hydra | d97aab6e351401596e170f056c3833bfd709cf44a2db97739a9129910fe2ece1

Analysis

max time kernel
796153s
max time network
159s
platform
android_x64
resource
android-x64-arm64
submitted
10-08-2021 09:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

90635_Video_Oynatıcı.apk
Size

3.1MB
MD5

e64e9fc94ff0b95e5c0cf2b38be94502
SHA1

7c9861d9fb7b00ea43113d7a36902b2c2525a1ee
SHA256

d97aab6e351401596e170f056c3833bfd709cf44a2db97739a9129910fe2ece1
SHA512

59bafd293766ac2aa60d06fe375eb4e4855dbb4d88577b83995fe0970960dadc9bf442bcba96d2bca8f757d6035e9c90ee45f1a66f934d8b13fe710da3ead220

Score

10^/10

hydra banker infostealer obfuscation trojan

Malware Config

Extracted

Family

hydra

http://staceycarroll48.xyz

Signatures

Hydra
Android banker and info stealer.
banker trojan infostealer hydra
Loads dropped Dex/Jar 1 IoCs
Runs executable file dropped to the device during analysis.

Processes:

com.yzojnxnf.buzdnua

ioc pid process

/data/user/0/com.yzojnxnf.buzdnua/code_cache/secondary-dexes/base.apk.classes1.zip 4519 com.yzojnxnf.buzdnua
Requests enabling of the accessibility settings. 1 IoCs

Processes:

com.yzojnxnf.buzdnua

description ioc process

Intent action android.settings.ACCESSIBILITY_SETTINGS com.yzojnxnf.buzdnua

ioc	pid	process
/data/user/0/com.yzojnxnf.buzdnua/code_cache/secondary-dexes/base.apk.classes1.zip	4519	com.yzojnxnf.buzdnua

description	ioc	process
Intent action	android.settings.ACCESSIBILITY_SETTINGS	com.yzojnxnf.buzdnua

Uses reflection 3 IoCs

obfuscation

Processes:

com.yzojnxnf.buzdnua

description	pid	process
Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE	4519	com.yzojnxnf.buzdnua
Acesses field javax.security.auth.x500.X500Principal.thisX500Name	4519	com.yzojnxnf.buzdnua
Acesses field javax.security.auth.x500.X500Principal.thisX500Name	4519	com.yzojnxnf.buzdnua

com.yzojnxnf.buzdnua
1⤵
- Loads dropped Dex/Jar
- Requests enabling of the accessibility settings.
- Uses reflection
PID:4519

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.yzojnxnf.buzdnua/code_cache/secondary-dexes/MultiDex.lock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.yzojnxnf.buzdnua/code_cache/secondary-dexes/base.apk.classes1.zip
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.yzojnxnf.buzdnua/code_cache/secondary-dexes/tmp-base.apk.classes1552417012707144854.zip
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.yzojnxnf.buzdnua/shared_prefs/multidex.version.xml
MD5
f795597cfa69f42fdd1268b109d3b48a

SHA1
5dbadfccffddb36b8ca6a9bc74150e3a7be04f78

SHA256
828fd58d3109d7a92b3aba947ae7c7c4c81ca9bd7413943f4e29f39e68c04822

SHA512
367154ffe449228bdf3c4fde3b43818e62814e3376f49a85e2272519507c07242bc4172525915e7940759dd50994ea2a68f93ccfcee1ce8b88234f938f660617

Download Submit
/data/user/0/com.yzojnxnf.buzdnua/shared_prefs/pref_name_setting.xml
MD5
44c52368c679a3a6be8729ac55b3bd8f

SHA1
5e2ed42d84f76f7611a945349e625102cd03ea7e

SHA256
8e109c5848e320549e58f0dbc3baca4a5480d698c741cf6b5bdf6cad4f48a175

SHA512
dc09e41dd006fccd08012c1830409a3dbbfd2a07d181c103fceb728d69c2658eb61c2bae029eadca0e827c932072b6b5b34e9659e64da6b2ca61976aae16d157

Download Submit
/data/user/0/com.yzojnxnf.buzdnua/shared_prefs/pref_name_setting.xml
MD5
6ff786c7cec27925d922db98bbc328c4

SHA1
4f0fe6064617bb714cb30364a6d4ff6861022ec1

SHA256
681b196642eb2d820165e0720450a800c148e514551aaa6cd306db60def07d6a

SHA512
e60c4c398796d309f7ff9594abe651cc9b58a3c81a2ffa9b622ef4c569f8764012cea5ea453d549bf5eba6f5bc9084a9be161d15e242219e6c2ef988b51b9d04

Download Submit
/data/user/0/com.yzojnxnf.buzdnua/shared_prefs/pref_name_setting.xml
MD5
1e8ed43b5a3242a4e9ce92f5b480ce2b

SHA1
d1b17bace26575b10b81bdebd40f1d4aa9322798

SHA256
d43f09d69f88e192bd0cd4c0317417ba0a3300303774be7a3c8b26d13a7d0973

SHA512
fc3bb0bce88fde44053c43fe531e4bb9dec9056ee42b52b6c60afa2ff5d7703308e5e80b482d5dc707ffd405335d6af06533354c3e227f05df50be3b58931130

Download Submit
/data/user/0/com.yzojnxnf.buzdnua/shared_prefs/pref_name_setting.xml
MD5
f9ab69d54aafa4649294b94bb92889e3

SHA1
75218f5f433e33f6295cad484cc77d013e3ccfca

SHA256
d98b42dad6258bfdaee3fec789136ff604527c1998fac263765b48443af64451

SHA512
166f328a39e32907d40118afb330d1ca4ee2636428f6df92278bfa9c3c96746086e15570e3b5358bfbdc46c97cfb5fcb4f5dea085540c5559d00874b1e57dc85

Download Submit
/data/user/0/com.yzojnxnf.buzdnua/shared_prefs/pref_name_setting.xml
MD5
96b991292a38b0d9824e5aa4efb8a999

SHA1
a6b1289a7f0f473f6a6af16c4f5d885dd223e938

SHA256
ad18beb4ff5e2ad8212f710fbb6b86b86004ee6e771fb478abe88dd29db93e91

SHA512
b6d3e918252c46e5027c923e630765f3f8812466b9bcaf11e693221e6e7713c2610d36c34b4acb5c6ea98876196b210f4d7dcee57825779534741eb9f7e08e7c

Download Submit
/data/user/0/com.yzojnxnf.buzdnua/shared_prefs/prefs30.xml
MD5
1c6b6a6a91f2ccf7ac553f9a439ad69e

SHA1
270b45bc1c3255f95fecf8bfa85f7dbfc8fb5748

SHA256
a7958ee3107cac53056bac67328f317cf9e3aaf4533e1072f0c4f0334ebbffa6

SHA512
8a61fcab1bc82977f72af693d4a749ad41df81a9a9c6eaafee0f4ffd36a34f069a259c6b20046a8bce58a6eab526df122cb82e8d093be73cf5ff9d41e489bf8e

Download Submit