hydra | d5a63c4ace387cff8d641ad9aeedf9e406684b0f3bdcfc79e97de80eef177bee | Triage

Analysis

max time kernel
1553257s
max time network
103s
platform
android_x64
resource
android-x64
submitted
26-11-2021 14:09

Sharing

Report Analysis Logs

General

Target

bawag.apk
Size

8.2MB
MD5

2cc9b0f73c834830b99ef2a9e0c3da27
SHA1

5d0b20afb0f45c5acbdcfee49b41f83cee3fca83
SHA256

d5a63c4ace387cff8d641ad9aeedf9e406684b0f3bdcfc79e97de80eef177bee
SHA512

6d7eb370926eb81a7d63c43c3572028f3e7e66c86982c5272a340b00f9c29800892d0ffa4f5d27eb61e6df81bf56ca1b2dc8fece28594bbca1c05739eab004ab

Score

10^/10

hydra banker infostealer trojan

Malware Config

Signatures

Hydra
Android banker and info stealer.
banker trojan infostealer hydra

Hydra Payload 2 IoCs

resource	yara_rule
behavioral1/memory/3679-0.dex	family_hydra
behavioral1/memory/3679-1.dex	family_hydra

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.feel.rabbit/app_DynamicOptDex/lrIXlp.json	3679	com.feel.rabbit
/data/user/0/com.feel.rabbit/app_DynamicOptDex/lrIXlp.json	3679	com.feel.rabbit

com.feel.rabbit
1⤵
- Loads dropped Dex/Jar
PID:3679

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads