Overview

overview

10

Static

static

7

ddcc9bafbd...44.apk

android-9-x86

1

ddcc9bafbd...44.apk

android-10-x64

10

ddcc9bafbd...44.apk

android-11-x64

10

Analysis

  • max time kernel
    1143056s
  • max time network
    155s
  • platform
    android_x64
  • resource
    android-x64-arm64-20220621-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20220621-enlocale:en-usos:android-11-x64system
  • submitted
    28-07-2022 09:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ddcc9bafbda3a100fb51fa1aedda0844.apk

  • Size

    1.5MB

  • MD5

    ddcc9bafbda3a100fb51fa1aedda0844

  • SHA1

    2a32003ed69b46408faa0549eac55539e97e7cfc

  • SHA256

    aa7c6d80939deabe2540d1354a5aedeb842c227a76a9b913c8429e4fdd9adee2

  • SHA512

    796396e02806ee89d7e44d87d928f3f19e4c431ffe37b19bfa2267160b80b7ded9692b21513223fe40ef9f783dd342bcfbb158e9e00616936bec10c2feb72c1f

Score
10/10
hydrabankerinfostealertrojan

Malware Config

Extracted

Family

hydra

C2

http://sarah-louisewoodcock56.top

Signatures

  • Hydra

    Android banker and info stealer.

    bankertrojaninfostealerhydra
  • Hydra payload 1 IoCs
  • Makes use of the framework's Accessibility service. 2 IoCs
  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • com.staff.donkey
    1⤵
    • Makes use of the framework's Accessibility service.
    • Loads dropped Dex/Jar
    PID:5080

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.staff.donkey/app_DynamicOptDex/YJakpjr.json
    Filesize

    231KB

    MD5

    4682b9a667b89786052c53c60e43545f

    SHA1

    66a4a64744643a4596bfe3f4e1d8af53acf146c1

    SHA256

    161cbad190b9fd08a31cb90f43512c225c1e9493f4679af3e9206db784503364

    SHA512

    f16e11ab4916bb026de32be3126fcf9e85de307072b801b5166e74017ec652f826edccf70740413f60de642df656e9accf3281b59bc6d6ba06b0b0fe7f176338

    Download Submit
  • /data/user/0/com.staff.donkey/app_DynamicOptDex/YJakpjr.json
    Filesize

    540KB

    MD5

    f78f4876dca212047edfe2c08eeb6f95

    SHA1

    90abfcfe845f4f9e08e040f7d78cb330642e879d

    SHA256

    a5ef8d431ca5c35f9d99703d3c9e74d7947642d89fefa92fcb3bfa786a9f368e

    SHA512

    405f2fab5c4e72bc88f3310962987759103cac5fb80f6a47304db4ce94179e2d91bec10084650583086f595d00ee2db3b3c4781c3b5ea31d979004654040b840

    Download Submit
  • /data/user/0/com.staff.donkey/app_DynamicOptDex/oat/YJakpjr.json.cur.prof
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit