Analysis

  • max time kernel
    734553s
  • platform
    android_x86
  • resource
    android-x86-arm
  • submitted
    28-09-2021 09:41

General

  • Target

    1032b42c859c747bcc159b75366c3325869d3722f5673d13a7b06633245ebf32.apk

  • Size

    3.5MB

  • MD5

    6d0e90efb33350b609519767b67d4433

  • SHA1

    22ee7082758470720ddab2d89fc7b045b3779294

  • SHA256

    1032b42c859c747bcc159b75366c3325869d3722f5673d13a7b06633245ebf32

  • SHA512

    7298b90d7e49cade426cd502a51b13d958c92a587d07f59beb6eb7e35a61f658d3b0efb9a4b061e7b059755fa916af7bed05b0834ea0fe1a56a2aa701ed7180f

Malware Config

Signatures

  • Ermac

    An android banking trojan first seen in July 2021.

  • Ermac Payload 1 IoCs
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • com.lzllwgqflhaaol.fieyihzm
    1⤵
    • Loads dropped Dex/Jar
    PID:4742
    • com.lzllwgqflhaaol.fieyihzm
      2⤵
        PID:4772
      • /system/bin/dex2oat
        2⤵
        • Loads dropped Dex/Jar
        PID:4772

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads