hydra | 5c128cfee50059349b9b155c417e3950aaf292f4a9098e1b6748524e5fdfa6de | Triage

Sharing

General

Target

62f4503a057e5ca47e53523b4369dcab_JaffaCakes118
Size

8.4MB
Sample

240401-a5py8agg4v
MD5

62f4503a057e5ca47e53523b4369dcab
SHA1

1b5e73ecf5b2bcd8d9f014339901fbec5b5faf90
SHA256

5c128cfee50059349b9b155c417e3950aaf292f4a9098e1b6748524e5fdfa6de
SHA512

5a5526ea7efaef71db06e0a43a52388e2f36ecb4ae215b6700bbc87e1bb34cee891374f9ad25eea2a9ecdf4b71eb5178504e94574584138b2727a5a4530a4458
SSDEEP

196608:ql+WhnZhnn8IpiS43Kwh+YnV1SyNkS0DWx0RiQdyjynFAL9L:qbn7nniSAKwh+GVQ2kSAWabyj40L

Score

10^/10

hydra android banker collection discovery evasion infostealer trojan

Malware Config

Targets

- Target
  
  62f4503a057e5ca47e53523b4369dcab_JaffaCakes118
- Size
  
  8.4MB
- MD5
  
  62f4503a057e5ca47e53523b4369dcab
- SHA1
  
  1b5e73ecf5b2bcd8d9f014339901fbec5b5faf90
- SHA256
  
  5c128cfee50059349b9b155c417e3950aaf292f4a9098e1b6748524e5fdfa6de
- SHA512
  
  5a5526ea7efaef71db06e0a43a52388e2f36ecb4ae215b6700bbc87e1bb34cee891374f9ad25eea2a9ecdf4b71eb5178504e94574584138b2727a5a4530a4458
- SSDEEP
  
  196608:ql+WhnZhnn8IpiS43Kwh+YnV1SyNkS0DWx0RiQdyjynFAL9L:qbn7nniSAKwh+GVQ2kSAWabyj40L
Score

10^/10

hydra banker collection discovery evasion infostealer trojan
- Hydra
  Android banker and info stealer.
  banker trojan infostealer hydra
- Makes use of the framework's Accessibility service
  Retrieves information displayed on the phone screen using AccessibilityService.
  collection evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Reads information about phone network operator.
  discovery
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Input Injection

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Screen Capture

Command and Control

Exfiltration

Impact

Input Injection

Tasks

static1

behavioral1

hydrabankercollectiondiscoveryevasioninfostealertrojan

behavioral2

behavioral3

hydrabankercollectiondiscoveryevasioninfostealertrojan