Overview

overview

10

Static

static

7

b3ee8c90d9...f2.apk

android-9-x86

10

b3ee8c90d9...f2.apk

android-10-x64

10

b3ee8c90d9...f2.apk

android-11-x64

10

cupcake.xml

windows7-x64

1

cupcake.xml

windows10-2004-x64

3

default_paper_1.xml

windows7-x64

1

default_paper_1.xml

windows10-2004-x64

3

default_paper_2.xml

windows7-x64

1

default_paper_2.xml

windows10-2004-x64

3

default_paper_3.xml

windows7-x64

1

default_paper_3.xml

windows10-2004-x64

3

default_sh...le.xml

windows7-x64

1

default_sh...le.xml

windows10-2004-x64

3

default_sh...rt.xml

windows7-x64

1

default_sh...rt.xml

windows10-2004-x64

3

default_sh...mb.xml

windows7-x64

1

default_sh...mb.xml

windows10-2004-x64

3

default_sh...re.xml

windows7-x64

1

default_sh...re.xml

windows10-2004-x64

3

default_sh...ar.xml

windows7-x64

1

default_sh...ar.xml

windows10-2004-x64

3

default_sh..._2.xml

windows7-x64

1

default_sh..._2.xml

windows10-2004-x64

3

default_sh...le.xml

windows7-x64

1

default_sh...le.xml

windows10-2004-x64

3

default_shape_x.xml

windows7-x64

1

default_shape_x.xml

windows10-2004-x64

3

diamond.xml

windows7-x64

1

diamond.xml

windows10-2004-x64

3

drops.xml

windows7-x64

1

drops.xml

windows10-2004-x64

3

elephant.xml

windows7-x64

1

Analysis

  • max time kernel
    1687407s
  • max time network
    65s
  • platform
    android_x64
  • resource
    android-x64-20230621-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20230621-enlocale:en-usos:android-10-x64system
  • submitted
    17-07-2023 15:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b3ee8c90d9038c94565785ba2eeca0362de853a6324e3c93736a22eba09b50f2.apk

  • Size

    2.8MB

  • MD5

    c909a9df9dc4c6508eb4cf7c68aa5293

  • SHA1

    0adf0df2c56c8b76b27abde0e73d18bede6c8274

  • SHA256

    b3ee8c90d9038c94565785ba2eeca0362de853a6324e3c93736a22eba09b50f2

  • SHA512

    782e63f86e8662230dc3f22bc872ed54a8a4e8284f965c869831bf14ee2ce0dfb83a473031b4bd9579e205928211498c75e06182063fcf8c26ce6b254b16831f

  • SSDEEP

    49152:LTMV/hemABwhkqfbDU0g8fYz5mgzMTym95CFHnrNUlgocZFWy3ACdv3IFoBQ/g:LTk/zRbDU8Yz5mXTyuynrWl/cZco52Fe

Score
10/10
ermachookbankerinfostealerransomwarerattrojan

Malware Config

Extracted

Family

ermac

AES_key

Extracted

Family

hook

AES_key

Signatures

  • Ermac

    An Android banking trojan first seen in July 2021.

    bankertrojaninfostealerermac
  • Ermac2 payload 1 IoCs
  • Hook

    Hook is an Android malware that is based on Ermac with RAT capabilities.

    rattrojaninfostealerhook
  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware

Processes

  • com.dohisoyumokexisi.jufosiji
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data).
    PID:4840

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.dohisoyumokexisi.jufosiji/app_DynamicOptDex/xCB.json
    Filesize

    674KB

    MD5

    175bb924fc9f89f16a75772a8d9f152b

    SHA1

    04b1a438617f073751cf5347e3cb0ee95dcff32d

    SHA256

    3fabd4daed04836e54116b2d44af9027e32c3d5b7a1075d2399e9a5ba3bf269c

    SHA512

    8aa3c3e74c6a2a2f0d739e7896157ebd62c79bf4513435b9ed666bc3b5a08757869fb0594d9ad685f6b40e4721a0c931674c6900768410e172322d332d48ace6

    Download Submit

  • /data/user/0/com.dohisoyumokexisi.jufosiji/app_DynamicOptDex/xCB.json
    Filesize

    1.5MB

    MD5

    e0eaeebcf53c831477bc5cd6b908822a

    SHA1

    3ea42012ab8fdac61426eb494a51f755a6d331d0

    SHA256

    84765b800ce4182b581719ad1fb35afdea8e0dc20f47b025a5df78837a91fbb6

    SHA512

    626605b9d3a5e7dcf3b582cd56aec18a99d7beb23df99323de9924b7ad86b442ce9d8213710a54fbb47ad965e1caa09c7bed7b704a531154450187f590d0c98d

