fbdaa838d8116457af6f3091a1c72ca327a3242b8428b894e6a7657f84a4a7cc41d5f10f77bc23bb0a681d42b

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/shared_prefs/pref_name_setting.xml

MD5
50d93032527ce96c98d2fe616edc2cd9

SHA1
72b700e714b4d5c7eada14ea10a69c2c5c2fce03

SHA256
8854bd4c080b8ebe2ac75aca115e6f5aa7af14b8e0a9a9e193ad7a57af09a4e6

SHA512
ba816098f1be378aa8d181579838212bedd529cb1633ebb2c85cb2d27f8912413f01c07554b1d6002343a2b2cfcdc1894c69d856b72849d49ad7f513c92debb6

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/shared_prefs/pref_name_setting.xml

MD5
8d61e5ac6b466071247a78e08f01e523

SHA1
841cef9837bf2bbaa6c567e2d38d49cce717bbe0

SHA256
29735e743d4ae015af564f049e95b91c842166e148c2698f960d6d4dcb4a799b

SHA512
eecf0d6e879d68dca39f351b94949b80b350df9931df10830d2c6cfdf3ac0852191b249186adcfbfe620677a5c3a7c87f97e80a5a2d32a1d4e535be0de8325f3

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/shared_prefs/pref_name_setting.xml

MD5
4e4b72d2ef0abb6265b11d0feadf64f8

SHA1
51498c3103fca52cb1ee6ceb7b4368161e60a349

SHA256
f17114d24a5457f694e25d376a737792fcd05f4160fcbe656061c6befc2fa2a8

SHA512
3a0b8d39a5562919bd21992b2b3e37dcdc39fcba507e8883a2a54ccec12f0b4d68476478b6582e72216d1858f1603861c1cf6d47cbfd1b66754287a4d9070574

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/shared_prefs/prefs30.xml

MD5
2703c2433242eb7df82f8725f8aded17

SHA1
adb4d1155aba8bc80540bf8505c67b2413ab3169

SHA256
bd6689dfd67939fc6a7b08bc76ce0e831559b29bf774e9e85bf6a6a6e191a505

SHA512
9714034f5ad7ea6d5db46221f21f76b48fd3af46e412ac78af04fd57fa419756a8212c8f6c41dcca0f524a535387d98c6b31c8dd364090f6b95c50471cfb9f89

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/shared_prefs/prefs30.xml

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit