Analysis
-
max time kernel
799879s -
max time network
196s -
platform
android_x64 -
resource
android-x64-arm64 -
submitted
06-01-2022 13:53
Static task
static1
Behavioral task
behavioral1
Sample
37209_Video_Oynatıcı.apk
Resource
android-x64-arm64
General
-
Target
37209_Video_Oynatıcı.apk
-
Size
2.5MB
-
MD5
4b3d7940c616d04f0b0ec98abba0ec52
-
SHA1
4b6ccfb7644a02fd10cdf16398df50d368645409
-
SHA256
ae47584cc5b96611a40bf28683e4a31741514dca3fd428639ac7814d5cc7cf16
-
SHA512
a113cc24d27c5d44f418e61aab0dafc8d99e23ab7248b4c28b474bb2b778e9a6bb169b6b58d957f38134c7f16f26718b50e92cc139e7dc1c5a1c39d21a278526
Malware Config
Extracted
hydra
http://viveklees437.website
Signatures
-
Hydra
Android banker and info stealer.
-
Hydra Payload 2 IoCs
Processes:
resource yara_rule /data/user/0/com.expect.negative/app_DynamicOptDex/eMurFk.json family_hydra /data/user/0/com.expect.negative/app_DynamicOptDex/eMurFk.json family_hydra -
Loads dropped Dex/Jar 2 IoCs
Runs executable file dropped to the device during analysis.
Processes:
com.expect.negativeioc pid process /data/user/0/com.expect.negative/app_DynamicOptDex/eMurFk.json 6019 com.expect.negative /data/user/0/com.expect.negative/app_DynamicOptDex/eMurFk.json 6019 com.expect.negative
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/com.expect.negative/app_DynamicOptDex/eMurFk.jsonMD5
32d10fc9a8963eff0e4cc549828abd24
SHA14c341a618b9967cbb4df4fcd697d349dc0b5971c
SHA256726365fbc9f6382360587249c2b7db93628d77c189bde610ba925dd1439e7b79
SHA51214caa5a1f2fe4007be72dcd4cc93009e4f678b2f9bd1823177c927b6fc931d85207de2243fb6bf9cc467dcce92b017a40138e79339d1c87976ac2992c39b6c75
-
/data/user/0/com.expect.negative/app_DynamicOptDex/eMurFk.jsonMD5
32d10fc9a8963eff0e4cc549828abd24
SHA14c341a618b9967cbb4df4fcd697d349dc0b5971c
SHA256726365fbc9f6382360587249c2b7db93628d77c189bde610ba925dd1439e7b79
SHA51214caa5a1f2fe4007be72dcd4cc93009e4f678b2f9bd1823177c927b6fc931d85207de2243fb6bf9cc467dcce92b017a40138e79339d1c87976ac2992c39b6c75