Overview

overview

10

Static

static

7

1ebdbd1ae1...da.apk

android-9-x86

10

1ebdbd1ae1...da.apk

android-10-x64

10

1ebdbd1ae1...da.apk

android-11-x64

1

tcaptcha_webview.html

windows7-x64

1

tcaptcha_webview.html

windows10-2004-x64

1

Analysis

  • max time kernel
    1091912s
  • max time network
    132s
  • platform
    android_x64
  • resource
    android-x64-20230831-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20230831-enlocale:en-usos:android-10-x64system
  • submitted
    13-10-2023 04:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1ebdbd1ae10055d0dc0d56944788df673b866d6fdcf9d9b071b9a5d8798d6dda.apk

  • Size

    3.3MB

  • MD5

    8530ca90408626a621b4d13993f693fe

  • SHA1

    12fccd12017eaa691d5decc67587807972214518

  • SHA256

    1ebdbd1ae10055d0dc0d56944788df673b866d6fdcf9d9b071b9a5d8798d6dda

  • SHA512

    d7fb121cc8db08a0692c2cb5fc7757215333ea59079cbfb9cd5680e8bca2de85c3d1fb7af43b402c94f1d60a6926da8e795c430628165ada0ebe5b211e418e6b

  • SSDEEP

    98304:eYt86ltxMwBlAVKKF8EfRtG/tTHBbsngT:xt86nxbBSlpRtGBl

Score
10/10
hydrabankerinfostealertrojan

Malware Config

Extracted

Family

hydra

C2

http://carmonuletusoaszs.net

Signatures

  • Hydra

    Android banker and info stealer.

    bankertrojaninfostealerhydra
  • Hydra payload 1 IoCs
  • Makes use of the framework's Accessibility service. 2 IoCs
  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Looks up external IP address via web service 2 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Reads information about phone network operator.

Processes

  • com.ougagexwa.jrtesxwrb
    1⤵
    • Makes use of the framework's Accessibility service.
    • Loads dropped Dex/Jar
    PID:5030

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.ougagexwa.jrtesxwrb/TgeIuagg88/iiHt8Ufp6uGUauI/tmp-base.apk.H8ge9gd5321931671019807615.jpU
    Filesize

    1.9MB

    MD5

    47467f1ec1f2dca1c7ac509e0e63460b

    SHA1

    2b5f37d94bad9b8f3aaced07538526dcae44a5ab

    SHA256

    0f0dedd2754e8909316e082408869ece2ec78390f7fc408dfbc284f279c4fa86

    SHA512

    1522c53cbffb58d8de51299f48ab9d1a31048de99e2a9bca1a7df74859fa7ee7a14fbf9e996327f4a0e54bebc70be27ad7f7bb37d59813b012aa1f73b2b3cc1f

    Download Submit

  • /data/user/0/com.ougagexwa.jrtesxwrb/TgeIuagg88/iiHt8Ufp6uGUauI/base.apk.H8ge9gd1.jpU
    Filesize

    5.2MB

    MD5

    6b4852b07b89e9583c9b0ca22bdc41ad

    SHA1

    8fd89f115c7d5cb73cf279244bdc6566c6eab1cb

    SHA256

    342dd054b57bff99183c8ed34b7d960b0fecf76ecf55fbd44bc920d552e9fab1

    SHA512

    115ca86e212fa1af32da1e3c37b28dcfdaa868fda69a78b212746358eb229e3633ca227ea3119086ceb73d59cc7ccbf8e57087cd9dc578059a98a67e23381578

    Download Submit