Overview

overview

10

Static

static

7

8ac2f7d880...c3.apk

android_x86

10

8ac2f7d880...c3.apk

android_x64

10

8ac2f7d880...c3.apk

android_x64

10

Analysis

  • max time kernel
    2089407s
  • max time network
    93s
  • platform
    android_x86
  • resource
    android-x86-arm
  • submitted
    21-01-2022 12:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8ac2f7d8800e976d63c53aa48e83dcb06b0945ea33da1ba5aa4e0925ba39a3c3.apk

  • Size

    3.3MB

  • MD5

    d5be67c5db0f576f4a49c80a7bf8d44b

  • SHA1

    d6a31d3318aecddfb044c1c615b61ae4a0221327

  • SHA256

    8ac2f7d8800e976d63c53aa48e83dcb06b0945ea33da1ba5aa4e0925ba39a3c3

  • SHA512

    79167f3eaa361ac5969988cb308ac73082249375d91688f8ea13abd739922f96178bbdc829c0d5f4df8e2e7d4d27ffae9ee65fb1090bf5b3ff7a3fd27b15ab66

Score
10/10
hydrabankerinfostealertrojan

Malware Config

Signatures

  • Hydra

    Android banker and info stealer.

    bankertrojaninfostealerhydra
  • Hydra Payload 2 IoCs
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.

Processes

  • com.agree.describe
    1⤵
    • Loads dropped Dex/Jar
    PID:5094
    • com.agree.describe
      2⤵
        PID:5162
      • /system/bin/dex2oat
        2⤵
        • Loads dropped Dex/Jar
        PID:5162
      • com.agree.describe
        2⤵
          PID:5394
        • toolbox
          2⤵
            PID:5394
          • com.agree.describe
            2⤵
              PID:5430
            • /system/bin/sh
              2⤵
                PID:5430
              • /system/bin/ndk_translation_program_runner_binfmt_misc
                2⤵
                  PID:5430
                • com.agree.describe
                  2⤵
                    PID:5466
                  • /system/bin/sh
                    2⤵
                      PID:5466
                    • /system/bin/ndk_translation_program_runner_binfmt_misc
                      2⤵
                        PID:5466
                        • /system/bin/ndk_translation_program_runner_binfmt_misc
                          3⤵
                            PID:5576
                        • com.agree.describe
                          2⤵
                            PID:5789
                          • toolbox
                            2⤵
                              PID:5789
                            • com.agree.describe
                              2⤵
                                PID:6666
                              • toolbox
                                2⤵
                                  PID:6666
                                • com.agree.describe
                                  2⤵
                                    PID:6726
                                  • /system/bin/sh
                                    2⤵
                                      PID:6726
                                    • /system/bin/ndk_translation_program_runner_binfmt_misc
                                      2⤵
                                        PID:6726
                                      • com.agree.describe
                                        2⤵
                                          PID:6847
                                        • /system/bin/sh
                                          2⤵
                                            PID:6847
                                          • /system/bin/ndk_translation_program_runner_binfmt_misc
                                            2⤵
                                              PID:6847
                                              • /system/bin/ndk_translation_program_runner_binfmt_misc
                                                3⤵
                                                  PID:6869
                                            • /system/bin/ndk_translation_program_runner_binfmt_misc
                                              1⤵
                                                PID:5591
                                              • /system/bin/ndk_translation_program_runner_binfmt_misc
                                                1⤵
                                                  PID:6879

                                                Network

                                                MITRE ATT&CK Matrix

                                                Replay Monitor

                                                Loading Replay Monitor...

                                                Downloads

                                                • /data/user/0/com.agree.describe/app_DynamicOptDex/IQ.json
                                                  MD5

                                                  b9b8a757e8fa0cae4d7ba0a9843d6c76

                                                  SHA1

                                                  4f4b79ad66f3f5486d126f551d93847d1cb5213c

                                                  SHA256

                                                  a2283fb673281b9a5ad5b87fb62b35fffcfb6193aa668dfddd4ada8ec589a052

                                                  SHA512

                                                  ee7d9c63928569bb8d91af1a8d1c83a51c240842f124fe3f0d4c28ea6f09428598862c9ce8dc9f411027272ca097fc35eb4d1bb5822aa44d56d430f4ebdad355

                                                  Download Submit

                                                • /data/user/0/com.agree.describe/app_DynamicOptDex/IQ.json
                                                  MD5

                                                  a5da295f4346e92139f7558752e3daa8

                                                  SHA1

                                                  0b0c227d582fd86e037bfb92c13aeefd404cac93

                                                  SHA256

                                                  ec496edf9dc3fb3f2ea5d7a23d088e799e26d19c9b2cc7473f0c3c6720955076

                                                  SHA512

                                                  1e1b6266ef42f983a20934498a37ae1ba787f4a3c350e7f8dcac534f1eb63b0912ac478ca05f63ae8d3bc0cd522034049714c41e5474adbbe160b91e471d3962

                                                  Download Submit