hydra | b461ad02bf71d2334a7c786e9de42b00515fe6093c06366f0308e5d99a26da7d | Triage

Analysis

max time kernel
46615s
max time network
19s
platform
android_x64
resource
android-x64
submitted
20-09-2021 10:36

Sharing

Report Analysis Logs

General

Target

commerzbank.apk
Size

7.8MB
MD5

33930ad392c91562b0976fcb11da8573
SHA1

5beebbc6c1b2d1f7ea09e2b5052e0485a537ab44
SHA256

b461ad02bf71d2334a7c786e9de42b00515fe6093c06366f0308e5d99a26da7d
SHA512

fb8569a44933182c422bfbb591193d4ea5941d1660dacd3a4ee7e18902c9fd52ed118d6c60a20f8ff3c38d115962b54128991bcc43be4944589a8b38dfa253c2

Score

10^/10

hydra banker infostealer trojan

Malware Config

Signatures

Hydra
Android banker and info stealer.
banker trojan infostealer hydra

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.ncizacxo.rpykfle/wtirqoienr/pxidduezwjpifza/base.apk.usjspxj1.cpo	3609	com.ncizacxo.rpykfle
[anon:dalvik-classes.dex extracted in memory from /data/user/0/com.ncizacxo.rpykfle/wtirqoienr/pxidduezwjpifza/base.apk.usjspxj1.cpo]	3609	com.ncizacxo.rpykfle

com.ncizacxo.rpykfle
1⤵
- Loads dropped Dex/Jar
PID:3609

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads