Overview

overview

10

Static

static

7

85dca4632d...0c.apk

android_x86

10

85dca4632d...0c.apk

android_x64

1

85dca4632d...0c.apk

android_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    85dca4632de8a835103a4f465009d50c

  • Size

    2.7MB

  • Sample

    220713-yvhddsdce5

  • MD5

    85dca4632de8a835103a4f465009d50c

  • SHA1

    18113d8e8c4ed8d0a0625765ff1af371e857f858

  • SHA256

    0c18c9e7eaa62a2ab4ee682d866f5ec3554972b6b6e9ae81beba66117e0b4163

  • SHA512

    30d588a5a16faaa15287e57e08cc3bd999c2e09952430e87800bca94d7545a503f49e6a6ea4eb6a76ad3dca5dbf38422589cf2fcd8ad5d738ff536e578b84997

Score
10/10
hydraandroidbankerinfostealertrojan

Malware Config

Extracted

Family

hydra

C2

http://secondpanel.site

Targets

    • Target

      85dca4632de8a835103a4f465009d50c

    • Size

      2.7MB

    • MD5

      85dca4632de8a835103a4f465009d50c

    • SHA1

      18113d8e8c4ed8d0a0625765ff1af371e857f858

    • SHA256

      0c18c9e7eaa62a2ab4ee682d866f5ec3554972b6b6e9ae81beba66117e0b4163

    • SHA512

      30d588a5a16faaa15287e57e08cc3bd999c2e09952430e87800bca94d7545a503f49e6a6ea4eb6a76ad3dca5dbf38422589cf2fcd8ad5d738ff536e578b84997

    Score
    10/10
    hydrabankerinfostealertrojan

    • Hydra

      Android banker and info stealer.

      bankertrojaninfostealerhydra

    • Hydra payload

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks