Overview

overview

10

Static

static

6

e690b10211...u].apk

android-9-x86

10

e690b10211...u].apk

android-10-x64

10

e690b10211...u].apk

android-11-x64

10

Analysis

  • max time kernel
    8s
  • max time network
    97s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    07-11-2024 12:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e690b102119feb6355d26b98b49a8d95362126dd7b86211a0191c2ae4505e560.bin [MConverter.eu].apk

  • Size

    1.5MB

  • MD5

    a34a7f1135965b0a68f15227bb7b2389

  • SHA1

    65016c2e45c50acc91b3bf061e760d352d3a57bd

  • SHA256

    e690b102119feb6355d26b98b49a8d95362126dd7b86211a0191c2ae4505e560

  • SHA512

    74325973b9d3dbc682b986d0e1db3eef2345c8a4ab910647b77e2ecac9b94cee9b5e5ace5a81f03c20fddee52fcf4dd0214f2db58a8d5b145fdacb2b58cf57c3

  • SSDEEP

    24576:Q9V0Nv1z3EM8qGHBqJKcHwxaNnnO65YT9PoGzKgTNl7bt1twkheNC+LEjeVK:GV0WFheHuaNnOT93egTNl7btn5gEjmK

Score
10/10
hydrabankerevasionimpactinfostealertrojan

Malware Config

Extracted

Family

hydra

AES_key

Signatures

  • Hydra

    Android banker and info stealer.

    bankertrojaninfostealerhydra
  • Hydra family
    hydra
  • Hydra payload 4 IoCs
  • Loads dropped Dex/Jar 1 TTPs 6 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.grand.hydrar
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4257
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/storage/emulated/0/Android/obb/com.grand.hydrar/dp/classes.dex --output-vdex-fd=43 --oat-fd=44 --oat-location=/storage/emulated/0/Android/obb/com.grand.hydrar/dp/oat/x86/classes.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4290
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/storage/emulated/0/Android/obb/com.grand.hydrar/dp/a.a --output-vdex-fd=43 --oat-fd=44 --oat-location=/storage/emulated/0/Android/obb/com.grand.hydrar/dp/oat/x86/a.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4313

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.grand.hydrar/files/libdexload_arm.so
    Filesize

    157KB

    MD5

    7ddfe6a2bb4d6ad2b0482d6227e9c74a

    SHA1

    62633e333bb5e6604e8b8746a28bb5fe48ee5659

    SHA256

    246f931d655ac64027dded7bf485a96d9efa40712c02fe989ae61e4906d0ac7f

    SHA512

    83b75b2a963baa3b191a5fad47b27d1a7450a9527f84e63e74e33f842add224dbd8f5abf81e49df235fe79459940ab17cee87317456d008541b5c914dec75042

    Download Submit

  • /storage/emulated/0/Android/obb/com.grand.hydrar/dp/a.a
    Filesize

    2.2MB

    MD5

    02ef6c7be109d21fe361f4afebd5824c

    SHA1

    9511d3dc829cdecc2c6302245fdcd3ba55690fc6

    SHA256

    63b346eff1e062168d8e9674cd33d8c4286456f786163792b7e114e4112ae4ab

    SHA512

    459fa7a02e0543b6c4a9ea2170242594f7ddc9dd05fa601e94fb3995bf0152d77000a57b2b917f03833afa2119ecdb1d13b9588ff3a99ed55ee282742c82b9be

    Download Submit

  • /storage/emulated/0/Android/obb/com.grand.hydrar/dp/a.a
    Filesize

    2.2MB

    MD5

    f0cfa1f4e2a2daa17d406f3e24093656

    SHA1

    3877479913ddc0cff19e30a0f76f683dce7ca672

    SHA256

    cde1c9b3745e58c28221ff951d3f3129d2b33248c9eaf846e46d130ba8a6f5d6

    SHA512

    a01968fc7b26eee8a78caa3eefdf234befb50ccf3ada214417f4e8f60cf7c0f1360b90100766262f4341700360d7c83530054d58e946c73fadef6bb191572f86

    Download Submit

  • /storage/emulated/0/Android/obb/com.grand.hydrar/dp/classes.dex
    Filesize

    67KB

    MD5

    26a319052fc4cafa8a2a8fc69942a153

    SHA1

    3159c01f2bef33e481a89800038fefb0e00bddc4

    SHA256

    5fe4af0039643c70ec19db55972fa36bb6a751dc4ba8e88da555327f4497f65e

    SHA512

    01590da111011918d99f56679b6e52b656fe6519a3e799fc2a988191943a3b3ee4f1575b30bc2d54ec5b7f8b825bb42d230041690d34b0e62d0cc8c56901ae44

    Download Submit

  • /storage/emulated/0/Android/obb/com.grand.hydrar/dp/classes2.dex
    Filesize

    1005KB

    MD5

    cf439a4b22797965fd40f5e53990e3a1

    SHA1

    dbcf62946e69851c1429789a9e0ca72bf63a9047

    SHA256

    ad06ffe5ad52bf51a762b850734229f1ab5b195c4e237b0a43d660a3a1c58928

    SHA512

    1704f2292fd9323dbd9a60d558a3fed900a5b0a9d5563911de42e2e1a408eb41ae8aa8c4da2eab9770db4f007b91a8e54df55f5e93c3ddbbdfa8fe2ce8198f5b

    Download Submit

  • /storage/emulated/0/Android/obb/com.grand.hydrar/dp/monay
    Filesize

    963KB

    MD5

    26d1342cdcf83f550cb1156148c1b2de

    SHA1

    989ecc4a7ed46aa33dbc8b8385d72de4a852965c

    SHA256

    f2b1e6fe55f2ecffc5ad9245866849d534fdb2bcd093384ec5d1aac975a05d0c

    SHA512

    87b0df59ac9467a920fe76a01062e82b62f9a6646f1e1566ff00edd98298ff924cd7ccfad9e5064d9b82ed812e889afbb62743b6f325a8ce5bd0877a6a1d5104

    Download Submit