hydra | e773c45b680de89a74a82793576c736c7a4c7ac7f303567bc0f71cd4e0b50131 | Triage

Resubmissions

20-01-2022 19:25

220120-x48q9sbce3 10

20-01-2022 19:18

220120-x1d3gsbcbn 10

Analysis

max time kernel
2028878s
max time network
263s
platform
android_x64
resource
android-x64-arm64
submitted
20-01-2022 19:18

Sharing

Report Analysis Logs

General

Target

FlashPlayerV3.1(1).apk
Size

7.0MB
MD5

f69b7ddc302f84020975facf50daf491
SHA1

e20a189c6b1bf590dfbb959b400683c297da6434
SHA256

e773c45b680de89a74a82793576c736c7a4c7ac7f303567bc0f71cd4e0b50131
SHA512

451e05ed161df87b2c5e1ecd18d4b2d2498c5899dc2c442d1e33f37072ee15dfb16f9c87f2d0141e866f69c71bcc1632174cf1da8507ad9aede7d5e71f739545

Score

10^/10

hydra banker infostealer trojan

Malware Config

Signatures

Hydra
Android banker and info stealer.
banker trojan infostealer hydra

Hydra Payload 2 IoCs

resource	yara_rule
behavioral1/memory/6276-0.dex	family_hydra
behavioral1/memory/6276-1.dex	family_hydra

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.art.shove/app_DynamicOptDex/cLkDDWy.json	6276	com.art.shove
/data/user/0/com.art.shove/app_DynamicOptDex/cLkDDWy.json	6276	com.art.shove

com.art.shove
1⤵
- Loads dropped Dex/Jar
PID:6276
- com.art.shove
  2⤵
  PID:6631

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads