Overview

overview

10

Static

static

8

41e17ab631...29.apk

android_x86

10

Resubmissions

28-09-2021 10:20

210928-mc639abeg5 10

28-09-2021 09:50

210928-ltx18sbfcj 8

Analysis

  • max time kernel
    737101s
  • platform
    android_x86
  • resource
    android-x86-arm
  • submitted
    28-09-2021 10:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    41e17ab631293f4976a503e8aed4dc7f84a55e286b1e49b0b2e4d1432639c029.apk

  • Size

    5.3MB

  • MD5

    1eb48628e6ad4c98953e2adc80736675

  • SHA1

    e28d9daa3cd5ba16ef724e8dd1c02539d167dc52

  • SHA256

    41e17ab631293f4976a503e8aed4dc7f84a55e286b1e49b0b2e4d1432639c029

  • SHA512

    295887125e7a3f6ec9c7912fcf80112c060eb809883475c804a94c9b1973fa73d871a1e6ebd1a246d61778f455ecdf65512dd071247c1b3aae213841502483ba

Score
10/10
ermacbankerinfostealerobfuscationransomwaretrojan

Malware Config

Signatures

  • Ermac

    An android banking trojan first seen in July 2021.

    bankertrojaninfostealerermac
  • Ermac Payload 1 IoCs
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware
  • Uses reflection 52 IoCs
    obfuscation

Processes

  • com.dkisngicdeza.ptma
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data).
    • Uses reflection
    PID:4708
    • com.dkisngicdeza.ptma
      2⤵
        PID:4748
      • /system/bin/dex2oat
        2⤵
        • Loads dropped Dex/Jar
        PID:4748

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/user/0/com.dkisngicdeza.ptma/shared_prefs/multidex.version.xml
      MD5

      d9108c065a7d6da0c1dc565d1da862b1

      SHA1

      f2bb58899734e495bdde7ea6267a498f0791ddec

      SHA256

      37f60d0b7bf42551df7a3a3536f3422ef8395574429c3e8c15f5178a21599495

      SHA512

      0969faeec335d868895e098b77920f4a08563a3712eeda7ddfb8c392bdaeb1d36130c35687b53247401fa0176046f8e1cd948230d501f3d2ca6049f256153aa0

      Download Submit
    • /data/user/0/com.dkisngicdeza.ptma/wxqeouetaq/xhqlavxmdaffjam/base.apk.jtateug1.qgy
      MD5

      d41d8cd98f00b204e9800998ecf8427e

      SHA1

      da39a3ee5e6b4b0d3255bfef95601890afd80709

      SHA256

      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

      SHA512

      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

      Download Submit
    • /data/user/0/com.dkisngicdeza.ptma/wxqeouetaq/xhqlavxmdaffjam/base.apk.jtateug1.qgy
      MD5

      d41d8cd98f00b204e9800998ecf8427e

      SHA1

      da39a3ee5e6b4b0d3255bfef95601890afd80709

      SHA256

      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

      SHA512

      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

      Download Submit
    • /data/user/0/com.dkisngicdeza.ptma/wxqeouetaq/xhqlavxmdaffjam/base.apk.jtateug1.qgy.x86.flock
      MD5

      d41d8cd98f00b204e9800998ecf8427e

      SHA1

      da39a3ee5e6b4b0d3255bfef95601890afd80709

      SHA256

      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

      SHA512

      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

      Download Submit
    • /data/user/0/com.dkisngicdeza.ptma/wxqeouetaq/xhqlavxmdaffjam/bbgldhjf.gunp
      MD5

      d41d8cd98f00b204e9800998ecf8427e

      SHA1

      da39a3ee5e6b4b0d3255bfef95601890afd80709

      SHA256

      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

      SHA512

      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

      Download Submit
    • /data/user/0/com.dkisngicdeza.ptma/wxqeouetaq/xhqlavxmdaffjam/oat/x86/base.apk.jtateug1.odex
      MD5

      7a51521162227c3d0d07052a5630b835

      SHA1

      108f2ce92d294641c5b19523553b4172185a4270

      SHA256

      59377a4dca953ae09657d908dd11ab69184538372b27b5c33ab4bdb19befba98

      SHA512

      576625d0628d51033e70c9a15f82ec35bcf68b1286cf405b595c5cfdbcdc564fbced8f3282632e8a5148125014e04dc36851303bfa302a4a3041fe6b7094b63f

      Download Submit
    • /data/user/0/com.dkisngicdeza.ptma/wxqeouetaq/xhqlavxmdaffjam/oat/x86/base.apk.jtateug1.vdex
      MD5

      ea15e6df5a3860eeaff392c09440e181

      SHA1

      c08b45b6bba0d8aec8e8daf22e6e41762e4b9ad4

      SHA256

      8da36d32498060111c35ba982bd59c58a6cca7058ba113d0dd6878b42af6cfb0

      SHA512

      7d606e955b820f6418fa91a3d60cd79b99f8600322e1508fed5d97a442fd2028cb69a847f96f7a4e582c7e65f1f29ce5018b93954bbe687d2f80ef229fed6696

      Download Submit
    • /data/user/0/com.dkisngicdeza.ptma/wxqeouetaq/xhqlavxmdaffjam/tmp-base.apk.jtateug1526190905523678362.qgy
      MD5

      d41d8cd98f00b204e9800998ecf8427e

      SHA1

      da39a3ee5e6b4b0d3255bfef95601890afd80709

      SHA256

      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

      SHA512

      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

      Download Submit