Overview

overview

10

Static

static

7

53.apk

android_x86

1

53.apk

android_x64

10

53.apk

android_x64

10

Resubmissions

13-07-2022 10:04

220713-l3xrtscgdn 8

Analysis

  • max time kernel
    4144388s
  • max time network
    162s
  • platform
    android_x64
  • resource
    android-x64-20220621-en
  • submitted
    13-07-2022 10:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    53.apk

  • Size

    2.3MB

  • MD5

    532976a909d2a833efb1dea9f025d63b

  • SHA1

    6af5fc7790be9c0ff466e31dd33ace5b587d2674

  • SHA256

    e726697d7f682a6b2be61ae887b80275ca124da0350020ead46c52781bd22e39

  • SHA512

    83eb6c4c17715936ea8d38b7a92e73a82de91283b7acdcbe9b39aaa9bf18d33441a1f6712a9b32c1e9ee05134725e21f08dc510af387d9a6dbee59a02c7fe078

Score
10/10
ermacbankerinfostealerransomwaretrojan

Malware Config

Extracted

Family

ermac

AES_key
AES_key

Signatures

  • Ermac

    An Android banking trojan first seen in July 2021.

    bankertrojaninfostealerermac
  • Ermac2 payload 1 IoCs
  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware

Processes

  • com.dakerebutisi.lozaji
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data).
    PID:5855

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.dakerebutisi.lozaji/app_DynamicOptDex/hY.json
    Filesize

    445KB

    MD5

    c8d1138e431ea1a179a8234e200012b5

    SHA1

    1ce4de7c00e2759a919eacb287bb3c5496c42285

    SHA256

    c32fadead663361c1dc51ecaae48f69ac61c1fbad44b9696b32fd01248a9e777

    SHA512

    7d86a02afaa29c50b61f6fede260fe42d44a0d8277297a8b18ffd9883aa8e670f5dc04f31d2e6f0fbb652f307d45a24f8ccf4d81353f6c5873e43bd794f53650

    Download Submit

  • /data/user/0/com.dakerebutisi.lozaji/app_DynamicOptDex/hY.json
    Filesize

    877KB

    MD5

    260e6e7f0d536c107fcde973f61af176

    SHA1

    87b18261b58ab77fa6c7fe60e3f51fe67e4e7cc6

    SHA256

    9c086b58b55afd9dfa32847b5d5f87fa2eb029a8d9f5a343c8a3d7051fc28bb2

    SHA512

    f07d5a6ea4f351d873d383fc0d13aad2f4eb30262d51df936d909cc3f0731c8250ba2e5547d2ea4af044e9efdcb4e2569eb86fa5db94231a42615c186fe8d5ca

    Download Submit

  • /data/user/0/com.dakerebutisi.lozaji/app_DynamicOptDex/oat/hY.json.cur.prof
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit