Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

6

e690b10211...u].apk

android-9-x86

10

e690b10211...u].apk

android-10-x64

10

e690b10211...u].apk

android-11-x64

10

Analysis

  • max time kernel
    1s
  • max time network
    65s
  • platform
    android-11_x64
  • resource
    android-x64-arm64-20240910-en
  • resource tags

    arch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240910-enlocale:en-usos:android-11-x64system
  • submitted
    07/11/2024, 12:39 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e690b102119feb6355d26b98b49a8d95362126dd7b86211a0191c2ae4505e560.bin [MConverter.eu].apk

  • Size

    1.5MB

  • MD5

    a34a7f1135965b0a68f15227bb7b2389

  • SHA1

    65016c2e45c50acc91b3bf061e760d352d3a57bd

  • SHA256

    e690b102119feb6355d26b98b49a8d95362126dd7b86211a0191c2ae4505e560

  • SHA512

    74325973b9d3dbc682b986d0e1db3eef2345c8a4ab910647b77e2ecac9b94cee9b5e5ace5a81f03c20fddee52fcf4dd0214f2db58a8d5b145fdacb2b58cf57c3

  • SSDEEP

    24576:Q9V0Nv1z3EM8qGHBqJKcHwxaNnnO65YT9PoGzKgTNl7bt1twkheNC+LEjeVK:GV0WFheHuaNnOT93egTNl7btn5gEjmK

Score
10/10
hydrabankerevasionimpactinfostealertrojan

Malware Config

Extracted

Family

hydra

AES_key
1
01020304050607080910111213141516

Signatures

  • Hydra

    Android banker and info stealer.

    bankertrojaninfostealerhydra
  • Hydra family
    hydra
  • Hydra payload 2 IoCs
  • Loads dropped Dex/Jar 1 TTPs 4 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.grand.hydrar
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4795

Network

  • flag-us
    DNS
    android.apis.google.com
    Remote address:
    1.1.1.1:53
    Request
    android.apis.google.com
    IN A
    Response
    android.apis.google.com
    IN CNAME
    clients.l.google.com
    clients.l.google.com
    IN A
    142.250.200.14
  • flag-us
    DNS
    www.youtube.com
    Remote address:
    1.1.1.1:53
    Request
    www.youtube.com
    IN A
    Response
    www.youtube.com
    IN CNAME
    youtube-ui.l.google.com
    youtube-ui.l.google.com
    IN A
    142.250.180.14
    youtube-ui.l.google.com
    IN A
    142.250.179.238
    youtube-ui.l.google.com
    IN A
    172.217.169.46
    youtube-ui.l.google.com
    IN A
    172.217.169.14
    youtube-ui.l.google.com
    IN A
    142.250.200.14
    youtube-ui.l.google.com
    IN A
    142.250.200.46
    youtube-ui.l.google.com
    IN A
    216.58.213.14
    youtube-ui.l.google.com
    IN A
    142.250.187.238
    youtube-ui.l.google.com
    IN A
    142.250.187.206
    youtube-ui.l.google.com
    IN A
    216.58.212.206
    youtube-ui.l.google.com
    IN A
    216.58.201.110
    youtube-ui.l.google.com
    IN A
    142.250.178.14
    youtube-ui.l.google.com
    IN A
    172.217.169.78
    youtube-ui.l.google.com
    IN A
    172.217.16.238
    youtube-ui.l.google.com
    IN A
    216.58.204.78
  • 216.239.38.223:443
    https
    336 B
     40 B
     1
    1
  • 142.250.187.238:443
    tls, https
    1.4kB
     40 B
     1
    1
  • 142.250.200.14:443
    android.apis.google.com
    tls
    2.6kB
     6.0kB
     12
    11
  • 142.250.180.14:443
    www.youtube.com
    tls
    2.1kB
     8.3kB
     17
    14
  • 142.250.200.14:443
    android.apis.google.com
    tls
    2.6kB
     6.0kB
     12
    11
  • 224.0.0.251:5353
    3.4kB
     12
  • 1.1.1.1:53
    android.apis.google.com
    dns
    69 B
     109 B
     1
    1

