hydra | 65f49dd1523e0e28ff85f339142b6f36e36203e88ae969ef6e8fb8d3e48c171c | Triage

Submit
Reports

Overview

overview

Static

static

6

65f49dd152...1c.apk

android-9-x86

65f49dd152...1c.apk

android-10-x64

65f49dd152...1c.apk

android-11-x64

Sharing

General

Target

65f49dd1523e0e28ff85f339142b6f36e36203e88ae969ef6e8fb8d3e48c171c
Size

4.8MB
Sample

231223-w13v6scfam
MD5

7e0fb2f9a44f5f0fd16b13a057073c4a
SHA1

a05f51771024502c146840cd976007fa53c09ed1
SHA256

65f49dd1523e0e28ff85f339142b6f36e36203e88ae969ef6e8fb8d3e48c171c
SHA512

0909a1a7d883022f6afbfab5decc3841f8a1b0d0c993fb5730656eef38ee321cae2dcdf32cf11ce3650bdf33bc96f63803a424c104358131f76a9e629c224792
SSDEEP

98304:RbmNnh99Cq7yEvmO4IdrC6MrUl3n46ca26tEQ6iv9L:RSRh99CCyEvmO4IdurK6a26tEQ6QZ

Score

10^/10

hydra android banker infostealer trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

65f49dd1523e0e28ff85f339142b6f36e36203e88ae969ef6e8fb8d3e48c171c.apk

Resource

android-x86-arm-20231215-en

hydra banker infostealer trojan

android-9-x86

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

65f49dd1523e0e28ff85f339142b6f36e36203e88ae969ef6e8fb8d3e48c171c.apk

Resource

android-x64-20231215-en

hydra banker infostealer trojan

android-10-x64

6 signatures

150 seconds

Behavioral task

behavioral3

Sample

65f49dd1523e0e28ff85f339142b6f36e36203e88ae969ef6e8fb8d3e48c171c.apk

Resource

android-x64-arm64-20231215-en

hydra banker infostealer trojan

android-11-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  65f49dd1523e0e28ff85f339142b6f36e36203e88ae969ef6e8fb8d3e48c171c
- Size
  
  4.8MB
- MD5
  
  7e0fb2f9a44f5f0fd16b13a057073c4a
- SHA1
  
  a05f51771024502c146840cd976007fa53c09ed1
- SHA256
  
  65f49dd1523e0e28ff85f339142b6f36e36203e88ae969ef6e8fb8d3e48c171c
- SHA512
  
  0909a1a7d883022f6afbfab5decc3841f8a1b0d0c993fb5730656eef38ee321cae2dcdf32cf11ce3650bdf33bc96f63803a424c104358131f76a9e629c224792
- SSDEEP
  
  98304:RbmNnh99Cq7yEvmO4IdrC6MrUl3n46ca26tEQ6iv9L:RSRh99CCyEvmO4IdurK6a26tEQ6QZ
Score

10^/10

hydra banker infostealer trojan
- Hydra
  Android banker and info stealer.
  banker trojan infostealer hydra
- Hydra payload
- Makes use of the framework's Accessibility service
  Retrieves information displayed on the phone screen using AccessibilityService.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Reads information about phone network operator.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

hydrabankerinfostealertrojan

behavioral2

hydrabankerinfostealertrojan

behavioral3

hydrabankerinfostealertrojan

© 2018-2024

Terms | Privacy