hydra | 54defb64488f34dbee4b8105e57a1823ad454a0ab8d3a960f286ee633004012d

Analysis

max time kernel
2738437s
max time network
166s
platform
android_x64
resource
android-x64-20220310-en
submitted
08-05-2022 07:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

54defb64488f34dbee4b8105e57a1823ad454a0ab8d3a960f286ee633004012d.apk
Size

5.0MB
MD5

dc6c21be944f83fb20c5b6bbd2328908
SHA1

b5adf614b60b4804cfe7171cdf00df0ce19b0785
SHA256

54defb64488f34dbee4b8105e57a1823ad454a0ab8d3a960f286ee633004012d
SHA512

a18a740bb41f426934d6cb09e4f772177fbba0f6da4d1c72e4c00ccb41a13b09b3a19b27653864ac0344f87d108491ea7058c779d544da14f523c0f860910057

Score

10^/10

hydra banker infostealer trojan

Malware Config

Signatures

Hydra
Android banker and info stealer.
banker trojan infostealer hydra

Hydra Payload 2 IoCs

Processes:

resource	yara_rule
/data/user/0/pdsjhtcynatqoh.slqpl.lzgwoyg/app_DynamicOptDex/hx.json	family_hydra
/data/user/0/pdsjhtcynatqoh.slqpl.lzgwoyg/app_DynamicOptDex/hx.json	family_hydra

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

Processes:

pdsjhtcynatqoh.slqpl.lzgwoyg

ioc	pid	process
/data/user/0/pdsjhtcynatqoh.slqpl.lzgwoyg/app_DynamicOptDex/hx.json	6305	pdsjhtcynatqoh.slqpl.lzgwoyg
/data/user/0/pdsjhtcynatqoh.slqpl.lzgwoyg/app_DynamicOptDex/hx.json	6305	pdsjhtcynatqoh.slqpl.lzgwoyg

Reads information about phone network operator.

pdsjhtcynatqoh.slqpl.lzgwoyg
1⤵
- Loads dropped Dex/Jar
PID:6305

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/pdsjhtcynatqoh.slqpl.lzgwoyg/app_DynamicOptDex/hx.json
Filesize
3.2MB

MD5
cfe8269312908a9a8b666a85aa551195

SHA1
72b53d0d05e5bc84c5eb47d0b50a47665a3f8b65

SHA256
d6a5630151dff0a88830a0062c221d4431356bf0c60f9a4ab09c8362d44ec165

SHA512
e61ddf8ee75fe048b70f8888c1fa29b85f1267073042088fa3c3e6a347c043bce09358bc90186fcfb07ffc097f22733fc505d50a1dce7debc37af94891a9f3e6

Download Submit
/data/user/0/pdsjhtcynatqoh.slqpl.lzgwoyg/app_DynamicOptDex/hx.json
Filesize
3.2MB

MD5
824b55e7e5ae8b5f1f804913ac0a5989

SHA1
e294ac09d8372be68f8f1a78b1fac6e0f617da93

SHA256
bba6665a507016991ebb6968cadd98587acf9eb4725c2dfe17685d9e3c2d4bca

SHA512
010a0f68e9025e9351ef6ad38b14bec34430baa8c9544d96d8c213ae61f62a3f2fcf27a5f89e4af1761cb5e09f591c46dcd02252a8d73821a40b4d8b61e2c8eb

Download Submit
/data/user/0/pdsjhtcynatqoh.slqpl.lzgwoyg/app_DynamicOptDex/hx.json
Filesize
3.2MB

MD5
824b55e7e5ae8b5f1f804913ac0a5989

SHA1
e294ac09d8372be68f8f1a78b1fac6e0f617da93

SHA256
bba6665a507016991ebb6968cadd98587acf9eb4725c2dfe17685d9e3c2d4bca

SHA512
010a0f68e9025e9351ef6ad38b14bec34430baa8c9544d96d8c213ae61f62a3f2fcf27a5f89e4af1761cb5e09f591c46dcd02252a8d73821a40b4d8b61e2c8eb

Download Submit
/data/user/0/pdsjhtcynatqoh.slqpl.lzgwoyg/app_DynamicOptDex/oat/hx.json.cur.prof
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit