hydra | 9117a83c2d736ce8b3e8493116b62e4a05ab9c7a736f83e59f3166f6fccb83f4 | Triage

Submit
Reports

Overview

overview

Static

static

7

4d15496267...69.apk

android-9-x86

4d15496267...69.apk

android-10-x64

4d15496267...69.apk

android-11-x64

Sharing

General

Target

4d15496267219d11a061ab5c201b4895277afa4d9b75943e61163a184cd50169.zip
Size

1.9MB
Sample

230113-ya1n8sga8v
MD5

c53825d840075c4621cbed8f6a9b446d
SHA1

cd18b2f91994d461d7683e444aab85ae988842c8
SHA256

9117a83c2d736ce8b3e8493116b62e4a05ab9c7a736f83e59f3166f6fccb83f4
SHA512

1085708ac898b08ab575d14599643bef15a48a0bffb8b6faff1476ffe4cff4133ea5e07e9072af261b7cee2dd6a6e2c2e0f112bed5be5b483113ec9fb4ce27a9
SSDEEP

49152:TEgr4x/gJU1cMM09YcsIV7FjilXlm+Zg3VIcZZw:ThAgJU1c74TV7Fjilw32CZw

Score

10^/10

hydra android banker infostealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

4d15496267219d11a061ab5c201b4895277afa4d9b75943e61163a184cd50169.apk

Resource

android-x86-arm-20220823-en

hydra banker infostealer trojan

android-9-x86

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

4d15496267219d11a061ab5c201b4895277afa4d9b75943e61163a184cd50169.apk

Resource

android-x64-20220823-en

hydra banker infostealer trojan

android-10-x64

5 signatures

150 seconds

Behavioral task

behavioral3

Sample

4d15496267219d11a061ab5c201b4895277afa4d9b75943e61163a184cd50169.apk

Resource

android-x64-arm64-20220823-en

hydra banker infostealer trojan

android-11-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

hydra

C2

http://tillywinters22.top

Targets

- Target
  
  4d15496267219d11a061ab5c201b4895277afa4d9b75943e61163a184cd50169
- Size
  
  2.1MB
- MD5
  
  36183b9fbc6480025c1040b7109b2da4
- SHA1
  
  3d1d04d28ba4b9f5780f7585f6f7474f419533d5
- SHA256
  
  4d15496267219d11a061ab5c201b4895277afa4d9b75943e61163a184cd50169
- SHA512
  
  a6c4cf9be4de865b67edac3cee49955d562709ec0e12693eaf6918a647fd166d4ac7113ac1b42e1870e7cb26da9517ef55f2a8f16858661ae799bf906d79104e
- SSDEEP
  
  49152:bF+O4Z1FxayrRfkVWaH5pYgcTnZ3tRQq4+gKPb22qzvdb:Z0RRwvYgwVYqkKPbBOdb
Score

10^/10

hydra banker infostealer trojan
- Hydra
  Android banker and info stealer.
  banker trojan infostealer hydra
- Hydra payload
- Makes use of the framework's Accessibility service.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Reads information about phone network operator.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

hydrabankerinfostealertrojan

behavioral2

hydrabankerinfostealertrojan

behavioral3

hydrabankerinfostealertrojan

© 2018-2025

Terms | Privacy