hydra | d97aab6e351401596e170f056c3833bfd709cf44a2db97739a9129910fe2ece1

Analysis

max time kernel
796157s
max time network
41s
platform
android_x64
resource
android-x64
submitted
10-08-2021 09:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

90635_Video_Oynatıcı.apk
Size

3.1MB
MD5

e64e9fc94ff0b95e5c0cf2b38be94502
SHA1

7c9861d9fb7b00ea43113d7a36902b2c2525a1ee
SHA256

d97aab6e351401596e170f056c3833bfd709cf44a2db97739a9129910fe2ece1
SHA512

59bafd293766ac2aa60d06fe375eb4e4855dbb4d88577b83995fe0970960dadc9bf442bcba96d2bca8f757d6035e9c90ee45f1a66f934d8b13fe710da3ead220

Score

10^/10

hydra banker infostealer obfuscation trojan

Malware Config

Extracted

Family

hydra

http://staceycarroll48.xyz

Signatures

Hydra
Android banker and info stealer.
banker trojan infostealer hydra
Loads dropped Dex/Jar 1 IoCs
Runs executable file dropped to the device during analysis.

Processes:

com.yzojnxnf.buzdnua

ioc pid process

/data/user/0/com.yzojnxnf.buzdnua/code_cache/secondary-dexes/base.apk.classes1.zip 3710 com.yzojnxnf.buzdnua
Requests enabling of the accessibility settings. 1 IoCs

Processes:

com.yzojnxnf.buzdnua

description ioc process

Intent action android.settings.ACCESSIBILITY_SETTINGS com.yzojnxnf.buzdnua

ioc	pid	process
/data/user/0/com.yzojnxnf.buzdnua/code_cache/secondary-dexes/base.apk.classes1.zip	3710	com.yzojnxnf.buzdnua

description	ioc	process
Intent action	android.settings.ACCESSIBILITY_SETTINGS	com.yzojnxnf.buzdnua

Uses reflection 3 IoCs

obfuscation

Processes:

com.yzojnxnf.buzdnua

description	pid	process
Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE	3710	com.yzojnxnf.buzdnua
Acesses field javax.security.auth.x500.X500Principal.thisX500Name	3710	com.yzojnxnf.buzdnua
Acesses field javax.security.auth.x500.X500Principal.thisX500Name	3710	com.yzojnxnf.buzdnua

com.yzojnxnf.buzdnua
1⤵
- Loads dropped Dex/Jar
- Requests enabling of the accessibility settings.
- Uses reflection
PID:3710

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.yzojnxnf.buzdnua/code_cache/secondary-dexes/MultiDex.lock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.yzojnxnf.buzdnua/code_cache/secondary-dexes/base.apk.classes1.zip
MD5
1de1a89fcfe7132e7316ba9aa0378891

SHA1
f8557610d3324c26b9f678b78f1ad0de217780de

SHA256
49372c251b8d10d64ffa2893108ba4b880d78fedf8d91f31b0236a4ce8824786

SHA512
51335324446c479f3e957fc7720263a233164cab5e11c29d7296c0b6b80b7d09208c75a823f60b8bf645389ae544ad1c5de7e87ec5d0e22228d49a6b63bd1a41

Download Submit
/data/user/0/com.yzojnxnf.buzdnua/code_cache/secondary-dexes/tmp-base.apk.classes6187634471320622312.zip
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.yzojnxnf.buzdnua/shared_prefs/multidex.version.xml
MD5
0ff6a95a261d84315d048a848694af36

SHA1
b9b0efae2523fd4cb8a2e2627479d8a98257a808

SHA256
b64379eae179985f9f7b66ef8a546643d41c74eec756a8d8497dfffb8c8e764e

SHA512
71c06a02da3d6e3adf46edb9e2b0bb2bd33a4d145dbf148e3e0f1f2a0bd98e93bb2f754889530e03d40e2efd2230549361f546eb586b3ef66ddcb0a7777af961

Download Submit
/data/user/0/com.yzojnxnf.buzdnua/shared_prefs/pref_name_setting.xml
MD5
70af10446607cc51283e6cb5b5f37ded

SHA1
823213f92293f2ee981b439963d6db6228c4f63e

SHA256
13cc154bbfd7682270ee80e70ac9b7799e6ecc19d6c189b992adce2f1678623e

SHA512
45f3560c299c9814d5020eceef579c53d2295ccde50863c10a88b382ed496527a6c63830281ec6376ad64309cecfc80812c7194066b685b4a50126c6ead9ead9

Download Submit
/data/user/0/com.yzojnxnf.buzdnua/shared_prefs/pref_name_setting.xml
MD5
db511be38c324d7edecf200fdbd374e0

SHA1
0e2b431e227e4a035c2f00294d8868787fca4c95

SHA256
65a68aa2872595fe8de234ee729211627e5c289f0c2a96b6f6292f01054a9aee

SHA512
f29f2e0a3177e30bb2decc36b8f4ddb38356bb1ec432e08d257fb7ce1590248db4b4c06ad227a3b97bbd38b8c8b949ebbc9143e14dab4d094cee60fe37e8b137

Download Submit
/data/user/0/com.yzojnxnf.buzdnua/shared_prefs/pref_name_setting.xml
MD5
c7fedd8830bb408acddfdbc43670283b

SHA1
c2f997927f95afe17eef966eef39abff20107eab

SHA256
1182549a073bc85e1223282471af7f6629cff8fdadf9eb41070ddfa754250e78

SHA512
70fdf32c14f4e9003d3ac8d865700063eedc000f66c025d0facc9806d96a9c25d5704a0e2697834a32e9055c5c8163ed6404e4958f6d067cac87350741f07181

Download Submit
/data/user/0/com.yzojnxnf.buzdnua/shared_prefs/pref_name_setting.xml
MD5
52a577d437eab31f88345e3a1593bd14

SHA1
2484e4a479d78794e89347c8c29a50bd328993ae

SHA256
d3685357fafdd92b68788e8350422f6ac6250ab58d7d874b80cbe0fb330d57f8

SHA512
824907065296e8f1f16a49bd33e4a4541f95ad2e99a38b87453cc2ce797e78214691cbc09754e7856d1fa46a14152d599a57c62fcdf404c3b804ce0a4752714d

Download Submit
/data/user/0/com.yzojnxnf.buzdnua/shared_prefs/prefs30.xml
MD5
12d6ab1d27552f5788e1667ec0eb1360

SHA1
f0c1a775a55b7bb45fe65579b526cf4360c0c4d6

SHA256
52e178aa40fd1c71b3a4e8fdfb73fba744ac754430d94697f4d2aaa6823c0d18

SHA512
87eb0dba3f5fbb8801a5b8a07849c8634698d64333f77d548f4596221d2f3d7cba7288ebb0fe0b7f9357add2636b07c6e9cd24aa887dd6cce6d22a1b7e2d3d32

Download Submit