hydra | af2a369aaacd253f2265b1a73748c47946c4a0bc82a56f073f696630daaef44b | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

7

af2a369aaa...4b.apk

android-9-x86

af2a369aaa...4b.apk

android-10-x64

af2a369aaa...4b.apk

android-11-x64

1

Sharing

General

Target

af2a369aaacd253f2265b1a73748c47946c4a0bc82a56f073f696630daaef44b.apk
Size

3.2MB
Sample

220809-wtf3tsebbk
MD5

438313a34c7d4dd7542930f6abade1d6
SHA1

f8baf32d3214cd35756ce2f753a9e7cdb80e6ea4
SHA256

af2a369aaacd253f2265b1a73748c47946c4a0bc82a56f073f696630daaef44b
SHA512

54909a117fc5296ed3d301ca498c03caadfa8bb049922da7c09cd17db3e506d91752ea8ba429bd0a84438d9079e6d7bfb4e37306578d0483cb0292c21550f305

Score

10^/10

hydra android banker infostealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

af2a369aaacd253f2265b1a73748c47946c4a0bc82a56f073f696630daaef44b.apk

Resource

android-x86-arm-20220621-en

hydra banker infostealer trojan

android-9-x86

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

af2a369aaacd253f2265b1a73748c47946c4a0bc82a56f073f696630daaef44b.apk

Resource

android-x64-20220621-en

hydra banker infostealer trojan

android-10-x64

5 signatures

150 seconds

Behavioral task

behavioral3

Sample

af2a369aaacd253f2265b1a73748c47946c4a0bc82a56f073f696630daaef44b.apk

Resource

android-x64-arm64-20220621-en

android-11-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  af2a369aaacd253f2265b1a73748c47946c4a0bc82a56f073f696630daaef44b.apk
- Size
  
  3.2MB
- MD5
  
  438313a34c7d4dd7542930f6abade1d6
- SHA1
  
  f8baf32d3214cd35756ce2f753a9e7cdb80e6ea4
- SHA256
  
  af2a369aaacd253f2265b1a73748c47946c4a0bc82a56f073f696630daaef44b
- SHA512
  
  54909a117fc5296ed3d301ca498c03caadfa8bb049922da7c09cd17db3e506d91752ea8ba429bd0a84438d9079e6d7bfb4e37306578d0483cb0292c21550f305
Score

10^/10

hydra banker infostealer trojan
- Hydra
  Android banker and info stealer.
  banker trojan infostealer hydra
- Hydra payload
- Makes use of the framework's Accessibility service.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Legitimate hosting services abused for malware hosting/C2
- Reads information about phone network operator.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

hydrabankerinfostealertrojan

behavioral2

hydrabankerinfostealertrojan

behavioral3

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.