hydra | 54318a908bc0d347fb56fe48ff7ca7e16fe5eec1d69e7248c902eac0edd45a5b | Triage

Analysis

max time kernel
695920s
platform
android_x86
resource
android-x86-arm
submitted
27-09-2021 22:55

Sharing

Report Analysis Logs

General

Target

54318a908bc0d347fb56fe48ff7ca7e16fe5eec1d69e7248c902eac0edd45a5b.apk
Size

7.8MB
MD5

c47cdae511e1dad0328abdfdbe60bdc3
SHA1

cd9c039963cc6ad28677041d5096fc6098cd6e27
SHA256

54318a908bc0d347fb56fe48ff7ca7e16fe5eec1d69e7248c902eac0edd45a5b
SHA512

31211f2a1aab4552bbf28c9fdbc9f051ab2eebdbdde05cfaf7bca1dafeb8eb54939523507776399257f31fcf8dcc219510fa9a5d47f867b88ff35e85558561c8

Score

10^/10

hydra banker infostealer trojan

Malware Config

Signatures

Hydra
Android banker and info stealer.
banker trojan infostealer hydra

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.gzjgyfds.owzgxab/reoudgggga/xmjhjmotgheoiub/base.apk.wmojstb1.arm	4731	/system/bin/dex2oat
/data/user/0/com.gzjgyfds.owzgxab/reoudgggga/xmjhjmotgheoiub/base.apk.wmojstb1.arm	4688	com.gzjgyfds.owzgxab

Requests enabling of the accessibility settings. 1 IoCs

description	ioc	Process
Intent action	android.settings.ACCESSIBILITY_SETTINGS	com.gzjgyfds.owzgxab

com.gzjgyfds.owzgxab
1⤵
- Loads dropped Dex/Jar
- Requests enabling of the accessibility settings.
PID:4688
- com.gzjgyfds.owzgxab
  2⤵
  PID:4731
- /system/bin/dex2oat
  2⤵
  - Loads dropped Dex/Jar
  PID:4731
- com.gzjgyfds.owzgxab
  2⤵
  PID:5085

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads