ermac | d2989bc4c7ab5aa272bd2249dcf99462c7836b8bbb752bb4dade2ef70e92b03e | Triage

Submit
Reports

Overview

overview

Static

static

7

d2989bc4c7...3e.apk

android_x64

Sharing

General

Target

d2989bc4c7ab5aa272bd2249dcf99462c7836b8bbb752bb4dade2ef70e92b03e
Size

3.8MB
Sample

220120-sfa3waadfj
MD5

16835e5da40cd90420d42b8fc3eaeafe
SHA1

e98c3c3d2c8f57fb7279abdb987219cf7529817e
SHA256

d2989bc4c7ab5aa272bd2249dcf99462c7836b8bbb752bb4dade2ef70e92b03e
SHA512

f69305f0c9d6d5e4fd6451ffa00a6d6f0a99028d8af228f57dff85b4b7324f5c838232c6771d4003d6eb189cb5aadc6469776a43bc816b6e9ac8f9685a1dd5d5

Score

10^/10

ermac android banker infostealer ransomware trojan

Static task

static1

Behavioral task

behavioral1

Sample

d2989bc4c7ab5aa272bd2249dcf99462c7836b8bbb752bb4dade2ef70e92b03e.apk

Resource

android-x64-arm64

ermac banker infostealer ransomware trojan

android_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  d2989bc4c7ab5aa272bd2249dcf99462c7836b8bbb752bb4dade2ef70e92b03e
- Size
  
  3.8MB
- MD5
  
  16835e5da40cd90420d42b8fc3eaeafe
- SHA1
  
  e98c3c3d2c8f57fb7279abdb987219cf7529817e
- SHA256
  
  d2989bc4c7ab5aa272bd2249dcf99462c7836b8bbb752bb4dade2ef70e92b03e
- SHA512
  
  f69305f0c9d6d5e4fd6451ffa00a6d6f0a99028d8af228f57dff85b4b7324f5c838232c6771d4003d6eb189cb5aadc6469776a43bc816b6e9ac8f9685a1dd5d5
Score

10^/10

ermac banker infostealer ransomware trojan
- Ermac
  An android banking trojan first seen in July 2021.
  banker trojan infostealer ermac
- Ermac Payload
- Makes use of the framework's Accessibility service.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

ermacbankerinfostealerransomwaretrojan

© 2018-2025

Terms | Privacy