hydra | cf58bfcf15a1131d098549815400715d80698b1c400e6b5073ec8a25ec7eb48c | Triage

Sharing

General

Target

78wEKB72_mediaplayer_aHR0cDovL2xvYW1obWlpZ2xhNnN6bnRsanduM2Z5dX.apk
Size

1.9MB
Sample

220802-g3kp2sbgg8
MD5

43f848722d0ddb631d88b65b565d6b0d
SHA1

4cc9045d2a9d4252c12d8c973c6d1e8b22c74f35
SHA256

cf58bfcf15a1131d098549815400715d80698b1c400e6b5073ec8a25ec7eb48c
SHA512

eee9d44a6558d594756eaccd26193372d2e12f1273e1b0c7b052c72d95ed1bffc2a1386ea0fe6193e24dcec30a17928eb9ff8d0a9b4b47fb9e97cacfa5626831

Score

10^/10

hydra android banker infostealer trojan

Malware Config

Targets

- Target
  
  78wEKB72_mediaplayer_aHR0cDovL2xvYW1obWlpZ2xhNnN6bnRsanduM2Z5dX.apk
- Size
  
  1.9MB
- MD5
  
  43f848722d0ddb631d88b65b565d6b0d
- SHA1
  
  4cc9045d2a9d4252c12d8c973c6d1e8b22c74f35
- SHA256
  
  cf58bfcf15a1131d098549815400715d80698b1c400e6b5073ec8a25ec7eb48c
- SHA512
  
  eee9d44a6558d594756eaccd26193372d2e12f1273e1b0c7b052c72d95ed1bffc2a1386ea0fe6193e24dcec30a17928eb9ff8d0a9b4b47fb9e97cacfa5626831
Score

10^/10

hydra banker infostealer trojan
- Hydra
  Android banker and info stealer.
  banker trojan infostealer hydra
- Makes use of the framework's Accessibility service.
- Legitimate hosting services abused for malware hosting/C2
- Reads information about phone network operator.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

behavioral2

hydrabankerinfostealertrojan

behavioral3

hydrabankerinfostealertrojan