    DNS Request

    android.apis.google.com

    DNS Response

    142.250.200.14

  • 1.1.1.1:53
    www.youtube.com
    dns
    61 B
     335 B
     1
    1

    DNS Request

    www.youtube.com

    DNS Response

    142.250.180.14
    142.250.179.238
    172.217.169.46
    172.217.169.14
    142.250.200.14
    142.250.200.46
    216.58.213.14
    142.250.187.238
    142.250.187.206
    216.58.212.206
    216.58.201.110
    142.250.178.14
    172.217.169.78
    172.217.16.238
    216.58.204.78

  • 142.250.180.14:443
    www.youtube.com
    https
    1.4kB
     54 B
     1
    1

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.grand.hydrar/files/libdexload_arm64.so
    Filesize

    274KB

    MD5

    1e37ffd1218c4f8a1ff15500f787831d

    SHA1

    080a6851a77b28ed97bdb90109dace30b791e754

    SHA256

    14a275985219d4db67b582851b8798c830299d2a2d8382c673d8fa57def0bf3e

    SHA512

    518e35a464d41fe545a56e826b9446270fef8124bd061b8d38140581c3522606cbd48043347fcc11f8eaa249997fc4bd0282f0e74b604b580dfa3ebc28cbf366

    Download Submit

  • /storage/emulated/0/Android/obb/com.grand.hydrar/dp/a.a (deleted)
    Filesize

    2.2MB

    MD5

    02ef6c7be109d21fe361f4afebd5824c

    SHA1

    9511d3dc829cdecc2c6302245fdcd3ba55690fc6

    SHA256

    63b346eff1e062168d8e9674cd33d8c4286456f786163792b7e114e4112ae4ab

    SHA512

    459fa7a02e0543b6c4a9ea2170242594f7ddc9dd05fa601e94fb3995bf0152d77000a57b2b917f03833afa2119ecdb1d13b9588ff3a99ed55ee282742c82b9be

    Download Submit

  • /storage/emulated/0/Android/obb/com.grand.hydrar/dp/classes.dex (deleted)
    Filesize

    67KB

    MD5

    26a319052fc4cafa8a2a8fc69942a153

    SHA1

    3159c01f2bef33e481a89800038fefb0e00bddc4

    SHA256

    5fe4af0039643c70ec19db55972fa36bb6a751dc4ba8e88da555327f4497f65e

    SHA512

    01590da111011918d99f56679b6e52b656fe6519a3e799fc2a988191943a3b3ee4f1575b30bc2d54ec5b7f8b825bb42d230041690d34b0e62d0cc8c56901ae44

    Download Submit

  • /storage/emulated/0/Android/obb/com.grand.hydrar/dp/classes2.dex (deleted)
    Filesize

    1005KB

    MD5

    cf439a4b22797965fd40f5e53990e3a1

    SHA1

    dbcf62946e69851c1429789a9e0ca72bf63a9047

    SHA256

    ad06ffe5ad52bf51a762b850734229f1ab5b195c4e237b0a43d660a3a1c58928

    SHA512

    1704f2292fd9323dbd9a60d558a3fed900a5b0a9d5563911de42e2e1a408eb41ae8aa8c4da2eab9770db4f007b91a8e54df55f5e93c3ddbbdfa8fe2ce8198f5b

    Download Submit

  • /storage/emulated/0/Android/obb/com.grand.hydrar/dp/monay (deleted)
    Filesize

    963KB

    MD5

    26d1342cdcf83f550cb1156148c1b2de

    SHA1

    989ecc4a7ed46aa33dbc8b8385d72de4a852965c

    SHA256

    f2b1e6fe55f2ecffc5ad9245866849d534fdb2bcd093384ec5d1aac975a05d0c

    SHA512

    87b0df59ac9467a920fe76a01062e82b62f9a6646f1e1566ff00edd98298ff924cd7ccfad9e5064d9b82ed812e889afbb62743b6f325a8ce5bd0877a6a1d5104

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.