Overview

overview

10

Static

static

8

90152_Vide...ı.apk

android_x86

10

90152_Vide...ı.apk

android_x64

10

90152_Vide...ı.apk

android_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    90152_Video_Oynatıcı.apk

  • Size

    3.1MB

  • Sample

    210806-73v153lvne

  • MD5

    6e4016cb79bcd119270acf542712b2fb

  • SHA1

    7b75c91b636d63ea009d94acce954931f4d863fe

  • SHA256

    676e369114e1052db252e5a93b76ae3cbe86e6afefbc0ca41810d2be983890ac

  • SHA512

    4f3c7dcf227f1a942ed74a8070f3580248b9b1a946b5d214d3c5ed81aa41d1d38f48b6a9c0077170950d4a4a22d55e91ee60c949851ee16617cb0de1f67d35af

Score
10/10
hydraandroidbankerinfostealerobfuscationtrojan

Malware Config

Extracted

Family

hydra

C2

http://glennnewton547458.xyz

Targets

    • Target

      90152_Video_Oynatıcı.apk

    • Size

      3.1MB

    • MD5

      6e4016cb79bcd119270acf542712b2fb

    • SHA1

      7b75c91b636d63ea009d94acce954931f4d863fe

    • SHA256

      676e369114e1052db252e5a93b76ae3cbe86e6afefbc0ca41810d2be983890ac

    • SHA512

      4f3c7dcf227f1a942ed74a8070f3580248b9b1a946b5d214d3c5ed81aa41d1d38f48b6a9c0077170950d4a4a22d55e91ee60c949851ee16617cb0de1f67d35af

    Score
    10/10
    hydrabankerinfostealerobfuscationtrojan

    • Hydra

      Android banker and info stealer.

      bankertrojaninfostealerhydra

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests enabling of the accessibility settings.

    • Reads name of network operator

      Uses Android APIs to discover system information.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks