hydra | 6247d0dc4f7a148ad7487371afad0ee51fbfe6e8f046d59125b50d480f92d0e3 | Triage

Analysis

max time kernel
1268642s
max time network
158s
platform
android_x64
resource
android-x64-arm64
submitted
12/01/2022, 00:08

Sharing

Report Analysis Logs

General

Target

f0a3690fe48a9e25894c30784882cb5b.apk
Size

6.9MB
MD5

f0a3690fe48a9e25894c30784882cb5b
SHA1

35f629e6f804c547067f1eda9bb0c50efce0c4e6
SHA256

6247d0dc4f7a148ad7487371afad0ee51fbfe6e8f046d59125b50d480f92d0e3
SHA512

56aad4488d17b7c31623fc4b49227c813c17de0545d727fc973c45a5e498c187b64bcd6964f9a37f207c3c548f110efd4de621cecd05a73706f542d715d60e93

Score

10^/10

hydra banker infostealer trojan

Malware Config

Signatures

Hydra
Android banker and info stealer.
banker trojan infostealer hydra

Makes use of the framework's Accessibility service. 1 IoCs

description	ioc	Process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	com.ptnlmklv.xiegvjf

Loads dropped Dex/Jar 1 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.ptnlmklv.xiegvjf/ewhhg9iuF6/kjwHyyfafeijdyf/base.apk.quqpTff1.i8j	6284	com.ptnlmklv.xiegvjf

com.ptnlmklv.xiegvjf
1⤵
- Makes use of the framework's Accessibility service.
- Loads dropped Dex/Jar
PID:6284
- com.ptnlmklv.xiegvjf
  2⤵
  PID:6575

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads