Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
1610039s -
max time network
32s -
platform
android_x64 -
resource
android-x64 -
submitted
19/08/2021, 19:48
Static task
static1
Behavioral task
behavioral1
Sample
75140_Video_Oynatıcı.apk
Resource
android-x64
0 signatures
0 seconds
General
-
Target
75140_Video_Oynatıcı.apk
-
Size
3.3MB
-
MD5
eaaa603ceed4c9a3d707b552b6a895a3
-
SHA1
7e0ddc97f948d5aee4042a62d82b89131a063f02
-
SHA256
4ee193d7a93bbf1d0ae9ea86d775eee37f9e4fde4b9f025aa7c8e102dbfebfc7
-
SHA512
c57fd3b3d9f578020ee045fd64f41085380630af1087a59391f372db2f1c11594e093d472ede474de6722150db25872f475afe8120b6d77d55e80b11d24d307f
Score
10/10
Malware Config
Extracted
Family
hydra
C2
http://jannatedge58.xyz
Signatures
-
Hydra
Android banker and info stealer.
-
Loads dropped Dex/Jar 1 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/user/0/com.tpxrxuuy.fitfqgd/code_cache/secondary-dexes/base.apk.classes1.zip 3607 com.tpxrxuuy.fitfqgd -
Uses reflection 3 IoCs
description pid Process Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE 3607 com.tpxrxuuy.fitfqgd Acesses field javax.security.auth.x500.X500Principal.thisX500Name 3607 com.tpxrxuuy.fitfqgd Acesses field javax.security.auth.x500.X500Principal.thisX500Name 3607 com.tpxrxuuy.fitfqgd