hydra | 8e6271b1777abb0402a1b08bda491a17e4743d57053e312f3ff8918fb0dcfb55

Analysis

max time kernel
6763s
platform
android_x86
resource
android-x86-arm
submitted
01-08-2021 06:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

01836_Video_Oynatıcı.apk
Size

2.6MB
MD5

5f08b7472011f988eb20f0b9619408a4
SHA1

35f6b95f50b8a4dd63a4e353b7e92deec0216f5b
SHA256

8e6271b1777abb0402a1b08bda491a17e4743d57053e312f3ff8918fb0dcfb55
SHA512

db54bce5751f89c764d6843c44d325b4cf7efdb17721ea4902a47175337acecb38c115e62e254b8cc8275d1de65a0d025212b3649629460b35d61f2d5b3a2e49

Score

10^/10

hydra banker infostealer obfuscation trojan

Malware Config

Signatures

Hydra
Android banker and info stealer.
banker trojan infostealer hydra

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

Processes:

/system/bin/dex2oatcom.zhnfylbf.qdbnohw

ioc	pid	process
/data/user/0/com.zhnfylbf.qdbnohw/code_cache/secondary-dexes/base.apk.classes1.zip	4898	/system/bin/dex2oat
/data/user/0/com.zhnfylbf.qdbnohw/code_cache/secondary-dexes/base.apk.classes1.zip	4866	com.zhnfylbf.qdbnohw

Requests enabling of the accessibility settings. 1 IoCs

Processes:

com.zhnfylbf.qdbnohw

description ioc process

Intent action android.settings.ACCESSIBILITY_SETTINGS com.zhnfylbf.qdbnohw
Uses reflection 1 IoCs
obfuscation

Processes:

com.zhnfylbf.qdbnohw

description pid process

Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE 4866 com.zhnfylbf.qdbnohw

description	ioc	process
Intent action	android.settings.ACCESSIBILITY_SETTINGS	com.zhnfylbf.qdbnohw

description	pid	process
Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE	4866	com.zhnfylbf.qdbnohw

com.zhnfylbf.qdbnohw
1⤵
- Loads dropped Dex/Jar
- Requests enabling of the accessibility settings.
- Uses reflection
PID:4866

com.zhnfylbf.qdbnohw
2⤵
PID:4898

/system/bin/dex2oat
2⤵
- Loads dropped Dex/Jar
PID:4898

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.zhnfylbf.qdbnohw/code_cache/secondary-dexes/MultiDex.lock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.zhnfylbf.qdbnohw/code_cache/secondary-dexes/base.apk.classes1.zip
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.zhnfylbf.qdbnohw/code_cache/secondary-dexes/base.apk.classes1.zip
MD5
f80ef9f4fba7d38a109d9a3d4758d018

SHA1
7ab4ce2827ee8e5c2231d3e7b35e2b49201f0c3b

SHA256
cf8c5fa88271f1daa009c5f5e16219f0c7d28247ccdb9457904dcea9b19a0cc2

SHA512
b2a891bddf2b659f67693cf080c16aff968a1c5a43b9d98be591e83778d58c614d0dd726166576c6c7f7022cd8469be210fef14b44710b530581789d85f5da37

Download Submit
/data/user/0/com.zhnfylbf.qdbnohw/code_cache/secondary-dexes/base.apk.classes1.zip.x86.flock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.zhnfylbf.qdbnohw/code_cache/secondary-dexes/oat/x86/base.apk.classes1.odex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.zhnfylbf.qdbnohw/code_cache/secondary-dexes/oat/x86/base.apk.classes1.vdex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.zhnfylbf.qdbnohw/code_cache/secondary-dexes/tmp-base.apk.classes3376788700540566830.zip
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.zhnfylbf.qdbnohw/shared_prefs/multidex.version.xml
MD5
43d00c0ff2b9cc9afb1abb77daf9dd9b

SHA1
61cd89eae60bfeb4fcf435c1e5b97f432897d11b

SHA256
4d2a5a2297b6e55633f3e0c169f1eaab606b14c136857e0a2f42e4f294cd8abd

SHA512
37db0fd9701931102db5dce572e124756016e0d6dd6988b16927c4fe1e61b9beb535282d71b9e72ea7f2ab131e98716bb086eb732f706c8dec1cc8b5918a77a9

Download Submit
/data/user/0/com.zhnfylbf.qdbnohw/shared_prefs/pref_name_setting.xml
MD5
cc91a735ea7d22eabda602b4c6afd48c

SHA1
185f50edb427c32ed157b1a346d26dbe26d834e4

SHA256
dc6344ed6aff68b8bf39831c99247892de86ad7409ed396569371e866d87b5e0

SHA512
12b63836ee1232b796c5158bd5a2a5c1c21fb87d724de2136472027ef524094d5a04b54b7f4028d8001d26aa72499bd29ee39e33097e56045a9d265cb3010894

Download Submit
/data/user/0/com.zhnfylbf.qdbnohw/shared_prefs/pref_name_setting.xml
MD5
a934236b0d6ab8a292082f9ebdf2bae1

SHA1
e306e8e573bc14b121af6e93d6e6de27f4d9eb73

SHA256
74e411a3d1db2a4028f583c5231617dc6afa972c62af6971d4f098d852da186d

SHA512
e50e403d008bdc6cb8b49c69d335d324e8f85546610f489667366a82e8c463986d316ecb4fd6f95ded27aa67f718453c20a652e96b29adfbb8c9facd6299308d

Download Submit
/data/user/0/com.zhnfylbf.qdbnohw/shared_prefs/pref_name_setting.xml
MD5
c46180412cada152f271adcf178f083f

SHA1
ea36425b69d661f936c979ea5fcb747234358b8e

SHA256
59a7d16272951cc7846c1fde1e543fdeec354b8fb73b2627ea56de090b145ed1

SHA512
213920210ca098f2db48d54b8aabaaac1c128a2ea5dfd3e1cad28b03aec2d48599bfc4903a7febba6e82eb3df2bb39872743a6cf61763c41331fb7b8700d1a2c

Download Submit
/data/user/0/com.zhnfylbf.qdbnohw/shared_prefs/prefs30.xml
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads