ermac | 10931de207177fa1a1ca4cd2bc2f289789cd28cbe4b95ba92583e3b451e19086 | Triage

Submit
Reports

Overview

overview

Static

static

7b264466e2...fe.apk

android-9-x86

7b264466e2...fe.apk

android-10-x64

7b264466e2...fe.apk

android-11-x64

7

Sharing

General

Target

13580031138.zip
Size

905KB
Sample

231215-16ah2aahg4
MD5

151f53e7d82d815c6ca4277b174f8fe8
SHA1

9c3c69fee40ae47f42a7e21ea85ab38fd547da36
SHA256

10931de207177fa1a1ca4cd2bc2f289789cd28cbe4b95ba92583e3b451e19086
SHA512

d84dd5cfe394b8ef63c132ce9449eb679134dd111d02a53fe8786ca786adee0ff784509f6cea0265ae7a107dc082d33ee91f7cc340fa9b3347f39b8f980d8159
SSDEEP

12288:8BRwh+2JJUath7YnjgJVL67OQzMXQmbmisGqtDd9ayNGKVbq0xg6sHCVz+NgG1tw:+qI0JUi7+jgDLFaMzaiBqhjoqA06l7Jq

Score

10^/10

ermac hook android infostealer rat trojan

Static task

static1

5 signatures

Behavioral task

behavioral1

Sample

7b264466e215505230540b4ac4d01ef47227a80acd33be86835367cbf362dbfe.apk

Resource

android-x86-arm-20231215-en

hook infostealer rat trojan

android-9-x86

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

7b264466e215505230540b4ac4d01ef47227a80acd33be86835367cbf362dbfe.apk

Resource

android-x64-20231215-en

hook infostealer rat trojan

android-10-x64

5 signatures

150 seconds

Behavioral task

behavioral3

Sample

7b264466e215505230540b4ac4d01ef47227a80acd33be86835367cbf362dbfe.apk

Resource

android-x64-arm64-20231215-en

android-11-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

hook

AES_key

Targets

- Target
  
  7b264466e215505230540b4ac4d01ef47227a80acd33be86835367cbf362dbfe
- Size
  
  1.1MB
- MD5
  
  297c76363e44ace3376eaab9fd2b620f
- SHA1
  
  ec099e01d689e5cf03dbf84b4cd990aed6d80441
- SHA256
  
  7b264466e215505230540b4ac4d01ef47227a80acd33be86835367cbf362dbfe
- SHA512
  
  7d1fe4344f20adfd7cbc801557894b37b7dcbbb0089aa4b00e90ade477d83275539516a5b53e4739e4fde4cfb22a3db2eed689410aa21895bd351f58c28506ef
- SSDEEP
  
  24576:ftd6Z1nU34NqBVxmcU/O0p+cwNoIReAxI1U/ojySUg/fL66:1d6Z1nU34ND3+cwN1ReNa/XSUg/26
Score

10^/10

hook infostealer rat trojan
- Hook
  Hook is an Android malware that is based on Ermac with RAT capabilities.
  rat trojan infostealer hook
- Makes use of the framework's Accessibility service
  Retrieves information displayed on the phone screen using AccessibilityService.
- Requests enabling of the accessibility settings.
- Acquires the wake lock
- Reads information about phone network operator.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

hookinfostealerrattrojan

behavioral2

hookinfostealerrattrojan

behavioral3

© 2018-2025

Terms | Privacy