Overview

overview

10

Static

static

7

85dca4632d...0c.apk

android_x86

10

85dca4632d...0c.apk

android_x64

1

85dca4632d...0c.apk

android_x64

10

Analysis

  • max time kernel
    4180522s
  • max time network
    150s
  • platform
    android_x86
  • resource
    android-x86-arm-20220621-en
  • submitted
    13-07-2022 20:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    85dca4632de8a835103a4f465009d50c.apk

  • Size

    2.7MB

  • MD5

    85dca4632de8a835103a4f465009d50c

  • SHA1

    18113d8e8c4ed8d0a0625765ff1af371e857f858

  • SHA256

    0c18c9e7eaa62a2ab4ee682d866f5ec3554972b6b6e9ae81beba66117e0b4163

  • SHA512

    30d588a5a16faaa15287e57e08cc3bd999c2e09952430e87800bca94d7545a503f49e6a6ea4eb6a76ad3dca5dbf38422589cf2fcd8ad5d738ff536e578b84997

Score
10/10
hydrabankerinfostealertrojan

Malware Config

Extracted

Family

hydra

C2

http://secondpanel.site

Signatures

  • Hydra

    Android banker and info stealer.

    bankertrojaninfostealerhydra
  • Hydra payload 2 IoCs
  • Makes use of the framework's Accessibility service. 2 IoCs
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.

Processes

  • com.casino.crop
    1⤵
    • Makes use of the framework's Accessibility service.
    • Loads dropped Dex/Jar
    PID:4683
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.casino.crop/app_DynamicOptDex/FCXm.json --output-vdex-fd=41 --oat-fd=42 --oat-location=/data/user/0/com.casino.crop/app_DynamicOptDex/oat/x86/FCXm.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4754

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.casino.crop/app_DynamicOptDex/FCXm.json
    Filesize

    1.3MB

    MD5

    e7a8e4c33ba20c8c2b3f607e9a56a282

    SHA1

    8897865d5afe2cf97cd012d38b4ebe482e0a9a14

    SHA256

    1907e233c3d200242db6c50502502b06ce7f0bdf39ce14c743cb26f29dbb6053

    SHA512

    c81d60330bc097b09d38776dfa33bbc8574f73b6b195671f569e74ec4666e3e2021a50f6672e480e4a70ae37059df60cd1c1991cc41330745c89b8aebb9e564e

    Download Submit

  • /data/user/0/com.casino.crop/app_DynamicOptDex/FCXm.json
    Filesize

    3.6MB

    MD5

    1bf869bc7393de6b5d9c1c8e65cc55ad

    SHA1

    29b6f03c72870b8774ba04520dc8d74812780574

    SHA256

    897c980fb743f03f836dac1e345dc47d5f66cc9920e18e062f83a93ae79c23bc

    SHA512

    a2e7b834315325a4c2fceaca6289b97b90323a2fd0175ab7df031570a0f1122fb94aed498f4b75d2643f29ccfac33a50bc9c6c85232e1092c7e6bb3a53fef3d2

    Download Submit

  • /data/user/0/com.casino.crop/app_DynamicOptDex/FCXm.json
    Filesize

    3.6MB

    MD5

    1c26ea2287ca4d96220c90d58f9cdffd

    SHA1

    53b3f8344dfb5518434500d345d93d8daa4d0cc4

    SHA256

    4bbc5225e17a52fc5d2503da4f625c51773c74d26e8897827bc562c0b3060fd4

    SHA512

    513787e2d17bed2eb863323bd01fa7b4d722ab995c6455e02ff6d1d0bb1cbdfcae1904d35dde07eb31c6d8df9dd3f605035b06830e275e9156ce77bf77288b73

    Download Submit

  • /data/user/0/com.casino.crop/app_apk/payload.apk
    Filesize

    974KB

    MD5

    3baeaa766ea7f31a9147208efd957c75

    SHA1

    c701de3d0e55425394ccbf8e0967639e86f3c54e

    SHA256

    75e162dc291e15d13b0f3202a66e0c88ff2db09ec02922ee64818dbddcb78d6d

    SHA512

    9f3ccb1fc9a177524ba2d39f809be4851af385073463893bd4a8664308253fc0da2b9ab330c85675dbe9ce0c44b631a0d1ec7800491687c7b2540504b351295f

    Download Submit