ermac | 98ec0c587100d35500cf64dbea79054417477522438e55ab2949ce079d6278c9 | Triage

Submit
Reports

Overview

overview

Static

static

98ec0c5871...c9.apk

android-9-x86

98ec0c5871...c9.apk

android-10-x64

98ec0c5871...c9.apk

android-11-x64

Sharing

General

Target

98ec0c587100d35500cf64dbea79054417477522438e55ab2949ce079d6278c9.bin
Size

1.1MB
Sample

240120-1xxbfahgf2
MD5

d2ceaa255c3c2684d843e3d8e25de89d
SHA1

f65a3cf7fe2c80d9727f72b7a32efe6dc9352066
SHA256

98ec0c587100d35500cf64dbea79054417477522438e55ab2949ce079d6278c9
SHA512

47aba42179b3a9eb161414783fd36ab96a649f2e19b44a0bdd1e34510233a4725f95c854715e5b0b2e3b19be17156f5952000d2d3f33be62a4671d913ba831ff
SSDEEP

24576:5/9BNPqJQT/JSuC+0SvxQnTgyZmeSuoj4Tkg/88H7:7qJQT/JSulZSkWlTkg/t7

Score

10^/10

ermac hook android infostealer rat trojan

Static task

static1

6 signatures

Behavioral task

behavioral1

Sample

98ec0c587100d35500cf64dbea79054417477522438e55ab2949ce079d6278c9.apk

Resource

android-x86-arm-20231215-en

hook infostealer rat trojan

android-9-x86

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

98ec0c587100d35500cf64dbea79054417477522438e55ab2949ce079d6278c9.apk

Resource

android-x64-20231215-en

hook infostealer rat trojan

android-10-x64

5 signatures

150 seconds

Behavioral task

behavioral3

Sample

98ec0c587100d35500cf64dbea79054417477522438e55ab2949ce079d6278c9.apk

Resource

android-x64-arm64-20231215-en

hook infostealer rat trojan

android-11-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

hook

C2

http://172.16.39.137:3434

AES_key

Targets

- Target
  
  98ec0c587100d35500cf64dbea79054417477522438e55ab2949ce079d6278c9.bin
- Size
  
  1.1MB
- MD5
  
  d2ceaa255c3c2684d843e3d8e25de89d
- SHA1
  
  f65a3cf7fe2c80d9727f72b7a32efe6dc9352066
- SHA256
  
  98ec0c587100d35500cf64dbea79054417477522438e55ab2949ce079d6278c9
- SHA512
  
  47aba42179b3a9eb161414783fd36ab96a649f2e19b44a0bdd1e34510233a4725f95c854715e5b0b2e3b19be17156f5952000d2d3f33be62a4671d913ba831ff
- SSDEEP
  
  24576:5/9BNPqJQT/JSuC+0SvxQnTgyZmeSuoj4Tkg/88H7:7qJQT/JSulZSkWlTkg/t7
Score

10^/10

hook infostealer rat trojan
- Hook
  Hook is an Android malware that is based on Ermac with RAT capabilities.
  rat trojan infostealer hook
- Makes use of the framework's Accessibility service
  Retrieves information displayed on the phone screen using AccessibilityService.
- Acquires the wake lock
- Reads information about phone network operator.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

hookinfostealerrattrojan

behavioral2

hookinfostealerrattrojan

behavioral3

hookinfostealerrattrojan

© 2018-2025

Terms | Privacy