hydra | 90afe99519b428fb7b39843af48838d70d997568609417e9d242858d3eceace8

Analysis

max time kernel
587467s
platform
android_x86
resource
android-x86-arm
submitted
07-08-2021 23:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

54738_Video_Oynatıcı.apk
Size

3.1MB
MD5

af830c008d42babdcdfd6520198e2ba7
SHA1

e92981cc645439f71f2b5892d940da1b6b84744f
SHA256

90afe99519b428fb7b39843af48838d70d997568609417e9d242858d3eceace8
SHA512

2b0b8eac9b9601e6e3f9280aaf47407d6a7ce0599dbf90a9df12ff5353c0f6cc5a6760ae357ddedd4bed4c6ffe82161bd6011b0a3553e3a354f70dd44d5e86df

Score

10^/10

hydra banker infostealer obfuscation trojan

Malware Config

Signatures

Hydra
Android banker and info stealer.
banker trojan infostealer hydra

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

Processes:

/system/bin/dex2oatcom.dezjpspf.pjwtyzt

ioc	pid	process
/data/user/0/com.dezjpspf.pjwtyzt/code_cache/secondary-dexes/base.apk.classes1.zip	4829	/system/bin/dex2oat
/data/user/0/com.dezjpspf.pjwtyzt/code_cache/secondary-dexes/base.apk.classes1.zip	4800	com.dezjpspf.pjwtyzt

Requests enabling of the accessibility settings. 1 IoCs

Processes:

com.dezjpspf.pjwtyzt

description ioc process

Intent action android.settings.ACCESSIBILITY_SETTINGS com.dezjpspf.pjwtyzt
Uses reflection 1 IoCs
obfuscation

Processes:

com.dezjpspf.pjwtyzt

description pid process

Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE 4800 com.dezjpspf.pjwtyzt

description	ioc	process
Intent action	android.settings.ACCESSIBILITY_SETTINGS	com.dezjpspf.pjwtyzt

description	pid	process
Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE	4800	com.dezjpspf.pjwtyzt

com.dezjpspf.pjwtyzt
1⤵
- Loads dropped Dex/Jar
- Requests enabling of the accessibility settings.
- Uses reflection
PID:4800
- com.dezjpspf.pjwtyzt
  2⤵
  PID:4829
- /system/bin/dex2oat
  2⤵
  - Loads dropped Dex/Jar
  PID:4829

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.dezjpspf.pjwtyzt/code_cache/secondary-dexes/MultiDex.lock

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.dezjpspf.pjwtyzt/code_cache/secondary-dexes/base.apk.classes1.zip

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.dezjpspf.pjwtyzt/code_cache/secondary-dexes/base.apk.classes1.zip

MD5
5a9139405da743ec742cc990261f1e72

SHA1
e67fd6d3e1f443da5a9ab37ed07c82f33e11c292

SHA256
b26b9eba1bf19407e1979eebce69142379156882d67fae6229c38a690fc2d925

SHA512
faa04e4d02b6a13df77ead13f1fec7561905d9a9c9c5195d8beac3434035643d3ea2af685e216418d393dfeb188ef8faa26c5010fb9d95e5f99f5927a057871c

Download Submit
/data/user/0/com.dezjpspf.pjwtyzt/code_cache/secondary-dexes/base.apk.classes1.zip.x86.flock

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.dezjpspf.pjwtyzt/code_cache/secondary-dexes/oat/x86/base.apk.classes1.odex

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.dezjpspf.pjwtyzt/code_cache/secondary-dexes/oat/x86/base.apk.classes1.vdex

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.dezjpspf.pjwtyzt/code_cache/secondary-dexes/tmp-base.apk.classes5140557979260875979.zip

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.dezjpspf.pjwtyzt/shared_prefs/multidex.version.xml

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.dezjpspf.pjwtyzt/shared_prefs/pref_name_setting.xml

MD5
bb0078635004fa1742d3199eaf07f578

SHA1
c714775d6fb9d8224fb0b7beae3d4b512f1e3ca4

SHA256
a664f1d5ddd16e29dda810ca4ccda6c8670a3c417b9b3f9c71e18f0a5b7f377f

SHA512
133e18ccba6bd7b38b2cd52c82c27e05bf617d18c9b7534357801a0d87ca84cbfe903232f33152d9a05c9e18df1edb8d2682014a8350f873ddda37591065b5b8

Download Submit
/data/user/0/com.dezjpspf.pjwtyzt/shared_prefs/pref_name_setting.xml

MD5
1b9e18f6e343574b9a692e1ab1cf7680

SHA1
2351fdaa149a4671125078a73e849d3ad0050cad

SHA256
98747a8461c0d29b55b519dce7dafac79c3d785a5f5bf1177aa142032ee9580e

SHA512
27a43327c752b4ab21ad52e688f0f585914eb01b72c0778791611d55f98051b679b32636b48ffc4af640c2d97221057a3f937e97e09823cb8302f77691b1e8c4

Download Submit
/data/user/0/com.dezjpspf.pjwtyzt/shared_prefs/pref_name_setting.xml

MD5
78172bd0336e8ca90883680510af36d8

SHA1
6774b3c02af91fd1e4aa47c0dd42a5825b6a4008

SHA256
8fcea95ff8f016d53e5a029cac6419e41ea5ac743b9faad9f2a4f7bcc404ca60

SHA512
0dca4504c5ed42bf02a1f53da4a4371054354058c20f77fff5139868cffc69cf7f595eef995392e45c3e12bd6fcf1beb6edff7bb36d5bfbfb4c7797515f119ab

Download Submit
/data/user/0/com.dezjpspf.pjwtyzt/shared_prefs/prefs30.xml

MD5
1c6b6a6a91f2ccf7ac553f9a439ad69e

SHA1
270b45bc1c3255f95fecf8bfa85f7dbfc8fb5748

SHA256
a7958ee3107cac53056bac67328f317cf9e3aaf4533e1072f0c4f0334ebbffa6

SHA512
8a61fcab1bc82977f72af693d4a749ad41df81a9a9c6eaafee0f4ffd36a34f069a259c6b20046a8bce58a6eab526df122cb82e8d093be73cf5ff9d41e489bf8e

Download Submit