hydra | a8528d464310f8269d0940a490b05576cb0cab77efe4e83ee45e9894d1f10656 | Triage

Submit
Reports

Overview

overview

Static

static

7

a8528d4643...56.apk

android-9-x86

a8528d4643...56.apk

android-10-x64

a8528d4643...56.apk

android-11-x64

Sharing

General

Target

a8528d464310f8269d0940a490b05576cb0cab77efe4e83ee45e9894d1f10656.bin
Size

3.4MB
Sample

231002-1wr1bsgf86
MD5

b532c2f074b1b02bb3dd32dfcdb213cc
SHA1

6e3ab01f4b61acb298d222b39550a3e13d94e47f
SHA256

a8528d464310f8269d0940a490b05576cb0cab77efe4e83ee45e9894d1f10656
SHA512

aeb1603a37fb2e05b1a2fd713982f49ded2a4f9ca6d49aded099c58f73f6413cb226211b91ff894fbb42833c92fa065184b42a0c8165b1f8adade168e52a3825
SSDEEP

98304:xnyhun2hLmRDhLZmz7CsLhPLA+Xs2ou6V2j8:Fn2BSZcrL5LD82bQ

Score

10^/10

hydra android banker infostealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a8528d464310f8269d0940a490b05576cb0cab77efe4e83ee45e9894d1f10656.apk

Resource

android-x86-arm-20230831-en

hydra banker infostealer trojan

android-9-x86

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

a8528d464310f8269d0940a490b05576cb0cab77efe4e83ee45e9894d1f10656.apk

Resource

android-x64-20230831-en

hydra banker infostealer trojan

android-10-x64

7 signatures

150 seconds

Behavioral task

behavioral3

Sample

a8528d464310f8269d0940a490b05576cb0cab77efe4e83ee45e9894d1f10656.apk

Resource

android-x64-arm64-20230831-en

hydra banker infostealer trojan

android-11-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  a8528d464310f8269d0940a490b05576cb0cab77efe4e83ee45e9894d1f10656.bin
- Size
  
  3.4MB
- MD5
  
  b532c2f074b1b02bb3dd32dfcdb213cc
- SHA1
  
  6e3ab01f4b61acb298d222b39550a3e13d94e47f
- SHA256
  
  a8528d464310f8269d0940a490b05576cb0cab77efe4e83ee45e9894d1f10656
- SHA512
  
  aeb1603a37fb2e05b1a2fd713982f49ded2a4f9ca6d49aded099c58f73f6413cb226211b91ff894fbb42833c92fa065184b42a0c8165b1f8adade168e52a3825
- SSDEEP
  
  98304:xnyhun2hLmRDhLZmz7CsLhPLA+Xs2ou6V2j8:Fn2BSZcrL5LD82bQ
Score

10^/10

hydra banker infostealer trojan
- Hydra
  Android banker and info stealer.
  banker trojan infostealer hydra
- Hydra payload
- Makes use of the framework's Accessibility service.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Reads information about phone network operator.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

hydrabankerinfostealertrojan

behavioral2

hydrabankerinfostealertrojan

behavioral3

hydrabankerinfostealertrojan

© 2018-2024

Terms | Privacy