hydra | 494282bb7fb9c55c1f1405f61e7a13846f8a04f0d87cf9480d4a862a9c61fe6a | Triage

Submit
Reports

Overview

overview

Static

static

7

31fd040e83...cf.apk

android-9-x86

31fd040e83...cf.apk

android-10-x64

31fd040e83...cf.apk

android-11-x64

Sharing

General

Target

31fd040e83679096a6204f20a7b4b3e4f587fd2d20b3ed4408550f64b3fafbcf.zip
Size

1.8MB
Sample

230120-r1l57saf2v
MD5

7416c87aaba27a2f79778d6271ba4c81
SHA1

fbd4ea0cb5dff5e795567ff83f68f4934f052816
SHA256

494282bb7fb9c55c1f1405f61e7a13846f8a04f0d87cf9480d4a862a9c61fe6a
SHA512

b13492bd220b3dcb91ce9bbdc46e28ec09d83553f6d384be901c62cc22826121bd60d34dbbc1f1e58acc9e642c042e411f08e9a1443db2df84591c10aa1a413e
SSDEEP

49152:KcPbbnEJAJptAvUktlX8NT8i/W6jkZmnY4WyD95:hbnEJBFrsiiu6oZmnRWyD95

Score

10^/10

hydra android banker infostealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

31fd040e83679096a6204f20a7b4b3e4f587fd2d20b3ed4408550f64b3fafbcf.apk

Resource

android-x86-arm-20220823-en

hydra banker infostealer trojan

android-9-x86

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

31fd040e83679096a6204f20a7b4b3e4f587fd2d20b3ed4408550f64b3fafbcf.apk

Resource

android-x64-20220823-en

hydra banker infostealer trojan

android-10-x64

5 signatures

150 seconds

Behavioral task

behavioral3

Sample

31fd040e83679096a6204f20a7b4b3e4f587fd2d20b3ed4408550f64b3fafbcf.apk

Resource

android-x64-arm64-20220823-en

hydra banker infostealer trojan

android-11-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

hydra

C2

http://lanagarza441.lol

Targets

- Target
  
  31fd040e83679096a6204f20a7b4b3e4f587fd2d20b3ed4408550f64b3fafbcf
- Size
  
  2.1MB
- MD5
  
  3ee8cd8a2fba850f954c8c8af84babd6
- SHA1
  
  d2a6b249f009c5a628bbea4986b72e7be6a4e32a
- SHA256
  
  31fd040e83679096a6204f20a7b4b3e4f587fd2d20b3ed4408550f64b3fafbcf
- SHA512
  
  003d400ffd57a3adc68b9071c801577a1ed5ad27d763d2fc312a1c4d3c9f5eb72ad9c327c73920ee644d6c64fa2d2d9310801ccfbe28f9e3368b80effb69efbd
- SSDEEP
  
  24576:Q77t4o5+UWRW3GHF5J3oijoeapmKVVcSnC5BZ9qxI+4kAHfN79vWTaTzG+6wpLM2:U7T80Wl5J3n2wK7hDaHl79q+6fLmdhr9
Score

10^/10

hydra banker infostealer trojan
- Hydra
  Android banker and info stealer.
  banker trojan infostealer hydra
- Hydra payload
- Makes use of the framework's Accessibility service.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Reads information about phone network operator.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

hydrabankerinfostealertrojan

behavioral2

hydrabankerinfostealertrojan

behavioral3

hydrabankerinfostealertrojan

© 2018-2024

Terms | Privacy