hydra | 8ec3ec89c9ebac8e0f054913e0f443fd8b1fa2083d1cb2dbc31be4e94fab7208

Analysis

max time kernel
382680s
max time network
41s
platform
android_x64
resource
android-x64
submitted
05-08-2021 14:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

40862_Video_Oynatıcı.apk
Size

2.6MB
MD5

8f31c64298921bd28072ab901e341b3c
SHA1

749f248a8ab4311cccaf2f0bd1e3ce9fed444467
SHA256

8ec3ec89c9ebac8e0f054913e0f443fd8b1fa2083d1cb2dbc31be4e94fab7208
SHA512

6adfa1db6fdfcfe8acf11e6d76fefbc5b03d6dea8d9bb97b7999e686b0f403fcfbfbc4bb43e7dc230ae7f5e01c0ea2d401204c56fff527be7a99bda72249df21

Score

10^/10

hydra banker infostealer obfuscation trojan

Malware Config

Extracted

Family

hydra

http://glennnewton547458.xyz

Signatures

Hydra
Android banker and info stealer.
banker trojan infostealer hydra
Loads dropped Dex/Jar 1 IoCs
Runs executable file dropped to the device during analysis.

Processes:

com.zafmuupa.ixlaqwx

ioc pid process

/data/user/0/com.zafmuupa.ixlaqwx/code_cache/secondary-dexes/base.apk.classes1.zip 3952 com.zafmuupa.ixlaqwx
Requests enabling of the accessibility settings. 1 IoCs

Processes:

com.zafmuupa.ixlaqwx

description ioc process

Intent action android.settings.ACCESSIBILITY_SETTINGS com.zafmuupa.ixlaqwx

ioc	pid	process
/data/user/0/com.zafmuupa.ixlaqwx/code_cache/secondary-dexes/base.apk.classes1.zip	3952	com.zafmuupa.ixlaqwx

description	ioc	process
Intent action	android.settings.ACCESSIBILITY_SETTINGS	com.zafmuupa.ixlaqwx

Uses reflection 3 IoCs

obfuscation

Processes:

com.zafmuupa.ixlaqwx

description	pid	process
Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE	3952	com.zafmuupa.ixlaqwx
Acesses field javax.security.auth.x500.X500Principal.thisX500Name	3952	com.zafmuupa.ixlaqwx
Acesses field javax.security.auth.x500.X500Principal.thisX500Name	3952	com.zafmuupa.ixlaqwx

com.zafmuupa.ixlaqwx
1⤵
- Loads dropped Dex/Jar
- Requests enabling of the accessibility settings.
- Uses reflection
PID:3952

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.zafmuupa.ixlaqwx/code_cache/secondary-dexes/MultiDex.lock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.zafmuupa.ixlaqwx/code_cache/secondary-dexes/base.apk.classes1.zip
MD5
4c58f54fdb1c81124ac3f079ae941c12

SHA1
97bea5e06e2ae8009b876741694459d15ee82460

SHA256
fa7e37c61d2e3cdeded9c947d3b4dba7d469cc74c58cd54fcd9e556410b070b3

SHA512
aaa2034160bbe441fe36e69f6ff572d844b75b49600a21e0210f6e9a5042c3c54609d75c0733d48f1f38451743f47ca2d30e002819b5a2a84bd513fabf8d03b7

Download Submit
/data/user/0/com.zafmuupa.ixlaqwx/code_cache/secondary-dexes/tmp-base.apk.classes579863382856836992.zip
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.zafmuupa.ixlaqwx/shared_prefs/multidex.version.xml
MD5
8ac99d239abc25c8f180691957ff27f0

SHA1
822336a79e25a9cf18d6ff23b5cb77418a9f8ddd

SHA256
97c21f601ab7dd836e0417d7663fcb63c16fd6c5b546c7fbf7aa394158007fdc

SHA512
f27fe4aa6665880aa2ec8389e2565369e18b24ace92b0bbcfe93a1b05bb8aa36bc26b028b04d6987ad57e2b2408104588deeb0872eacb44205af66b650835fd5

Download Submit
/data/user/0/com.zafmuupa.ixlaqwx/shared_prefs/pref_name_setting.xml
MD5
542ae5d618b7ff1627bfc140a55d6d71

SHA1
8275a1b880730eefb2055a166f8afd2c4850a0f1

SHA256
4670ce1a8b296eb372b0f656dee2116e69ecee895638ccdc0eadb06981c95b2e

SHA512
fa79cceee8974901005617d3b1932e77bf959bef225e1782959f3f96335b5df0558f8d39751d6418de73ead163bcc6c4c132b251d14a506686a004eaaadda5f6

Download Submit
/data/user/0/com.zafmuupa.ixlaqwx/shared_prefs/pref_name_setting.xml
MD5
5b2c1bde3cfa37cbcf0eb36abb6f5f5c

SHA1
50af88d68cf29956835397eee4afaebe6f4d88a0

SHA256
99db6c7bd69f1613760cbdc01a6cb0d2202ca01b0e95d9e574834b180458371b

SHA512
9e5485187a8f78693818e84da26b48315e56477647c0839d691de9c2b67c6abca55fcbb1224ff2220f293e5594f9df931b555c3fa484bfa0693acff1218df2cb

Download Submit
/data/user/0/com.zafmuupa.ixlaqwx/shared_prefs/pref_name_setting.xml
MD5
f84e751997a02f47b24a6559da9bf885

SHA1
4e54ea44082c7f29ec29038210ded4ff621a3483

SHA256
1dee081c6f1cda3099aee19ed10dccac93c57ca7a1c88b0dd468288865d1886f

SHA512
52613d055d3e8deedcd9f9f628152c401f6b7515baf089713b20462e86c39e170059f69cb6957b59b3c8970b35d6aedbd8b3861a16c6264293efb5699ea0f2d1

Download Submit
/data/user/0/com.zafmuupa.ixlaqwx/shared_prefs/pref_name_setting.xml
MD5
bae0bf4e81eed00792785d24741f114a

SHA1
099384b9a6e3c0ce63f9aa13b02159f4309f2e7b

SHA256
22328742c7025133a81faaf358a4599b776c44473af456509ee05cc71d675025

SHA512
152145fcdd676be65e4372261554eae72ef380ee68b005233ab56df543b5f00a6bf672558637d0cd810446a480b48cdb37711916d6edbb6a611ad52511b216ab

Download Submit
/data/user/0/com.zafmuupa.ixlaqwx/shared_prefs/prefs30.xml
MD5
12d6ab1d27552f5788e1667ec0eb1360

SHA1
f0c1a775a55b7bb45fe65579b526cf4360c0c4d6

SHA256
52e178aa40fd1c71b3a4e8fdfb73fba744ac754430d94697f4d2aaa6823c0d18

SHA512
87eb0dba3f5fbb8801a5b8a07849c8634698d64333f77d548f4596221d2f3d7cba7288ebb0fe0b7f9357add2636b07c6e9cd24aa887dd6cce6d22a1b7e2d3d32

Download Submit