hydra | aa426cf08acebdd09c92c3bd2494c5461fbe5f8d31835d7cf6ca1d81a5ade8ee | Triage

Resubmissions

23-12-2021 22:15

211223-16pyqabfh5 7

23-12-2021 22:02

211223-1x9a1acebk 7

21-12-2021 20:38

211221-zenqxafdak 10

Analysis

max time kernel
3736602s
max time network
187s
platform
android_x64
resource
android-x64-arm64
submitted
21-12-2021 20:38

Sharing

Report Analysis Logs

General

Target

FlashPlayerV6.1.apk
Size

7.2MB
MD5

f20d29fb8e0f867294606fc575dc83fd
SHA1

7541e52c5bf16f5d2d1d28a8d44a599594a91bc6
SHA256

aa426cf08acebdd09c92c3bd2494c5461fbe5f8d31835d7cf6ca1d81a5ade8ee
SHA512

cb41d4c58ee849b0581178c2761bf13fe03c9bf8abbc06d726f253660f7f9f0eb702f738610e92d365fe04441eeca39075f55811d8ca9ffa80c28999a9976ada

Score

10^/10

hydra banker infostealer trojan

Malware Config

Signatures

Hydra
Android banker and info stealer.
banker trojan infostealer hydra

Hydra Payload 2 IoCs

resource	yara_rule
behavioral1/memory/4074-0.dex	family_hydra
behavioral1/memory/4074-1.dex	family_hydra

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.ankle.check/app_DynamicOptDex/rJZya.json	4074	com.ankle.check
/data/user/0/com.ankle.check/app_DynamicOptDex/rJZya.json	4074	com.ankle.check

com.ankle.check
1⤵
- Loads dropped Dex/Jar
PID:4074

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads