Overview

overview

10

Static

static

6

5ea08f9e12...u].apk

android-9-x86

10

5ea08f9e12...u].apk

android-10-x64

10

5ea08f9e12...u].apk

android-11-x64

10

Analysis

  • max time kernel
    8s
  • max time network
    67s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    06-11-2024 13:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5ea08f9e12343305a57235de51c85ca4cce3685c25ba65bf45b2cde4479935db.bin [MConverter.eu].apk

  • Size

    1.5MB

  • MD5

    c6da6f6ef69f5f7c003223fccc04a8a4

  • SHA1

    cd12adc399700178c70817d0882217ce564704a5

  • SHA256

    5ea08f9e12343305a57235de51c85ca4cce3685c25ba65bf45b2cde4479935db

  • SHA512

    4087e64bd5c285fcb4e6b4c9b2cbd3d43f189d5eb40380bc9faca34f7add9389d38d046aac8298d7ba081cebbad72d4356618016f8aea2d0071d45d427315c9c

  • SSDEEP

    49152:B0vRcaOzydZF3w6tVcU4wNRojs1w8hzwS4bEj+:Y+aT13wANN/w8h+Ej+

Score
10/10
hydrabankerevasionimpactinfostealertrojan

Malware Config

Extracted

Family

hydra

AES_key

Signatures

  • Hydra

    Android banker and info stealer.

    bankertrojaninfostealerhydra
  • Hydra family
    hydra
  • Hydra payload 4 IoCs
  • Loads dropped Dex/Jar 1 TTPs 6 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.grand.kilogram
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4259
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/storage/emulated/0/Android/obb/com.grand.kilogram/dp/classes.dex --output-vdex-fd=43 --oat-fd=44 --oat-location=/storage/emulated/0/Android/obb/com.grand.kilogram/dp/oat/x86/classes.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4288
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/storage/emulated/0/Android/obb/com.grand.kilogram/dp/a.a --output-vdex-fd=43 --oat-fd=44 --oat-location=/storage/emulated/0/Android/obb/com.grand.kilogram/dp/oat/x86/a.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4310

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.grand.kilogram/files/libdexload_arm.so
    Filesize

    157KB

    MD5

    7ddfe6a2bb4d6ad2b0482d6227e9c74a

    SHA1

    62633e333bb5e6604e8b8746a28bb5fe48ee5659

    SHA256

    246f931d655ac64027dded7bf485a96d9efa40712c02fe989ae61e4906d0ac7f

    SHA512

    83b75b2a963baa3b191a5fad47b27d1a7450a9527f84e63e74e33f842add224dbd8f5abf81e49df235fe79459940ab17cee87317456d008541b5c914dec75042

    Download Submit

  • /storage/emulated/0/Android/obb/com.grand.kilogram/dp/a.a
    Filesize

    2.2MB

    MD5

    757cfcc42f918f15c61fbf5b9d0948b2

    SHA1

    31e378e26685bd32fa540e89cd3d5e882bb3762a

    SHA256

    e885832e111d96f02bdca681ab18008ab0f8d2998ec8b894d3c0d06630734266

    SHA512

    c1e81634081cdd190759a71e7a64552b9aa88dc6b2e73b783f5d7bfbdd86f68369ca416ae57200ee7ff25b827d4329cbbfb14db6132221cff2ecd36717656a68

    Download Submit

  • /storage/emulated/0/Android/obb/com.grand.kilogram/dp/a.a
    Filesize

    2.2MB

    MD5

    4d641f4f00c0358d3aec4d2cf5a78de5

    SHA1

    21140dff458648fe4d13786b8dc07047f619b656

    SHA256

    495cc78eafdd4f51ca4786b9824d70a992d4ad4621ea32ead7d7b3a8c4df75fb

    SHA512

    6173f72bcea023802d83a406cdb9a4018f8bae511c386b1e9c972185340f59c3c98f9a7ca452515cd8d112e3eb68e4152a9a6587011845460d00643b390ba8c2

    Download Submit

  • /storage/emulated/0/Android/obb/com.grand.kilogram/dp/classes.dex
    Filesize

    68KB

    MD5

    3323f89bdf5700b293cfe810f919c335

    SHA1

    6c2e385e543886aef248c37d2be39b0838616159

    SHA256

    cd52dd4e30c541f6563d6942193f636e70712ee5482c8ba51369ded646a0683f

    SHA512

    6b6a91baaa5ec3379d403a80751e6237bd3fd1e37d41bff98c3c0c1b1299d58f138806eef723b45f05bdf4a0a2235934aceade119e90b7d4fa2fde3a6fc5bfaa

    Download Submit

  • /storage/emulated/0/Android/obb/com.grand.kilogram/dp/classes2.dex
    Filesize

    1005KB

    MD5

    1a7730a012c9821a1d585501bc61cd21

    SHA1

    c12f190d89e266d41906e267fbb4390fb8bca1d1

    SHA256

    7e895efd40a13c5f6750abd152246123cb115454c9ca5c7f5794f21824dd41d4

    SHA512

    c9d579a7627f1fca83b925d40f78a9a7224319c104078d6efeedd7633c1758d3b6ef9b0c362fb092db92dd58f846d69cb0c22f13ada8ee974847b24bcf7e0f82

    Download Submit

  • /storage/emulated/0/Android/obb/com.grand.kilogram/dp/monay
    Filesize

    963KB

    MD5

    bfb0cb35748ae2fc0c251d22c928b0a9

    SHA1

    9f9caceb399e379629f17d9cbfa3c71f81079484

    SHA256

    5ae972ae1e6694984d5200ab2da840c82f4190641ae4c07670a30e9987e89842

    SHA512

    80cf02b7d61a1cc9eea583dc1d910e79c5ada11a49967ac688be7f5d13c4e4fed176efb715f88ede18666cfce8bb3bb48ed091f0046fd352cb71009270ee7818

    Download Submit