hydra | 7e87ac723c81e285d17a2614478f539a7687800516712d52dc0fd730af1e6891 | Triage

Sharing

General

Target

7e87ac723c81e285d17a2614478f539a7687800516712d52dc0fd730af1e6891.bin
Size

4.0MB
Sample

231003-1wnb5sfg6v
MD5

32bf2fe1176ef975af6393efd5bcbd14
SHA1

c1f231e63db65b1d55381ec888509da15c242099
SHA256

7e87ac723c81e285d17a2614478f539a7687800516712d52dc0fd730af1e6891
SHA512

702e404c5adc2812d9fd99695a165ec005c1cfe633cf071ce63f609fc4020e48907c0298919a46906dd20cef60564a15981b85dd8d3d6cbca93619918c6c6717
SSDEEP

98304:BmXm8lrS55pQp9wuJEfuctseNawi3dgCqjnRImVOGB9OP9ZuQNsr:BmXAtQntJ0FQf3dgCqjnRNs/8

Score

10^/10

hydra android banker infostealer trojan

Malware Config

Targets

- Target
  
  7e87ac723c81e285d17a2614478f539a7687800516712d52dc0fd730af1e6891.bin
- Size
  
  4.0MB
- MD5
  
  32bf2fe1176ef975af6393efd5bcbd14
- SHA1
  
  c1f231e63db65b1d55381ec888509da15c242099
- SHA256
  
  7e87ac723c81e285d17a2614478f539a7687800516712d52dc0fd730af1e6891
- SHA512
  
  702e404c5adc2812d9fd99695a165ec005c1cfe633cf071ce63f609fc4020e48907c0298919a46906dd20cef60564a15981b85dd8d3d6cbca93619918c6c6717
- SSDEEP
  
  98304:BmXm8lrS55pQp9wuJEfuctseNawi3dgCqjnRImVOGB9OP9ZuQNsr:BmXAtQntJ0FQf3dgCqjnRNs/8
Score

10^/10

hydra banker infostealer trojan
- Hydra
  Android banker and info stealer.
  banker trojan infostealer hydra
- Hydra payload
- Makes use of the framework's Accessibility service.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Reads information about phone network operator.
behavioral1 behavioral2 behavioral3
- Target
  
  ad.html
- Size
  
  15KB
- MD5
  
  52c368fc009579446f8dc67daf8dca87
- SHA1
  
  fc52b078a9a02847efbf85d10f41b961c85fa459
- SHA256
  
  9b6cfb0e52c7f7dc99d5f5b7e2a6142fa3ad82d1333f42877eed3d29b0561579
- SHA512
  
  c80bcefe98c2eab09d4a831e788cd50563c62333d4c8aa81046df2acc9888c5a87da45546c1ee7d40bc7a9d7148075e3029e09e4b086406f6143a589111d1cb8
- SSDEEP
  
  192:xMejgzfCtmdyPfojYA5D5zniVkG4zhxm45IqTbTD5qRSwpcPt6FLYFieRO6shWUh:flqiO5RrD5qBpWt6FAieRahW6X
Score

1^/10
behavioral4 behavioral5
- Target
  
  disney.js
- Size
  
  760B
- MD5
  
  346fe77d9a51f331cd93acc1ef9843bd
- SHA1
  
  4cefefd57784913b69afa34bf37fe29a0c25a9be
- SHA256
  
  45799f8e9bc3ab2bf400fabb6a5a7b3368a54a27cf052120ecf6298596b0e8b4
- SHA512
  
  56d7ef66bf674601ed643c4372d132952bd24749b4b77cd1420716a3d533996d3473906e7d6311dcd0ff67b6f4f10d4bdb5e4187408c10d079c6b123360b0e74
Score

1^/10
behavioral6 behavioral7
- Target
  
  googlephoto.js
- Size
  
  2KB
- MD5
  
  7b1a437a30d1e6cc57005f68ff3ebc6e
- SHA1
  
  ee034f7775b557972a234bd5ac522d42f8188429
- SHA256
  
  a2c555744ba3fb6a86b49bb2e98be947ace5ce5d68603143ae9c8c4ee44255c6
- SHA512
  
  6774005e468dd5a0b14fc7709cfa9e5bfa587cdad91cac76c0ac0ec8e738a953d191190467182a8a6c9e7a0a4bb434fd3d9aa29c6edef550db8f287d5d181545
Score

1^/10
behavioral8 behavioral9
- Target
  
  hbomax.js
- Size
  
  1KB
- MD5
  
  5a7f8c48870b6b1f033f1464756399ed
- SHA1
  
  4b69e972b0c21bb615f74bcbb1a79ad938548f80
- SHA256
  
  d44b83d8b55901d041d5b438319ad6817dbfb4bc59232d4ee41fad25387c2e51
- SHA512
  
  7b7dccdf4b053359ffe4a607656e74f6988e3ace0a6b503900648f28a8f99554de98ab2d3e6e43b6924ae28a4ee9fdb95e20112a0dda0a94460df4d3cd1d19f9
Score

1^/10
behavioral10 behavioral11
- Target
  
  netflix.js
- Size
  
  1KB
- MD5
  
  21f91fb6ac6db27c61047a45684d2014
- SHA1
  
  03f45f0e105b4ee34b01582febd9ac7a80ff6c0a
- SHA256
  
  96f10444326072599dc9b9b39016f1ac9fff34c0ea634ee224e2f174f6ee16bd
- SHA512
  
  42ec0007956cffd4c5b0940bf8a57461a16240c31c0bde40a8b31cf235f2915128ea16b7857dd0f23f7da3dbbeb74b7248a6bb8eab443fb9f8149d5b1aab74b6
Score

1^/10
behavioral12 behavioral13
- Target
  
  web.js
- Size
  
  2KB
- MD5
  
  b0584ad09a09780c641d943128f90d62
- SHA1
  
  8471ef931be7d60cdf507880a90e64512dc04f75
- SHA256
  
  78ac7e1e8a2de2e045ff0c6a2dc4342fda032542aaa3e6ba15d331def47c106a
- SHA512
  
  ca97250f69962416fa05f0097fe2877bf938fd3935f273669ae0f7eb93bfa50a63bece50173e02fa52467521d8fe586eb4bfdee3ae1b1d35b91d72ca628ddf0b
Score

1^/10
behavioral14 behavioral15

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

hydrabankerinfostealertrojan

behavioral2

hydrabankerinfostealertrojan

behavioral3

hydrabankerinfostealertrojan

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15