Analysis
-
max time kernel
479394s -
max time network
31s -
platform
android_x64 -
resource
android-x64 -
submitted
06-08-2021 17:45
General
-
Target
34081_Video_Oynatıcı.apk
-
Size
3.1MB
-
MD5
9974bad66a83878b2307fa9906b47c02
-
SHA1
d412add72df906b015bbd855d99c7d95fa58e546
-
SHA256
d48f7a62bd78239ee8381d924088e6e6e048884bc0a9ee538bb2b6a70cad527f
-
SHA512
b22d0049fc94ebee37565eba70591d3ebeb028c6e63ab52381cede49f244a883335387198766f757085e27a598b5b33ebb91f4bdb7b8c9878f59c83ea034c29d
Malware Config
Extracted
hydra
http://courteneyguerrero584.xyz
Signatures
-
Hydra
Android banker and info stealer.
-
Loads dropped Dex/Jar 1 IoCs
Runs executable file dropped to the device during analysis.
-
Uses reflection 3 IoCs
Processes
-
com.ntbxausy.rctrzgu1⤵
- Loads dropped Dex/Jar
- Uses reflection
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/com.ntbxausy.rctrzgu/code_cache/secondary-dexes/MultiDex.lockMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
/data/user/0/com.ntbxausy.rctrzgu/code_cache/secondary-dexes/base.apk.classes1.zipMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
/data/user/0/com.ntbxausy.rctrzgu/code_cache/secondary-dexes/tmp-base.apk.classes8607102575932760621.zipMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
/data/user/0/com.ntbxausy.rctrzgu/shared_prefs/multidex.version.xmlMD5
d8951ff0579228b6f2a3ff87f711f96e
SHA1560bf64612f060c59a57d31ad8ec08a83b82d989
SHA2567feaac9f7e2d468448b248008512eda20f615448adcdbc3a60f00578b54fd3ac
SHA5122744b61fb1e386488065ebf13ff251b945b4329ad92f4d6d1917ff3883adda4347aac18c4a21e12124837178eae8374b5ccf901acac44e1b93129b7d2c551a33
-
/data/user/0/com.ntbxausy.rctrzgu/shared_prefs/pref_name_setting.xmlMD5
ea9b580180045cb2a3a735e71fe325fa
SHA13509ca6813dd1236fb1be82680637c8dac6cdbfa
SHA256d37d0e571511e616c9db6e72f1f7ddba0d9f7f955c325c5bd1fad50e65ef4319
SHA512f14bf8b69ebaf0be5bde83b4aaf8a8236ee5ff68f500c2e72c20135690665beaf21f5d08b142e6042f1e8b1ec99a4e45b3525c97240e3bb326b238bccc04a6d8
-
/data/user/0/com.ntbxausy.rctrzgu/shared_prefs/pref_name_setting.xmlMD5
dcc89cfb788593b1a89e9886b71833a1
SHA1dc78f1314836c56fc13723ca9fb0b260ef05cbbe
SHA256eba17bdfe16c425bdff1bab2910cd5a924e6ab1d1fa1df8a67b0bccda1016ee6
SHA512eb2d64b3770a0b6340542786bd66973f7e1fa51f1cf6582bbce14a0511beb6ea277670ba0753988a53f17552bb91e64d68fea6116667bc0fba8334727b708107
-
/data/user/0/com.ntbxausy.rctrzgu/shared_prefs/prefs30.xmlMD5
12d6ab1d27552f5788e1667ec0eb1360
SHA1f0c1a775a55b7bb45fe65579b526cf4360c0c4d6
SHA25652e178aa40fd1c71b3a4e8fdfb73fba744ac754430d94697f4d2aaa6823c0d18
SHA51287eb0dba3f5fbb8801a5b8a07849c8634698d64333f77d548f4596221d2f3d7cba7288ebb0fe0b7f9357add2636b07c6e9cd24aa887dd6cce6d22a1b7e2d3d32