hydra | d0e3ea241c345f8988d9f0b9064c1ac1cce7bb2390b28021ee925097372a8308

Analysis

max time kernel
719421s
platform
android_x86
resource
android-x86-arm
submitted
09-08-2021 12:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

87362_Video_Oynatıcı.apk
Size

3.1MB
MD5

141f171526468a833b82651bdc5076e2
SHA1

bd25a345c660790d0afd89a89c51616d0fe87ce8
SHA256

d0e3ea241c345f8988d9f0b9064c1ac1cce7bb2390b28021ee925097372a8308
SHA512

c1b41d1ea501f7a5f3ca883c554c443a7178b417d7957d3b1f28d8a0aa02162f891f519e2d43b9dd2bc07cb07e6014fbc241b6be96299a66f3dea2b16db8aefe

Score

10^/10

hydra banker infostealer obfuscation trojan

Malware Config

Signatures

Hydra
Android banker and info stealer.
banker trojan infostealer hydra

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

Processes:

/system/bin/dex2oatcom.glvygfsf.qnnlsls

ioc	pid	process
/data/user/0/com.glvygfsf.qnnlsls/code_cache/secondary-dexes/base.apk.classes1.zip	5078	/system/bin/dex2oat
/data/user/0/com.glvygfsf.qnnlsls/code_cache/secondary-dexes/base.apk.classes1.zip	5051	com.glvygfsf.qnnlsls

Requests enabling of the accessibility settings. 1 IoCs

Processes:

com.glvygfsf.qnnlsls

description ioc process

Intent action android.settings.ACCESSIBILITY_SETTINGS com.glvygfsf.qnnlsls
Uses reflection 1 IoCs
obfuscation

Processes:

com.glvygfsf.qnnlsls

description pid process

Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE 5051 com.glvygfsf.qnnlsls

description	ioc	process
Intent action	android.settings.ACCESSIBILITY_SETTINGS	com.glvygfsf.qnnlsls

description	pid	process
Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE	5051	com.glvygfsf.qnnlsls

com.glvygfsf.qnnlsls
1⤵
- Loads dropped Dex/Jar
- Requests enabling of the accessibility settings.
- Uses reflection
PID:5051
- com.glvygfsf.qnnlsls
  2⤵
  PID:5078
- /system/bin/dex2oat
  2⤵
  - Loads dropped Dex/Jar
  PID:5078

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.glvygfsf.qnnlsls/code_cache/secondary-dexes/MultiDex.lock

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.glvygfsf.qnnlsls/code_cache/secondary-dexes/base.apk.classes1.zip

MD5
51d29952a045e2d79eff3e467b1bf0af

SHA1
9d027093b36e264e498118d7b31bd9bf8e24b8f9

SHA256
ed5a0461dbaadd0c6889fb4b42373a95e8793a0e7ca011db0a2dbbb2dc1efab6

SHA512
9d7f491e793aeeea82f55e02741683548ed4810463cf9b76c9c1499727e11159b5d36d32d6fa55b9dc24857665b41f71a836dd50b6b3da697fea17a94897787e

Download Submit
/data/user/0/com.glvygfsf.qnnlsls/code_cache/secondary-dexes/base.apk.classes1.zip

MD5
727b2451a3b4f9028dd281fc0aff076e

SHA1
18e9ccb7dc848f581be8670e156e7f36b1290824

SHA256
9272b6f21623f681569a72cad8c86a95111b1b555e1b88c1066e9b2f590c6928

SHA512
2a735eed2364cb1f8a6a0f5c6e2a5235914e2a2d00bdf6d7aaca56f53398f57bd5bd2b1972ab7ee24100b17e822bcbbe80517c16c8f89f017cb7b7d910d96721

Download Submit
/data/user/0/com.glvygfsf.qnnlsls/code_cache/secondary-dexes/base.apk.classes1.zip.x86.flock

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.glvygfsf.qnnlsls/code_cache/secondary-dexes/oat/x86/base.apk.classes1.odex

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.glvygfsf.qnnlsls/code_cache/secondary-dexes/oat/x86/base.apk.classes1.vdex

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.glvygfsf.qnnlsls/code_cache/secondary-dexes/tmp-base.apk.classes7639912305192254497.zip

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.glvygfsf.qnnlsls/shared_prefs/multidex.version.xml

MD5
36cafb87392a623a78f1991f58e7f15a

SHA1
b06a6ef8b47d3714469b8588538f06d3a27dc5c4

SHA256
dfc61b8565b32faae6bebe0f93d7ad50b0b0aa36dc04b9c60b1454fd8b81b312

SHA512
40b403ba4c694462f4907ad1af51621909af39f15d8800228c3c97aac95afa85f9d7714e5b7ffe58e6cdf54d96429ef3bc6ec84048d19924a075a7717be576ca

Download Submit
/data/user/0/com.glvygfsf.qnnlsls/shared_prefs/pref_name_setting.xml

MD5
e9e66a1e489e89eed1c90efd4fc08fbe

SHA1
d1bb7ad8d4ca286bc6eda915b46221ba78159a54

SHA256
43714d015783e5ababc7a04e9aa60189b6f1846efbbf83bb72cddd2018f0e39b

SHA512
10ce84b07a228d3f37b00548177e48620cc6312ca992f19be5527750b1f4c797124f6d40440c169f1bc292ae779d89cdf37eedcf764eeaf2c97792c7ff8a8ba5

Download Submit
/data/user/0/com.glvygfsf.qnnlsls/shared_prefs/pref_name_setting.xml

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.glvygfsf.qnnlsls/shared_prefs/pref_name_setting.xml

MD5
d139ddcb8080d9fe2035461d7935a52c

SHA1
255014ad9ceb65d2fc530f249e6b242a95896432

SHA256
1284bebb82bbc49f4e2e33eca8c2cc3d6d748f5acdbdba8c8de6b6034c30f829

SHA512
6c02e34e2a4fc7014adcda4f0373176764b14ae2e549534c3de3601f6fd2aa88f133d0315d2c089aa0eff79773531b6d46ecf5114b781dce0dcbac57c351e6f2

Download Submit
/data/user/0/com.glvygfsf.qnnlsls/shared_prefs/prefs30.xml

MD5
1c6b6a6a91f2ccf7ac553f9a439ad69e

SHA1
270b45bc1c3255f95fecf8bfa85f7dbfc8fb5748

SHA256
a7958ee3107cac53056bac67328f317cf9e3aaf4533e1072f0c4f0334ebbffa6

SHA512
8a61fcab1bc82977f72af693d4a749ad41df81a9a9c6eaafee0f4ffd36a34f069a259c6b20046a8bce58a6eab526df122cb82e8d093be73cf5ff9d41e489bf8e

Download Submit