hydra | 9490778dd7a5afd4bf14bd6d9dee3607a00567e1372f9b966137cbcf58caf01e | Triage

Submit
Reports

Overview

overview

Static

static

7

9490778dd7...1e.apk

android-9-x86

9490778dd7...1e.apk

android-10-x64

9490778dd7...1e.apk

android-11-x64

Resubmissions

26-06-2023 10:30

230626-mka1sahd53 7

26-06-2023 10:29

230626-mjhn8sac5s 7

12-06-2023 16:29

230612-tzc71sde6y 10

Sharing

General

Target

9490778dd7a5afd4bf14bd6d9dee3607a00567e1372f9b966137cbcf58caf01e
Size

7.3MB
Sample

230612-tzc71sde6y
MD5

00f8ce61a92691c2be7b4823b5cfd0de
SHA1

c9c1022b744edabab8a1ce654ffc84b10ca4a832
SHA256

9490778dd7a5afd4bf14bd6d9dee3607a00567e1372f9b966137cbcf58caf01e
SHA512

c8264b75a61293fd14cc21162f9697c9dbe0269e8966a8ad5c9c142caac2b4ef9f4e1d49b28ceb8b2a040acc32fa007d651284b8c10d0f62f45fc44ad4f6ca58
SSDEEP

98304:7n4DIojOvRLPi+BUuXj+53DG7IDpuAnnOyFBMHYgnd4ymIsn/h8t8TKWRvchJAZ4:7xousuXwPpuMCY4dLvsnZBKgSXyTjcVl

Score

10^/10

hydra android banker infostealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

9490778dd7a5afd4bf14bd6d9dee3607a00567e1372f9b966137cbcf58caf01e.apk

Resource

android-x86-arm-20220823-en

hydra banker infostealer trojan

android-9-x86

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

9490778dd7a5afd4bf14bd6d9dee3607a00567e1372f9b966137cbcf58caf01e.apk

Resource

android-x64-20220823-en

hydra banker infostealer trojan

android-10-x64

6 signatures

150 seconds

Behavioral task

behavioral3

Sample

9490778dd7a5afd4bf14bd6d9dee3607a00567e1372f9b966137cbcf58caf01e.apk

Resource

android-x64-arm64-20220823-en

hydra banker infostealer trojan

android-11-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  9490778dd7a5afd4bf14bd6d9dee3607a00567e1372f9b966137cbcf58caf01e
- Size
  
  7.3MB
- MD5
  
  00f8ce61a92691c2be7b4823b5cfd0de
- SHA1
  
  c9c1022b744edabab8a1ce654ffc84b10ca4a832
- SHA256
  
  9490778dd7a5afd4bf14bd6d9dee3607a00567e1372f9b966137cbcf58caf01e
- SHA512
  
  c8264b75a61293fd14cc21162f9697c9dbe0269e8966a8ad5c9c142caac2b4ef9f4e1d49b28ceb8b2a040acc32fa007d651284b8c10d0f62f45fc44ad4f6ca58
- SSDEEP
  
  98304:7n4DIojOvRLPi+BUuXj+53DG7IDpuAnnOyFBMHYgnd4ymIsn/h8t8TKWRvchJAZ4:7xousuXwPpuMCY4dLvsnZBKgSXyTjcVl
Score

10^/10

hydra banker infostealer trojan
- Hydra
  Android banker and info stealer.
  banker trojan infostealer hydra
- Hydra payload
- Makes use of the framework's Accessibility service.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Reads information about phone network operator.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

hydrabankerinfostealertrojan

behavioral2

hydrabankerinfostealertrojan

behavioral3

hydrabankerinfostealertrojan

© 2018-2025

Terms | Privacy