hydra | 2cca7cac692513aa01467dd9cda3ea98a2a8cde74380b2826294d283a83f4ce7 | Triage

Submit
Reports

Overview

overview

Static

static

7

bawag.apk

android_x86

bawag.apk

android_x64

bawag.apk

android_x64

Sharing

General

Target

bawag.apk
Size

3.5MB
Sample

220401-jspblagfb7
MD5

768ec2246d2c92330ba8fafe6513963e
SHA1

dbfc889162a1b786c14afe37618d65dca701d0e2
SHA256

2cca7cac692513aa01467dd9cda3ea98a2a8cde74380b2826294d283a83f4ce7
SHA512

0ca0521a2b5403b607f9df7c27c80d426f2c73dea1692bb6577899ff01ad5aa135da7c52082fe690e4c35c4a64fba40f2a9477ee4e14481d7af7a9a9ba219db0

Score

10^/10

hydra android banker infostealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

bawag.apk

Resource

android-x86-arm-20220310-en

hydra banker infostealer trojan

android_x86

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

bawag.apk

Resource

android-x64-20220310-en

hydra banker infostealer trojan

android_x64

0 signatures

0 seconds

Behavioral task

behavioral3

Sample

bawag.apk

Resource

android-x64-arm64-20220310-en

hydra banker infostealer trojan

android_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  bawag.apk
- Size
  
  3.5MB
- MD5
  
  768ec2246d2c92330ba8fafe6513963e
- SHA1
  
  dbfc889162a1b786c14afe37618d65dca701d0e2
- SHA256
  
  2cca7cac692513aa01467dd9cda3ea98a2a8cde74380b2826294d283a83f4ce7
- SHA512
  
  0ca0521a2b5403b607f9df7c27c80d426f2c73dea1692bb6577899ff01ad5aa135da7c52082fe690e4c35c4a64fba40f2a9477ee4e14481d7af7a9a9ba219db0
Score

10^/10

hydra banker infostealer trojan
- Hydra
  Android banker and info stealer.
  banker trojan infostealer hydra
- Hydra Payload
- Makes use of the framework's Accessibility service.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Legitimate hosting services abused for malware hosting/C2
- Reads information about phone network operator.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

hydrabankerinfostealertrojan

behavioral2

hydrabankerinfostealertrojan

behavioral3

hydrabankerinfostealertrojan

© 2018-2024

Terms | Privacy