    Download Submit

  • /data/user/0/com.dohisoyumokexisi.jufosiji/app_webview/GPUCache/index
    Filesize

    48B

    MD5

    6d7d499960179766cd4261d12dacc411

    SHA1

    e6f8553b0015e12b23cc551afe98763f3b1c9bed

    SHA256

    c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

    SHA512

    6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

    Download Submit

  • /data/user/0/com.dohisoyumokexisi.jufosiji/app_webview/GPUCache/index-dir/temp-index
    Filesize

    96B

    MD5

    2a2f84176ccbdabca0691da8f79254fe

    SHA1

    8e14a94aa93c3682ef5242c1e05f87919cf51794

    SHA256

    f240897c3bdfc92dd027321ab4ba0aacf0aea4612d9d327fbde797c3fd7f59bf

    SHA512

    cdc99b5847fa08525aa4331383a128793a258d2bca5352f9d8fe33e93fe037dcb570f512ca3a4a130327ea4b8e7845908da461fcbe7a264b4b9e02bb37425861

    Download Submit

  • /data/user/0/com.dohisoyumokexisi.jufosiji/app_webview/Web Data
    Filesize

    112KB

    MD5

    b663831f8cc130493476d94f2d7a5330

    SHA1

    043a1956ab8e40821d67043f8a9110a8eb36fb93

    SHA256

    c109aa8bfc364d5fd0756f1c9d35ee3d6df31325061ac70d8469f28cfc882ab7

    SHA512

    e8ee923192cdf16318febdc23362f3eeaf5c914b923f80cd3a91a2e83e94bced54460d4ef1e54accc26a7d54b89e2e10c00097e60002cf6427298dc5f18fed16

    Download Submit

  • /data/user/0/com.dohisoyumokexisi.jufosiji/app_webview/Web Data-journal
    Filesize

    1KB

    MD5

    9b6b6b684b99e6d426907fce0948381f

    SHA1

    4a1c6785c34f8eb0f81f50f3592b47d9390f30b2

    SHA256

    c9dcf27c5b787bc0f1b69f3898d64543b67b3a963af5376ff56d42bb2d77b224

    SHA512

    0cf7b905b1d2c9be25d9173130d50390e893564eb55a14ca6fe2f599dbb15368d7027480dee087efe0e4dcbf89c7f6e6cde2413e51e6b3d65707899ce9232ecd

    Download Submit

  • /data/user/0/com.dohisoyumokexisi.jufosiji/app_webview/metrics_guid
    Filesize

    36B

    MD5

    dabb3c326aeffe4816220c5dd4242215

    SHA1

    cb5d7fca2f90c9229d620e9d126164dbfdd64717

    SHA256

    d69f5eef517b03d2881d2d1a7f43bd6ad2e4b5256c09539a31f17d6ed364e212

    SHA512

    02091a4a7fb0a4c3d7ffe98f4dd3576713f6802e60fdf9b5d42aa39628c452fc6100f66a7afcb64c268c0bdd275a9a4ae44b0a96b4c4f0b26a863fdcdf86a029

    Download Submit

  • /data/user/0/com.dohisoyumokexisi.jufosiji/cache/WebView/Crashpad/settings.dat
    Filesize

    40B

    MD5

    1b8b789f7d4c37e191bfcb1b8139e0c7

    SHA1

    c8d8c2a746f5cbdde1f203514e78548bbde1dd8d

    SHA256

    3ece46af7fb953f01981bcdaec2174efd8bf1100a1e059feec38bd8861f6b1ad

    SHA512

    714337cd7e3f7cc73f5de6cb4ed36ef4c4279a7e24afd863468f50c603cb4da8e00a5ea9fcd1ba43100f8d4826b0edce6996b8f9143f126d7910f1fbb63a4028

    Download Submit

  • /data/user/0/com.dohisoyumokexisi.jufosiji/cache/org.chromium.android_webview/Code Cache/js/index
    Filesize

    48B

    MD5

    6d7d499960179766cd4261d12dacc411

    SHA1

    e6f8553b0015e12b23cc551afe98763f3b1c9bed

    SHA256

    c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

    SHA512

    6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

    Download Submit

  • /data/user/0/com.dohisoyumokexisi.jufosiji/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-index
    Filesize

