Overview

overview

10

Static

static

7

doc_hy_0806_obf_3.apk

android_x86

10

doc_hy_0806_obf_3.apk

android_x64

10

doc_hy_0806_obf_3.apk

android_x64

10

Analysis

  • max time kernel
    1140531s
  • max time network
    162s
  • platform
    android_x64
  • resource
    android-x64-20220310-en
  • submitted
    08-06-2022 15:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    doc_hy_0806_obf_3.apk

  • Size

    3.2MB

  • MD5

    116fea8c63bce4908ec1307e20ed96ba

  • SHA1

    4155c71ee1e03cefe5b67bc89c2235266327baa4

  • SHA256

    c7300e6de3d9c6f1ad622a1e884f00d43340c381fb87c87514ef3ca2156fdf5b

  • SHA512

    8e3c99beef9fc1130caab4ecc884da59f2a5c82102b2f61eef44adf7c55595923951203314439e72ef543bfeb232554d06a92ca820f7fa6df19a31d1eb590036

Score
10/10
hydrabankerinfostealertrojan

Malware Config

Signatures

  • Hydra

    Android banker and info stealer.

    bankertrojaninfostealerhydra
  • Hydra Payload 1 IoCs
  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.

Processes

  • com.horse.common
    1⤵
    • Loads dropped Dex/Jar
    PID:6183

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.horse.common/app_DynamicOptDex/oat/rfrNI.json.cur.prof
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/com.horse.common/app_DynamicOptDex/rfrNI.json
    Filesize

    1.9MB

    MD5

    3f6f548ccb3173c207e8f58dfcc763ff

    SHA1

    a4648025446ab0962fac1a8657513749f4286a4c

    SHA256

    403df8aaecda051f1816cae3aff1a732e424563a0a3192e80c3320bb74df660e

    SHA512

    7dd2493c41b08cea2427587f075279088fb030cb68527a66008c90b3dc11ad2f637fec7e74513d4e33938a58f360a1b94d338e8888726b0c2f62877dbf31a6e3

    Download Submit
  • /data/user/0/com.horse.common/app_DynamicOptDex/rfrNI.json
    Filesize

    5.0MB

    MD5

    aac2dcd77392344f8dd31f4f01a57ce9

    SHA1

    5c7f8906901da794dc630d37cd9f501d44be6adb

    SHA256

    50ccc8e8c22a41b020f0f991395551f3f0fb683eae4aa88fa9333b4b3fa60a86

    SHA512

    1a9733330cb198be78d147d590a59735d1bcb3f9f56f2134e977b123d15ff81a254a684521cca3f2ec1fa498d64e8a79e5c1f55dd2f4ae62d8074edd8d8472e9

    Download Submit