hydra | 9490778dd7a5afd4bf14bd6d9dee3607a00567e1372f9b966137cbcf58caf01e | Triage

Submit
Reports

Overview

overview

Static

static

7

9490778dd7...1e.apk

android-9-x86

9490778dd7...1e.apk

android-10-x64

9490778dd7...1e.apk

android-11-x64

Resubmissions

26-06-2023 10:30

230626-mka1sahd53 7

26-06-2023 10:29

230626-mjhn8sac5s 7

12-06-2023 16:29

230612-tzc71sde6y 10

Sharing

General

Target

9490778dd7a5afd4bf14bd6d9dee3607a00567e1372f9b966137cbcf58caf01e
Size

7.3MB
Sample

230612-tzc71sde6y
MD5

00f8ce61a92691c2be7b4823b5cfd0de
SHA1

c9c1022b744edabab8a1ce654ffc84b10ca4a832
SHA256

9490778dd7a5afd4bf14bd6d9dee3607a00567e1372f9b966137cbcf58caf01e
SHA512

c8264b75a61293fd14cc21162f9697c9dbe0269e8966a8ad5c9c142caac2b4ef9f4e1d49b28ceb8b2a040acc32fa007d651284b8c10d0f62f45fc44ad4f6ca58
SSDEEP

98304:7n4DIojOvRLPi+BUuXj+53DG7IDpuAnnOyFBMHYgnd4ymIsn/h8t8TKWRvchJAZ4:7xousuXwPpuMCY4dLvsnZBKgSXyTjcVl

Score

10^/10

hydra android banker infostealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

9490778dd7a5afd4bf14bd6d9dee3607a00567e1372f9b966137cbcf58caf01e.apk

Resource

android-x86-arm-20220823-en

hydra banker infostealer trojan

android-9-x86

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

9490778dd7a5afd4bf14bd6d9dee3607a00567e1372f9b966137cbcf58caf01e.apk

Resource

android-x64-20220823-en

hydra banker infostealer trojan

android-10-x64

6 signatures

150 seconds

Behavioral task

behavioral3

Sample

9490778dd7a5afd4bf14bd6d9dee3607a00567e1372f9b966137cbcf58caf01e.apk

Resource

android-x64-arm64-20220823-en

hydra banker infostealer trojan

android-11-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  9490778dd7a5afd4bf14bd6d9dee3607a00567e1372f9b966137cbcf58caf01e
- Size
  
  7.3MB
- MD5
  
  00f8ce61a92691c2be7b4823b5cfd0de
- SHA1
  
  c9c1022b744edabab8a1ce654ffc84b10ca4a832
- SHA256
  
  9490778dd7a5afd4bf14bd6d9dee3607a00567e1372f9b966137cbcf58caf01e
- SHA512
  
  c8264b75a61293fd14cc21162f9697c9dbe0269e8966a8ad5c9c142caac2b4ef9f4e1d49b28ceb8b2a040acc32fa007d651284b8c10d0f62f45fc44ad4f6ca58
- SSDEEP
  
  98304:7n4DIojOvRLPi+BUuXj+53DG7IDpuAnnOyFBMHYgnd4ymIsn/h8t8TKWRvchJAZ4:7xousuXwPpuMCY4dLvsnZBKgSXyTjcVl
Score

10^/10

hydra banker infostealer trojan
- Hydra
  Android banker and info stealer.
  banker trojan infostealer hydra
- Hydra payload
- Makes use of the framework's Accessibility service.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Reads information about phone network operator.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

hydrabankerinfostealertrojan

behavioral2

hydrabankerinfostealertrojan

behavioral3

hydrabankerinfostealertrojan

© 2018-2024

Terms | Privacy