Overview

overview

10

Static

static

6

dc4712f817...1d.apk

android-9-x86

10

dc4712f817...1d.apk

android-10-x64

10

dc4712f817...1d.apk

android-11-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dc4712f817e553e8371df12013c9ebe027056bdbd2aeb56442b5b46ac71f321d.apk

  • Size

    1.2MB

  • Sample

    231230-mcxvksgcak

  • MD5

    7c466ce81527867aa98ff5f187e54bc4

  • SHA1

    e394e2a93af3e746bbd87f2db3ecabf68ee45ba6

  • SHA256

    96d9021b3f63da9378e9208b640ebb670906718012db902a400ba101dbdbd3b6

  • SHA512

    dc084d7338b41c95b72fbd44c70f2c4dfd3864297eab96d173f58cf3b71d9bff9c068a971686cae8257d560143dd50afac3e1afcd807a5025eacc2631936cbeb

  • SSDEEP

    12288:CUZFO7Nq1wryobO83ubYZtsZcoc1IkcxxhtS/7iwbO+yq39DCn0yKLRrp8cWxgii:C6YqL83ublicCy+yq3kn0yIRrp83Gh

Score
10/10
hookandroidevasioninfostealerratstealthtrojan

Malware Config

Extracted

Family

hook

C2

http://173.254.235.53:3434

Targets

    • Target

      dc4712f817e553e8371df12013c9ebe027056bdbd2aeb56442b5b46ac71f321d.apk

    • Size

      1.2MB

    • MD5

      7c466ce81527867aa98ff5f187e54bc4

    • SHA1

      e394e2a93af3e746bbd87f2db3ecabf68ee45ba6

    • SHA256

      96d9021b3f63da9378e9208b640ebb670906718012db902a400ba101dbdbd3b6

    • SHA512

      dc084d7338b41c95b72fbd44c70f2c4dfd3864297eab96d173f58cf3b71d9bff9c068a971686cae8257d560143dd50afac3e1afcd807a5025eacc2631936cbeb

    • SSDEEP

      12288:CUZFO7Nq1wryobO83ubYZtsZcoc1IkcxxhtS/7iwbO+yq39DCn0yKLRrp8cWxgii:C6YqL83ublicCy+yq3kn0yIRrp83Gh

    Score
    10/10
    hookinfostealerrattrojanstealthevasion

    • Hook

      Hook is an Android malware that is based on Ermac with RAT capabilities.

      rattrojaninfostealerhook

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Removes its main activity from the application launcher

      stealthtrojan

    • Acquires the wake lock

    • Reads information about phone network operator.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks