ermac | 6bf19a4ad7ab38a5bac8b7aeeba553c62acc5b45c2b01e83def8de5dd1025411 | Triage

Submit
Reports

Overview

overview

Static

static

6bf19a4ad7...11.apk

android-9-x86

6bf19a4ad7...11.apk

android-10-x64

8

6bf19a4ad7...11.apk

android-11-x64

Sharing

General

Target

6bf19a4ad7ab38a5bac8b7aeeba553c62acc5b45c2b01e83def8de5dd1025411.bin
Size

1.2MB
Sample

240122-1yhvfadefj
MD5

d56348a730152e40089563d47a40a253
SHA1

c919bb40b2eea5d65e0bb3b5d42807b05bfe7816
SHA256

6bf19a4ad7ab38a5bac8b7aeeba553c62acc5b45c2b01e83def8de5dd1025411
SHA512

e8383ae1887d024185406e36b35d611a163ff8c4532769a6a5370574cd3b521cb6a55d6f553056cff1ea2a2cc26426abe431f68783575113ad1bfa1b0f31218b
SSDEEP

24576:Oc2R6VbldKXkXEYrCU51Q+7J69GP7XnmF1QlACAUX4e4ygSyO:OcC69x0reQ+NYGTsmqhePgSP

Score

10^/10

ermac hook android banker infostealer rat trojan

Static task

static1

6 signatures

Behavioral task

behavioral1

Sample

6bf19a4ad7ab38a5bac8b7aeeba553c62acc5b45c2b01e83def8de5dd1025411.apk

Resource

android-x86-arm-20231215-en

hook banker infostealer rat trojan

android-9-x86

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

6bf19a4ad7ab38a5bac8b7aeeba553c62acc5b45c2b01e83def8de5dd1025411.apk

Resource

android-x64-20231215-en

android-10-x64

4 signatures

150 seconds

Behavioral task

behavioral3

Sample

6bf19a4ad7ab38a5bac8b7aeeba553c62acc5b45c2b01e83def8de5dd1025411.apk

Resource

android-x64-arm64-20231215-en

hook banker infostealer rat trojan

android-11-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

hook

C2

http://93.123.39.77:3434

AES_key

Targets

- Target
  
  6bf19a4ad7ab38a5bac8b7aeeba553c62acc5b45c2b01e83def8de5dd1025411.bin
- Size
  
  1.2MB
- MD5
  
  d56348a730152e40089563d47a40a253
- SHA1
  
  c919bb40b2eea5d65e0bb3b5d42807b05bfe7816
- SHA256
  
  6bf19a4ad7ab38a5bac8b7aeeba553c62acc5b45c2b01e83def8de5dd1025411
- SHA512
  
  e8383ae1887d024185406e36b35d611a163ff8c4532769a6a5370574cd3b521cb6a55d6f553056cff1ea2a2cc26426abe431f68783575113ad1bfa1b0f31218b
- SSDEEP
  
  24576:Oc2R6VbldKXkXEYrCU51Q+7J69GP7XnmF1QlACAUX4e4ygSyO:OcC69x0reQ+NYGTsmqhePgSP
Score

10^/10

hook banker infostealer rat trojan
- Hook
  Hook is an Android malware that is based on Ermac with RAT capabilities.
  rat trojan infostealer hook
- Makes use of the framework's Accessibility service
  Retrieves information displayed on the phone screen using AccessibilityService.
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker
- Acquires the wake lock
- Reads information about phone network operator.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

hookbankerinfostealerrattrojan

behavioral2

behavioral3

hookbankerinfostealerrattrojan

© 2018-2025

Terms | Privacy