hydra | f489e424d946083b0167321ea10fa87b48f05e85386609e810bbf6e4778efd6f | Triage

Analysis

max time kernel
992477s
max time network
45s
platform
android_x64
resource
android-x64-arm64
submitted
01-10-2021 09:20

Sharing

Report Analysis Logs

General

Target

db.apk
Size

8.4MB
MD5

3485b084ca43e53fab17fd5825796c93
SHA1

a0ba124f9bf287469b0cffe679648924c57754b9
SHA256

f489e424d946083b0167321ea10fa87b48f05e85386609e810bbf6e4778efd6f
SHA512

a107296bec24a62138349830056a8864cacc6768e03e02c034cf5c4b56866058fe4a5bb028a8e02bee15de87131e828d1cd7de477f6a420105234459b5c46a27

Score

10^/10

hydra banker infostealer trojan

Malware Config

Signatures

Hydra
Android banker and info stealer.
banker trojan infostealer hydra

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.hygvjlea.kcitrhb/oghgwgkvaq/jknjzurmumezvou/base.apk.naauhyw1.xcf	4220	com.hygvjlea.kcitrhb
[anon:dalvik-classes.dex extracted in memory from /data/user/0/com.hygvjlea.kcitrhb/oghgwgkvaq/jknjzurmumezvou/base.apk.naauhyw1.xcf]	4220	com.hygvjlea.kcitrhb

com.hygvjlea.kcitrhb
1⤵
- Loads dropped Dex/Jar
PID:4220

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads