Overview

overview

10

Static

static

8

39105_Vide...ı.apk

android_x86

10

39105_Vide...ı.apk

android_x64

10

39105_Vide...ı.apk

android_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    39105_Video_Oynatıcı.apk

  • Size

    2.6MB

  • Sample

    210805-gspmwb595s

  • MD5

    8ab0e4eaf8dfac431a81338824426252

  • SHA1

    a238d35b7478b5432d5ae661caf0a87aecf9e133

  • SHA256

    e3d68b6bf3c6a839e79cc7141a71d59b85858dd3e65764ec151c7cd849fd8080

  • SHA512

    8b0481f6e01fa02c03b10160f2ce6e2abbb051c346048c7e99505053da2c19cc1b55fadc00820c6cf977008d6503c0b149e200ef9683a1ef6077011ca27f58e6

Score
10/10
hydraandroidbankerinfostealerobfuscationtrojan

Malware Config

Extracted

Family

hydra

C2

http://greysondowling458.xyz

Targets

    • Target

      39105_Video_Oynatıcı.apk

    • Size

      2.6MB

    • MD5

      8ab0e4eaf8dfac431a81338824426252

    • SHA1

      a238d35b7478b5432d5ae661caf0a87aecf9e133

    • SHA256

      e3d68b6bf3c6a839e79cc7141a71d59b85858dd3e65764ec151c7cd849fd8080

    • SHA512

      8b0481f6e01fa02c03b10160f2ce6e2abbb051c346048c7e99505053da2c19cc1b55fadc00820c6cf977008d6503c0b149e200ef9683a1ef6077011ca27f58e6

    Score
    10/10
    hydrabankerinfostealerobfuscationtrojan

    • Hydra

      Android banker and info stealer.

      bankertrojaninfostealerhydra

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests enabling of the accessibility settings.

    • Reads name of network operator

      Uses Android APIs to discover system information.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks