Extracted

Extracted

• • Target

    3077d5358dfadec5956dd3db5a28c4e416332c5a4d44deb96b3fccc907f18452.bin

  • Size

    2.7MB

  • MD5

    54f85f012dd01b28ba3b8b5b71637709

  • SHA1

    8a4e72cb1ae1ccc9a155d4cb7e4d7476f64d6918

  • SHA256

    3077d5358dfadec5956dd3db5a28c4e416332c5a4d44deb96b3fccc907f18452

  • SHA512

    3ac0254f808465a853ccbd5ab289bc456253d522896fbceacddf5f7ade645c842d03373857b83b69289d2f70775a639ffcc6729f3f6e4cc6a59a6d9c81352e6e

  • SSDEEP

    49152:sbSAO1Ah8i6uzPXVzg84H76Fg/fw/pQdUYl/LTPy+BRo1JbG0:9AO1r9wPXVWH76FBpQaC/1BRoS0

  Score

  10^/10

  ermachookbankerevasioninfostealerransomwarerattrojan

  • Ermac

    An Android banking trojan first seen in July 2021.

    bankertrojaninfostealerermac

  • Ermac2 payload

  • Hook

    Hook is an Android malware that is based on Ermac with RAT capabilities.

    rattrojaninfostealerhook

  • Makes use of the framework's Accessibility service.

  • Acquires the wake lock.

  • Loads dropped Dex/Jar

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.

  • Removes a system notification.

    evasion

  • Uses Crypto APIs (Might try to encrypt user data).

    ransomware
  behavioral1behavioral2behavioral3

• • Target

    closebutton.html

  • Size

    981B

  • MD5

    c8efa039f4f84b2705a8e3a3b31da61c

  • SHA1

    669749429feda1599c4ee980cfd67fbb1a54c1a4

  • SHA256

    494693c2ac56ecac1a2588c25631e1bf71211fb0f06108649a983c879315b1aa

  • SHA512

    db6c9817469c937a41eedbbbdaeb21a0860fa5228258978fe59d29c75ab1497b8d1a0ceaae2b236206d6935e186deaf0d83a73791658fa68a985dfc5c314aed2

  Score

  1^/10
  behavioral4behavioral5

• • Target

    core_wrapper.js

  • Size

    5KB

  • MD5

    2558e92bdb03c3e4685d4320a7cbe715

  • SHA1

    9feff7ec75024ba6d9753ea233ffbe0b7bc04bf7

  • SHA256

    99a17d18531953e748103eb021738a42eb9fe675532a4d42441d3bc34e048bc8

  • SHA512

    83409561241255be24558f6b238f1687ea7f703d6950a8ad54ff4c50aa9c62af490b74e9b60379ff074b92942bf4752a653a19c4da2b554ac59ecfa0f5fad9f3

  • SSDEEP

    96:MIn5NKjaILnYJX+myXjfaw17BLyHjLAHIIJUU/AUYYg8InG+d:N5NKjDrYJX+my7aw17UHjLAHIIJUUAW8

  Score

  1^/10
  behavioral6behavioral7

• • Target

    help.htm

  • Size

    53KB

  • MD5

    a249587defc4f17f972785d38bd76df7

  • SHA1

    a359c29f7a850e01688890e1990022992e353493

  • SHA256

    2c2727cf87a4a33c0fabcc1c61ebc978e9ab6bc362689a22571ec768f1361393

  • SHA512

    24a81603830a66fd4e06d6747ef55a2e1decf8cc2e27aa159e3bd06244749c323e78487d5ade8e0178dae9ed5ab77818a8e8015654673d3bd5b3ee619bcc5ea4