    96B

    MD5

    d01088af670d899e31a172e404f93dac

    SHA1

    845473754874f71e0b52eddc0d5b94f0bdb7dc98

    SHA256

    8d49aa8c18a64ed282aa455dd2eb48282d3f8f1091e8c91d8c81167506530597

    SHA512

    19d5d8612d9ded8886ace0f5cdc8f8d0c502ff3c183b3cf73ff4fb46a268b6441cf6980d6fc903a9655324504d41c9ce8baf6088178cfe8dfdaf6659232720a6

    Download Submit

  • /data/user/0/com.dohisoyumokexisi.jufosiji/no_backup/androidx.work.workdb
    Filesize

    8KB

    MD5

    b6ca8b30661a7844ed292db75a29a953

    SHA1

    8e0d397ab1f2ced1f143829084c3f53333743bdd

    SHA256

    63a219c7092be26641907c5f955aa977e7675e3922a8e4ee2af25bfed8c7bbfb

    SHA512

    d21ce3adf13d61369708ea000438f626973f20b08ca05a744c1cccb2d5e7c264a8af9c3ebd18a7a6a464d38e1c64146f8e881d29d71a0484dd94212315f6dceb

    Download Submit

  • /data/user/0/com.dohisoyumokexisi.jufosiji/no_backup/androidx.work.workdb-journal
    Filesize

    1KB

    MD5

    fe278f27f4cc42d7cda2fceca1d0889c

    SHA1

    d1173e142b2fdd6e9690c7d4e9da0469e308e853

    SHA256

    6cb4e0dbfefc9687fa2baae9c30bb4856abf4786b4c4febc4eed5711b3690525

    SHA512

    ddec6ab312d4ffe35314c3a319d4bbfa1642f1acc1f28acd19d83745a93d9d5f07e51d1db5e5ee8b4c604641fb3219c43c43b99cec0c6eee6614e22405a3ed20

    Download Submit

  • /data/user/0/com.dohisoyumokexisi.jufosiji/no_backup/androidx.work.workdb-shm
    Filesize

    16B

    MD5

    4ae71336e44bf9bf79d2752e234818a5

    SHA1

    e129f27c5103bc5cc44bcdf0a15e160d445066ff

    SHA256

    374708fff7719dd5979ec875d56cd2286f6d3cf7ec317a3b25632aab28ec37bb

    SHA512

    0b6cbac838dfe7f47ea1bd0df00ec282fdf45510c92161072ccfb84035390c4da743d9c3b954eaa1b0f86fc9861b23cc6c8667ab232c11c686432ebb5c8c3f27

    Download Submit

  • /data/user/0/com.dohisoyumokexisi.jufosiji/no_backup/androidx.work.workdb-wal
    Filesize

    346KB

    MD5

    0f184e41b9373d3c58b85f0c2252530f

    SHA1

    e1d54ebe0962697957b2581cb2017c16e6eaef37

    SHA256

    a5e69b08c8611a62d36d2611e8c90451b76d6d95ffa6fca793834070833369e8

    SHA512

    f7222ea84b8de655e9cb023da5e50a87b8c87f1b8ebd9e43eebad58021adf23c1db5e92c9d9ce779e2acfdf1c3573bd6a87fc202875a2fef66f51cc435f7abe7

    Download Submit

  • /data/user/0/com.dohisoyumokexisi.jufosiji/shared_prefs/WebViewChromiumPrefs.xml
    Filesize

    127B

    MD5

    6ef709b8536878951e87c29a1518fc2b

    SHA1

    24376c70b00152501b3d98df61fa7db435339172

    SHA256

    10b13d894f36d4391fcc31313a244d5f6cd89c8e8c03347282e281c4af13c0a6

    SHA512

    96547eff6779251a5c4941e812ec56ed273e9270265005723e1f2864688b04f3b852a90145fba4ea0ddf1e02b39d99e33d28f761b07a04d46e0e4257d8909ff9

    Download Submit

  • /data/user/0/com.dohisoyumokexisi.jufosiji/shared_prefs/settings.xml
    Filesize

    142B

    MD5

    dcee2cc3108e94c1890b06a34f633fff

    SHA1

    290fe998986d6cb565433cfd5e6e8b99dbcaf82e

    SHA256

    19526b94fc37ff19b7df0e19bdc7dbe960b96186f683654a5a74b964d712e488

    SHA512

    43074288dd10ac080cb89e08dcff115d879275444399f688ce41ecf4c751fc4f4c4a3cc095a5f6a5903ef1cd11dbad2b1d94aa9e59afd9baed9d25e861a2fac9

    Download Submit