hydra | d0775b35bb8cb849d1049e9cea3d990f97bf09e908d19c93ba6ce0c184bfa668

Analysis

max time kernel
2311439s
max time network
42s
platform
android_x64
resource
android-x64
submitted
16-10-2021 15:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

sample.apk
Size

3.3MB
MD5

22c6380abe1a2ff9b7d6f6d4baf252e2
SHA1

4226fb895d2ea02c462a6aa4965991ef08a5412f
SHA256

d0775b35bb8cb849d1049e9cea3d990f97bf09e908d19c93ba6ce0c184bfa668
SHA512

c873ac10d58390d919ff4b6ffbb216e7f8dc4cdaeb859b91f4a4d58871a63a1b831b4b0da3ac85f92882a7fe8f6231b4a9545d83e65fc17dfbf9175c8be3d73a

Score

10^/10

hydra banker infostealer obfuscation trojan

Malware Config

Signatures

Hydra
Android banker and info stealer.
banker trojan infostealer hydra
Loads dropped Dex/Jar 1 IoCs
Runs executable file dropped to the device during analysis.

Processes:

com.cwnjcjeo.qhmvgio

ioc pid process

/data/user/0/com.cwnjcjeo.qhmvgio/code_cache/secondary-dexes/base.apk.classes1.zip 3603 com.cwnjcjeo.qhmvgio
Requests enabling of the accessibility settings. 1 IoCs

Processes:

com.cwnjcjeo.qhmvgio

description ioc process

Intent action android.settings.ACCESSIBILITY_SETTINGS com.cwnjcjeo.qhmvgio

ioc	pid	process
/data/user/0/com.cwnjcjeo.qhmvgio/code_cache/secondary-dexes/base.apk.classes1.zip	3603	com.cwnjcjeo.qhmvgio

description	ioc	process
Intent action	android.settings.ACCESSIBILITY_SETTINGS	com.cwnjcjeo.qhmvgio

Uses reflection 3 IoCs

obfuscation

Processes:

com.cwnjcjeo.qhmvgio

description	pid	process
Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE	3603	com.cwnjcjeo.qhmvgio
Acesses field javax.security.auth.x500.X500Principal.thisX500Name	3603	com.cwnjcjeo.qhmvgio
Acesses field javax.security.auth.x500.X500Principal.thisX500Name	3603	com.cwnjcjeo.qhmvgio

com.cwnjcjeo.qhmvgio
1⤵
- Loads dropped Dex/Jar
- Requests enabling of the accessibility settings.
- Uses reflection
PID:3603

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.cwnjcjeo.qhmvgio/code_cache/secondary-dexes/MultiDex.lock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.cwnjcjeo.qhmvgio/code_cache/secondary-dexes/base.apk.classes1.zip
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.cwnjcjeo.qhmvgio/code_cache/secondary-dexes/tmp-base.apk.classes352275234703420450.zip
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.cwnjcjeo.qhmvgio/shared_prefs/multidex.version.xml
MD5
3f169e4c5a3beac2c44e20dc0ebb3f24

SHA1
c0c0b5dfb923b90b54711919b15eb0367272f12e

SHA256
66282a6b01380314505810e6159f32127bc003c34ca339ccc8c936945c2562ec

SHA512
8d832f21ea900772cd4486752ffd705b966dd948753ee038cf7eb5c84e1c5b35811c5006ed073865ec186ee352e0da67185b2b3fb33cf1d1d3060dadc3eff848

Download Submit
/data/user/0/com.cwnjcjeo.qhmvgio/shared_prefs/pref_name_setting.xml
MD5
c1e25a5d942c4b3d6f6138151f82fa20

SHA1
32b12dba6b26b02872738c4478cd56db4f4adbed

SHA256
d851358e93f7608c9ca67e30ece4b582497028711de3b0b1ba2c247a4ea81353

SHA512
9b62127b76fa1176b682c440e7344f8e239bffbcf3b34059ffd4c1f1e9c19e932b20bd87a3b14f9155f92992cd99284f95294042940b6e339d8f9c02f47e667f

Download Submit
/data/user/0/com.cwnjcjeo.qhmvgio/shared_prefs/pref_name_setting.xml
MD5
82f7b4d05666c242eb78da76f7b16a6b

SHA1
101d2c72ec55a8339dd5af5ba8eda8d3cda7dd73

SHA256
64186581eb92b711625359c9598605002664c818a351f01bcf4a8110a4ea050a

SHA512
6c4dd21029b49416b0fea3aac29341dd24439d5887ac159bc37f410ef3860177f9ede69618f5d2634687dbb9e541361cdfa42200166510c0f7368cab29e06e6c

Download Submit
/data/user/0/com.cwnjcjeo.qhmvgio/shared_prefs/pref_name_setting.xml
MD5
a1bee7929a5035b7376a44abc9715d25

SHA1
c5db7948649cb45e24d9525e7ffcc20813235354

SHA256
e67ed35ed03ddc950ef1735206afbf201bf29be057e8ecc909e927dc443039f6

SHA512
027e54f57c7742e118e9bd22e69dd020e70023e721e916ead13b41e854b3d60d44641b88aa4842ab80284b16038b08485c07add95c76c3e160f3920530da5911

Download Submit
/data/user/0/com.cwnjcjeo.qhmvgio/shared_prefs/prefs30.xml
MD5
12d6ab1d27552f5788e1667ec0eb1360

SHA1
f0c1a775a55b7bb45fe65579b526cf4360c0c4d6

SHA256
52e178aa40fd1c71b3a4e8fdfb73fba744ac754430d94697f4d2aaa6823c0d18

SHA512
87eb0dba3f5fbb8801a5b8a07849c8634698d64333f77d548f4596221d2f3d7cba7288ebb0fe0b7f9357add2636b07c6e9cd24aa887dd6cce6d22a1b7e2d3d32

Download Submit
/data/user/0/com.cwnjcjeo.qhmvgio/shared_prefs/prefs30.xml
MD5
b6e8ab9e578df49e49a2d8c311208934

SHA1
3380b6137e8ec4331b488262547efb72a619aac6

SHA256
c60680ed16146c956b1ac45c515f65f4228d793711cd599ebb41944678e96a58

SHA512
f60d44387cd84bcd4d8312f80fc64e9a94855a42ca6ed9f0ad716ba90409f94bd1f2358c8afdfe3558c5d92c2e449afabcd1885beece4eb194080c417b4b9272

Download Submit