  • SSDEEP

    768:FWAtJoDQSUPSEXVe5wSCFz1K4I8Cnsro7:b6kxPSGowS8E4I8Wsa

  Score

  1^/10
  behavioral8behavioral9

• • Target

    help_cs.htm

  • Size

    60KB

  • MD5

    0f640786196d6011e01155333821964f

  • SHA1

    066c679b1de3b92ff8ea552d1f80adf6891047b8

  • SHA256

    bf803405fedfdddb8633f549f97f4a5a53f4d1a0aae0726a4e4c2a380a611fc0

  • SHA512

    7f5545021dac362c111d315d4e3b049674d6fc3c8a198330eb35fd562ba6c4c888d4ac16341b10c3b3caa47187759b48ba2cdc12dbda2e1b5f702f3bf2c48a17

  • SSDEEP

    768:Jqj9py4zLWgQgkai1q2esuB+SgvHQ3tSOPz114I8nV213trFi+0IgTagDgrg71gd:+pySnFkaAvHUtS+D4I8V21CTTEM76V3

  Score

  1^/10
  behavioral10behavioral11

• • Target

    help_uk.htm

  • Size

    114KB

  • MD5

    ee5debcf16d309d049ac633b5834a58b

  • SHA1

    ad9e5e501bc770bd22695b81482bffe1fc5fd62a

  • SHA256

    7ae8f11037e5639b61064b8b0e881fb32c1a047f6877f9737541454d2eee80ed

  • SHA512

    21f6d268794424f57639614d97edb81109d01f402886a242b120f206bb1fb770475ec2b3885884e13cdc1af09e2d982be999ce38150c7b69552b1ff899278506

  • SSDEEP

    384:CBd+WmQvJOWzmSBkhpJ4/HweDM1C1ytpXjAoLU/S2wVIEMpaMtM/LPWZdO+2+FX6:HhzSEXeyag

  Score

  1^/10
  behavioral12behavioral13

• • Target

    license.htm

  • Size

    6KB

  • MD5

    407f13382c8d7a039a9eaef44f79642e

  • SHA1

    d16f70c6d1703efc33823ab385ceabd8447ac1bc

  • SHA256

    657c157f78e360d37e2485f6245b4f87789ece5a2b150a4f4fe9fead0c6facd3

  • SHA512

    213e32e5f04199153ad3702e8706b0399fdb8c683a47dfbde7dce8a91ef7786c7d43830eeaf5d03fade136a74ca0908eabd797be806d15c106a2e070579ada9c

  • SSDEEP

    96:27r6shoCs4pHbHF0cRKKxUREEQAk5cVB54x/XHFCWFJYJzzTF3G3zVHCU:DsmQHbHxRKKME6FWXHZLsXTF3G3BCU

  Score

  1^/10
  behavioral14behavioral15

• • Target

    mraid.js

  • Size

    51KB

  • MD5

    e2db7d9163a5b5ea29ed1e3d753505c9

  • SHA1

    e3bce9123ba9f390f44ab6d0d1d7f09d0042b29f

  • SHA256

    1d108e9e25ced6c38887b725a70d12daa73607d2c23ec5c0baba720d34a44cd1

  • SHA512

    d4b7ed362cc86765c80c89a0c211d8248968723d44990a7ce8e9c01811379cf5737119f126c2e338ec40120fcb50cbe232e7fee1de571483f8992d45af0a129f

  • SSDEEP

    768:XPm2fhPGF1w0mtgam43CGwOcM5GytADK2vz1UJMS7cuNrwLg:Y1w0mtgxSc99DK2ZqNxwLg

  Score

  1^/10
  behavioral16behavioral17

• • Target

    omsdk-v1.js

  • Size

    38KB

  • MD5

    068a1502b5c85368af0a863d2de2230b

  • SHA1

    04622229d0a7fa0c66f8d43624f3365a0bd0d81f

  • SHA256

    463080e38d9e1eb87cf8fdb9447d76b5b0e2ace83b04dc503820908765636306

  • SHA512

    23fe8e1f40fa7e1d46fde168149f6cac79a23a6d75ca5a72a9b6e1eee7c1315e8c04c1f978cc7a350df124be1688b840a2f03cb406357cc10148396de5338037

