Overview

overview

10

Static

static

10

hermit_e38...e3.apk

android-9-x86

8

hermit_e38...e3.apk

android-11-x64

8

Resubmissions

30-08-2022 12:18

220830-pgsgrsggaq 10

12-07-2022 11:07

220712-m77chafdel 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    hermit_e38d7ba21a48ad32963bfe6cb0203afe0839eca9a73268a67422109da282eae3.zip

  • Size

    2.5MB

  • Sample

    220830-pgsgrsggaq

  • MD5

    f0b44c109a909ca47395bdd620740f26

  • SHA1

    c13178e057f752ff0d57cffe282b7ea454f88721

  • SHA256

    0a7f1045c39b6b02c58d133ef20566288689a51e863f59626d2c48e61d14cd79

  • SHA512

    6436630931c5de39e5a8cacb76667abf3ed78a6a40adb0e2504887ad59f4c42cf4563e563b345e646c3267ba89a522f0d0cca589da1619b7970ebbad1c45f0ec

  • SSDEEP

    49152:wb2cGyh4dYgA7UwksbDsjSy1cWOQe8BzeU/P8op8gM4+YGhrx5:3i4dd5jzcWOQe85J0oplGv5

Score
10/10
hermitandroidbankerevasion

Malware Config

Targets

    • Target

      hermit_e38d7ba21a48ad32963bfe6cb0203afe0839eca9a73268a67422109da282eae3.bin

    • Size

      2.9MB

    • MD5

      db253c49fa9375e6eaa7f23661c58554

    • SHA1

      527141e1ee5d76b55b7c7640f7dcf222cb93e010

    • SHA256

      e38d7ba21a48ad32963bfe6cb0203afe0839eca9a73268a67422109da282eae3

    • SHA512

      e15c29a45813977896487240692c5286053ca4e63f8da92709e4ea56ec354a039fcd5fe8168076da9d2e718cd89704e117e4ea690f5102383253f94f24ac362d

    • SSDEEP

      49152:3wAIKVFQuVh59r9VWEOxeoRPipEauRMQ7QqyGdZEdyqDVNdo:3LTH9rXxOxnuETQL5zDV7o

    Score
    8/10
    bankerevasion

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).

      banker

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Acquires the wake lock.

    • Reads information about phone network operator.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks