hydra | 78d97e56b62a69a14febd66d7b4e9e981a8ddf0771ffdfae8db7bd68a2ff15b6

Resubmissions

01-08-2021 06:03

210801-lda7ervm9x 10

01-08-2021 06:01

210801-av1pnzgzw6 10

Analysis

max time kernel
5331s
max time network
100s
platform
android_x64
resource
android-x64
submitted
01-08-2021 06:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

26453_Video_Oynatıcı.apk
Size

2.6MB
MD5

662b452b490d5c18d14acfa19d35a96e
SHA1

a66b8869b84bac5662c34359ce20d7e6006cad4e
SHA256

78d97e56b62a69a14febd66d7b4e9e981a8ddf0771ffdfae8db7bd68a2ff15b6
SHA512

6377e7bd773227b2d45d29626344ac7cbac4e104a57f19e369b1a18520cfdde6660dfb53f5fbe1a8845c425c38b641bb8f9e11f40060af8e270f56767a787d5c

Score

10^/10

hydra banker infostealer obfuscation trojan

Malware Config

Signatures

Hydra
Android banker and info stealer.
banker trojan infostealer hydra
Loads dropped Dex/Jar 1 IoCs
Runs executable file dropped to the device during analysis.

Processes:

com.loducwqi.ocuxbeu

ioc pid process

/data/user/0/com.loducwqi.ocuxbeu/code_cache/secondary-dexes/base.apk.classes1.zip 3648 com.loducwqi.ocuxbeu
Requests enabling of the accessibility settings. 1 IoCs

Processes:

com.loducwqi.ocuxbeu

description ioc process

Intent action android.settings.ACCESSIBILITY_SETTINGS com.loducwqi.ocuxbeu

ioc	pid	process
/data/user/0/com.loducwqi.ocuxbeu/code_cache/secondary-dexes/base.apk.classes1.zip	3648	com.loducwqi.ocuxbeu

description	ioc	process
Intent action	android.settings.ACCESSIBILITY_SETTINGS	com.loducwqi.ocuxbeu

Uses reflection 3 IoCs

obfuscation

Processes:

com.loducwqi.ocuxbeu

description	pid	process
Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE	3648	com.loducwqi.ocuxbeu
Acesses field javax.security.auth.x500.X500Principal.thisX500Name	3648	com.loducwqi.ocuxbeu
Acesses field javax.security.auth.x500.X500Principal.thisX500Name	3648	com.loducwqi.ocuxbeu

com.loducwqi.ocuxbeu
1⤵
- Loads dropped Dex/Jar
- Requests enabling of the accessibility settings.
- Uses reflection
PID:3648

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.loducwqi.ocuxbeu/code_cache/secondary-dexes/MultiDex.lock

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/code_cache/secondary-dexes/base.apk.classes1.zip

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/code_cache/secondary-dexes/tmp-base.apk.classes7041619464504746113.zip

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/shared_prefs/multidex.version.xml

MD5
ac88991c16b510bb513a6de10fb0747e

SHA1
f11ae7f0190ab01ec88b5ff5ff8597c57264daff

SHA256
64f5fc2a104b0241c75537d57abf3985860c87fa052c1e0d477acaee74bcfb39

SHA512
6df09af00dafd9c4c795cfb04b8eca151ea5ad78605d268e321cc102040086a64667b86c69b77e36730d374ea947883d4c279b7e02f736ea6156227efbe79b1e

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/shared_prefs/pref_name_setting.xml

MD5
dfc66a90dd46514575236c87d2a5a17b

SHA1
c93fffdfcc992b82fc700bd594401dfe543af744

SHA256
409c24e1c83ffb8d4d8d6c5917f5e1504026d736cde502f890f236b1d1572470

SHA512
43d5c3bc3c8761d09b77bb8b238b45c0539faef9040ee64a8567f9adc598046aeec1d2ac54232b9ba6912cfd801ca6cff80f9fea439420f70f41c1fe5009438d

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/shared_prefs/pref_name_setting.xml

MD5
a25eb30e94b3d8c1c8d6428a96f559e4

SHA1
00beaddffd2475856a37db4d157c28a9c38044ca

SHA256
0fb8401d802a4709b7f3c49b74404d6d2f8327acae03e01c57912afd4d052a9f

SHA512
9382c23e60af3b15f35b99fb3087d289f424b7fdcc3c51aebd472332324c6a561c9b1e28666267341da39815dc348c62f4efb809789d8eca7973704db579f025

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/shared_prefs/pref_name_setting.xml

MD5
bf0321f14fc691f717ceddaa692d12aa

SHA1
50164266b4d9af6e13aec5f571f6ca66be14b7d3

SHA256
b5f102aa29504c696afca5b749cbd7e46ddfd3e6d06f7e59a82d28b81cd10eb1

SHA512
5a2024313b38018261a5a4a3051c27409d20f64f627d9bda70125188b13aada701b81e7b596168dfe838d1563c50b85ef182d561e7f023050d924ff5e57dc6d6

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/shared_prefs/pref_name_setting.xml

MD5
45532c622db043e28a1513f29c1a7c80

SHA1
4d4208652fc398ffba40e4dc08360b8e17aaaebd

SHA256
e076dfacdb11592f3e59abb010aacd3387d2605ca78e2c12baeda64a7f67facc

SHA512
d1cd2c71ba6b3179d57c30b9e6d9c9076f17df3cf38789fa05ac990305dd1c4f9105f4d9e7f2be61c3ba00a87112054cbf7c195f7fb0d1aae10ec098204a5d6f

Download Submit
/data/user/0/com.loducwqi.ocuxbeu/shared_prefs/prefs30.xml

MD5
12d6ab1d27552f5788e1667ec0eb1360

SHA1
f0c1a775a55b7bb45fe65579b526cf4360c0c4d6

SHA256
52e178aa40fd1c71b3a4e8fdfb73fba744ac754430d94697f4d2aaa6823c0d18

SHA512
87eb0dba3f5fbb8801a5b8a07849c8634698d64333f77d548f4596221d2f3d7cba7288ebb0fe0b7f9357add2636b07c6e9cd24aa887dd6cce6d22a1b7e2d3d32

Download Submit