  • SSDEEP

    768:BVFKe8jgobTdXDKZO3OCy0PxjggF4boPq9KMIQ2/9vt5ZBFus9cAZhmUsaZf2ceE:BVFH8UoYO3uIn6boPq9KMIQ2/9vt5ZBZ

  Score

  1^/10
  behavioral18behavioral19

• • Target

    playstore.htm

  • Size

    4KB

  • MD5

    b5761ec7f4412406c8f521379cbfe466

  • SHA1

    621c6720da697ab81116bfdd6bf81d1c8ad5e7a1

  • SHA256

    27b9dbf27f7d81fc3cb84c6b3b2430a14fcf78d82d351d38b92dd18537f0bc26

  • SHA512

    e4115829d744cfe44891eb753c4b2ef042d6d5397e5138899ddcfbf9f5a7ac84f2a47af3ca496e11505ca501b8ccadd51b276adafa42d709525b337049d7ed4d

  • SSDEEP

    48:mB79CNoW1ii1n8BfDaqDUMmckWmk1ZVEsMToZtME1NOar5McIp9AMF3Y:mB79C2WT16DaqAMv5ZxoMMUbMrHBFI

  Score

  1^/10
  behavioral20behavioral21

• • Target

    privacy_cn.htm

  • Size

    43KB

  • MD5

    1a2f4a2ea0d51df86a3cf68da9c7c771

  • SHA1

    3c2781f18cb4069645d23191fa4c1c2dfab88440

  • SHA256

    79c3ca826e2e8e65ce3d7922104a24a785dda2a2450a3a99d15d3602ae516485

  • SHA512

    1c9500e08577c1c92b438549d006ed59ce07214991d4587e3e39247a56acd1fde4104ca42fd22b1992579cb9f83b8ee977b2082a8deb76abb53813842e29122d

  • SSDEEP

    768:XEqYEM6RazBF/p516fKdYS6XCtrhs6WTKIF6VqOrX8J/WueuAFuanVzK+tZxMAXg:9KEIqEDSApKpaf5XfOBWK0H9Zwiu

  Score

  1^/10
  behavioral22behavioral23

• • Target

    totalcmd_datenschutzerklaerung.htm

  • Size

    3KB

  • MD5

    2209d1334f10103745b249b73f43e6b8

  • SHA1

    40f4df0131ccce8320190339fef80e7451f4d457

  • SHA256

    26ba8e05bfd77a7b00b958ef60d5d6f0e40e6b10fd6283f71c176180fc2eeb0a

  • SHA512

    2f89b8dec6e8c5649499acdc6970235c6e56853574339eac7fe53dbf93915153dba5f26c4bd3bf93c16370ca163a1a8dbc0dfaac3c68fb73a98a86141df03d6e

  Score

  1^/10
  behavioral24behavioral25

• • Target

    totalcmd_privacy_policy.htm

  • Size

    3KB

  • MD5

    f5bd54f89d624a56a0368d1bf532c60b

  • SHA1

    6fdb247506d811132bc5b51ffc1d82afeb6e72b4

  • SHA256

    eb87dd5ca31a26b9d8a8bc650c324b49027d38242ffc71a89b04e0aae8b4cb4b

  • SHA512

    8dc96be4781bb08b1dcbc3205f59eac592285e98a349a330301ab32e81a25beebd9224880215c62e431d9926c7ed0433e886b61730ada1012ca2f907fcceb263

  Score

  1^/10
  behavioral26behavioral27

• • Target

    wifi_rc.html

  • Size

    2KB

  • MD5

    efbaf207ad3762724fd4ac6e58022e13

  • SHA1

    4268759d592840b50c3fbbebee5a6758c42f01fa

  • SHA256

    e134d5aa97d09bc401331f323e5b756c5571e902499d97de91316010ffefcd70

  • SHA512

    f8015c27bd88680f3b7c466080dc7c5e5222411d80225c3433f86e76925fda4b781478bb5639c574072b6eb580bd111f08d03c67fb47cc182e1405faeff6f021

  Score

  1^/10
  behavioral28behavioral29