Overview

overview

10

Static

static

7

bd849070c6...b0.apk

android-9-x86

10

bd849070c6...b0.apk

android-10-x64

10

bd849070c6...b0.apk

android-11-x64

10

Analysis

  • max time kernel
    1101817s
  • max time network
    131s
  • platform
    android_x64
  • resource
    android-x64-20220823-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20220823-enlocale:en-usos:android-10-x64system
  • submitted
    15-09-2022 14:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bd849070c6ac6b649282325eb066144bbac76ec2dd7e514eddc28e11ca3bd2b0.apk

  • Size

    2.3MB

  • MD5

    11774322a9ccd5cd7f1b509b47b9670d

  • SHA1

    3a82dcb6cec0e5a85c79bd2e140385dd6ed2fcb8

  • SHA256

    bd849070c6ac6b649282325eb066144bbac76ec2dd7e514eddc28e11ca3bd2b0

  • SHA512

    d4f24e7bf4123a242e29cfc0c6592c910660419316f6dafc4a6280c6f40a118098c1831b44c0c5a5ea04762936c9a5d78aebcfefb430e7cad66fe74b0b4872fd

  • SSDEEP

    49152:eYPISCEh/fNtFQoU4ub8ozzg88Ub78feZ29IOzTqevQDbde9Vg8u6V4Ch:diEZf/6oU4YDE8QT9IOzIDbde9VgN6p

Score
10/10
hydrabankerinfostealertrojan

Malware Config

Extracted

Family

hydra

C2

http://jioluuuieyegs.info

Signatures

  • Hydra

    Android banker and info stealer.

    bankertrojaninfostealerhydra
  • Hydra payload 1 IoCs
  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Looks up external IP address via web service 1 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Reads information about phone network operator.

Processes

  • com.else.result
    1⤵
    • Loads dropped Dex/Jar
    PID:4759

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.else.result/app_DynamicOptDex/mygDEh.json
    Filesize

    1.3MB

    MD5

    6422083a6f3423b2abe3389e18585365

    SHA1

    d752191361d0566f90f6a6d533b639ebc2b9f85e

    SHA256

    3f00bc98015824104a7e8e123ece8a87726fbe1b1c3cf3044ebc376270355b49

    SHA512

    f61ddbfe1a96ff47d6babec92781724a37a7dee3824f106113e71f1fc93132c9a6ca9509db01f0af964ee65f4e345eb719e7575600502c1c351da2996ed02fcc

    Download Submit

  • /data/user/0/com.else.result/app_DynamicOptDex/mygDEh.json
    Filesize

    3.6MB

    MD5

    d1a4d40d83f033bfa504c9167256556d

    SHA1

    5deb8d6e800ee2c9e5334cd36e03bf145b181777

    SHA256

    83fea678ac133b73858e5c475825803233dc94064b8bd9e490cca69fef9aadaf

    SHA512

    cd2a90f367daea1e7c75f4f65a036a5dc696b9b1a2212ed221dcccb46b35b920881719dfda5a2ac1db3829cb2501e1dedc5637c15df9b2a53191375414ebc8bd

    Download Submit

  • /data/user/0/com.else.result/shared_prefs/pref_name_setting.xml
    Filesize

    131B

    MD5

    8af431c45fd8b68208a9579f0dacd2c0

    SHA1

    4e9b3c04aa327864a5b605dc24678103fa0fa4f9

    SHA256

    ec5dd795a765229af78f7ed8baa6a608dc42dff1a9452fdae56cc0cfb8ee472a

    SHA512

    34cd69dd0cc912b5c49ba25edd5fa1808c9d6067ec3cfa6455bb58a8b3dc3e3a5f17ff62080490273500e3755318287f2558f4f2fbd0f3b9e8d10b64a4acf172

    Download Submit