hydra | ccebc2265cae07b7798d8bd7b194ae999f1e9f4b2652d3d220b873c23610f0c7

Analysis

max time kernel
533657s
platform
android_x86
resource
android-x86-arm
submitted
07-08-2021 08:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

36509_Video_Oynatıcı.apk
Size

3.1MB
MD5

5f9eff5c3af6f72e93937ba09f40b5d7
SHA1

bdc23081a728a2557ceedcabf787e9847e6df159
SHA256

ccebc2265cae07b7798d8bd7b194ae999f1e9f4b2652d3d220b873c23610f0c7
SHA512

8d54d2d0297c617e0cab94b1feae1fc4e54250fd9fc66e8d5645a8a63cc000b5837dc0c6632559498bf054bc065bb3fa159027172f3711c4942c6e9a70916692

Score

10^/10

hydra banker infostealer obfuscation trojan

Malware Config

Signatures

Hydra
Android banker and info stealer.
banker trojan infostealer hydra

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

Processes:

/system/bin/dex2oatcom.jrrnwddn.bsjpjlt

ioc	pid	process
/data/user/0/com.jrrnwddn.bsjpjlt/code_cache/secondary-dexes/base.apk.classes1.zip	4919	/system/bin/dex2oat
/data/user/0/com.jrrnwddn.bsjpjlt/code_cache/secondary-dexes/base.apk.classes1.zip	4887	com.jrrnwddn.bsjpjlt

Uses reflection 1 IoCs
obfuscation

Processes:

com.jrrnwddn.bsjpjlt

description pid process

Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE 4887 com.jrrnwddn.bsjpjlt

description	pid	process
Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE	4887	com.jrrnwddn.bsjpjlt

com.jrrnwddn.bsjpjlt
1⤵
- Loads dropped Dex/Jar
- Uses reflection
PID:4887

com.jrrnwddn.bsjpjlt
2⤵
PID:4919

/system/bin/dex2oat
2⤵
- Loads dropped Dex/Jar
PID:4919

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.jrrnwddn.bsjpjlt/code_cache/secondary-dexes/MultiDex.lock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.jrrnwddn.bsjpjlt/code_cache/secondary-dexes/base.apk.classes1.zip
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.jrrnwddn.bsjpjlt/code_cache/secondary-dexes/base.apk.classes1.zip
MD5
bc447d533c22899bf4b97d8086eb935a

SHA1
23c43d8fa3829acd2b34d80eaa687095cec1b001

SHA256
0907f5d0091075cd5f8669aca942a0547a1c51152f0442218274ea4cb6879fb6

SHA512
eed878e6a13c43edad33d74b2d91573867d52beebd2dc79e217dc715bcfa108c9c261111275d4f57cf6902e36281531dff53ddca23e05ac6aa7436a6db6b7063

Download Submit
/data/user/0/com.jrrnwddn.bsjpjlt/code_cache/secondary-dexes/base.apk.classes1.zip.x86.flock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.jrrnwddn.bsjpjlt/code_cache/secondary-dexes/oat/x86/base.apk.classes1.odex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.jrrnwddn.bsjpjlt/code_cache/secondary-dexes/oat/x86/base.apk.classes1.vdex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.jrrnwddn.bsjpjlt/code_cache/secondary-dexes/tmp-base.apk.classes3069213741435768765.zip
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.jrrnwddn.bsjpjlt/shared_prefs/multidex.version.xml
MD5
913997f8e19551baa2542292780c0ab3

SHA1
74b8bcfb7da4086c3f9532c5fbaf85e48ef9315b

SHA256
4d3ecf4c1565a4f1af7f32196ed0eea44e72f2273a3e4659e20b5118ae329b9b

SHA512
720d381ed3eb301dc36fc658648b420093877d6970ed308a9a210a3f895dbe119606afc7444cb84a80caa39685c69d453d8957aaf6af368bfbb9ef6b4da4638e

Download Submit
/data/user/0/com.jrrnwddn.bsjpjlt/shared_prefs/pref_name_setting.xml
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.jrrnwddn.bsjpjlt/shared_prefs/prefs30.xml
MD5
1c6b6a6a91f2ccf7ac553f9a439ad69e

SHA1
270b45bc1c3255f95fecf8bfa85f7dbfc8fb5748

SHA256
a7958ee3107cac53056bac67328f317cf9e3aaf4533e1072f0c4f0334ebbffa6

SHA512
8a61fcab1bc82977f72af693d4a749ad41df81a9a9c6eaafee0f4ffd36a34f069a259c6b20046a8bce58a6eab526df122cb82e8d093be73cf5ff9d41e489bf8e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads