Analysis
-
max time kernel
734553s -
platform
android_x86 -
resource
android-x86-arm -
submitted
28-09-2021 09:41
General
-
Target
1032b42c859c747bcc159b75366c3325869d3722f5673d13a7b06633245ebf32.apk
-
Size
3.5MB
-
MD5
6d0e90efb33350b609519767b67d4433
-
SHA1
22ee7082758470720ddab2d89fc7b045b3779294
-
SHA256
1032b42c859c747bcc159b75366c3325869d3722f5673d13a7b06633245ebf32
-
SHA512
7298b90d7e49cade426cd502a51b13d958c92a587d07f59beb6eb7e35a61f658d3b0efb9a4b061e7b059755fa916af7bed05b0834ea0fe1a56a2aa701ed7180f
Malware Config
Signatures
-
Ermac
An android banking trojan first seen in July 2021.
-
Ermac Payload 1 IoCs
-
Loads dropped Dex/Jar 2 IoCs
Runs executable file dropped to the device during analysis.
Processes
-
com.lzllwgqflhaaol.fieyihzm1⤵
- Loads dropped Dex/Jar
-
com.lzllwgqflhaaol.fieyihzm2⤵
-
/system/bin/dex2oat2⤵
- Loads dropped Dex/Jar
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/com.lzllwgqflhaaol.fieyihzm/mvhxbmeffl/lplhvkplxtggzpf/base.apk.rbzrgxu1.xnmMD5
9f27edc898ff964adaaf24dcf18174ff
SHA157367a27bf3a46132182be823088650cf940b769
SHA256a02969bf2a37873189c8906232e7a694ab2386018b3f7eab808dd8dce38d8bb7
SHA51272d1062253f88fce33d8939ca21ae08b2eb3b26b9574aa1cf4a66ef725d777376e0792fb317e53684d891dbc1803288ae553509c2e05b2a099569715d6fe1eba
-
/data/user/0/com.lzllwgqflhaaol.fieyihzm/mvhxbmeffl/lplhvkplxtggzpf/base.apk.rbzrgxu1.xnmMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
/data/user/0/com.lzllwgqflhaaol.fieyihzm/mvhxbmeffl/lplhvkplxtggzpf/base.apk.rbzrgxu1.xnm.x86.flockMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
/data/user/0/com.lzllwgqflhaaol.fieyihzm/mvhxbmeffl/lplhvkplxtggzpf/oat/x86/base.apk.rbzrgxu1.odexMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
/data/user/0/com.lzllwgqflhaaol.fieyihzm/mvhxbmeffl/lplhvkplxtggzpf/oat/x86/base.apk.rbzrgxu1.vdexMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
/data/user/0/com.lzllwgqflhaaol.fieyihzm/mvhxbmeffl/lplhvkplxtggzpf/tmp-base.apk.rbzrgxu8407228472926486643.xnmMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
/data/user/0/com.lzllwgqflhaaol.fieyihzm/mvhxbmeffl/lplhvkplxtggzpf/zubdhiyc.hmmnMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
/data/user/0/com.lzllwgqflhaaol.fieyihzm/shared_prefs/multidex.version.xmlMD5
d249e187e2cced2e40356aee9fc5199c
SHA110bddf7ec98218c4e96dbbc65184597fd55f71fb
SHA2566ee83fbe4671f9060017814fa0812da830e8f77bb8782dfd7f728b207721df08
SHA5122c65c24391f30adcacb2cf78f4b352ff081c8650871c14afcd48e9158420c88e600ff566033799f13a70fbf3061b3268ae04281ca0eb95c630cfe1bb87a5af94