Extracted

• • Target

    7f86778b11adc997df2d943f889cceb90bf7e1f48520e95fad2fc87c66a6e825.bin

  • Size

    2.3MB

  • MD5

    350bc3fb7a87bf6026c0e006e3f77445

  • SHA1

    4cf89be4d3d93a7514582049d5632b3f1a6b8052

  • SHA256

    7f86778b11adc997df2d943f889cceb90bf7e1f48520e95fad2fc87c66a6e825

  • SHA512

    e2cd974755ee6e57d879f8a9fefef54aefafd4b7a2a8951ed1efced64ffc589ceb5304b82c67c935da85c7e7c6fc39779cda968cb410e18228e9580aa5e86ba2

  • SSDEEP

    49152:iNw68Uy9Owo/SKq+PdHe3nyqjVJd7l763Tnvf8YCLYBlOHwhhOMiXdg/y:cfSOwoKKq+PdHe3nrbx56zfVCEBlOXb

  Score

  10^/10

  hookbankerevasioninfostealerransomwareratstealthtrojan

  • Hook

    Hook is an Android malware that is based on Ermac with RAT capabilities.

    rattrojaninfostealerhook

  • Makes use of the framework's Accessibility service.

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).

    banker

  • Removes its main activity from the application launcher

    stealthtrojan

  • Acquires the wake lock.

  • Reads information about phone network operator.

  • Removes a system notification.

    evasion

  • Uses Crypto APIs (Might try to encrypt user data).

    ransomware
  behavioral1behavioral2behavioral3