ermac | 5084b7d04053dee696cf2c0774b9ce2862fc52d94cb91a817e6e2519199a61d5 | Triage

Submit
Reports

Overview

overview

Static

static

5084b7d040...d5.apk

android-9-x86

5084b7d040...d5.apk

android-10-x64

5084b7d040...d5.apk

android-11-x64

Sharing

General

Target

5084b7d04053dee696cf2c0774b9ce2862fc52d94cb91a817e6e2519199a61d5.bin
Size

1.1MB
Sample

240124-1xfzfsabdr
MD5

fdf405da2e5ea9d17bbd80c7135ff126
SHA1

88df35260863316572f7c1f4954715153e3b572d
SHA256

5084b7d04053dee696cf2c0774b9ce2862fc52d94cb91a817e6e2519199a61d5
SHA512

94e581eb2d9d09ad5d228218559f8fa8e2e2831f1998887fe242fa341777e5bb25fd5446836d4e4c54b25b6b2ca8c2d4dea5aad9c47d726246141f750c97ce57
SSDEEP

24576:h0gZareG8LKsstERHb1E8hsCDxRkpT2OU/o6yeng/8vpL:FMrH8W5texE85eT2z/Ceng/qL

Score

10^/10

ermac hook android evasion infostealer rat trojan

Static task

static1

5 signatures

Behavioral task

behavioral1

Sample

5084b7d04053dee696cf2c0774b9ce2862fc52d94cb91a817e6e2519199a61d5.apk

Resource

android-x86-arm-20231215-en

hook infostealer rat trojan

android-9-x86

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

5084b7d04053dee696cf2c0774b9ce2862fc52d94cb91a817e6e2519199a61d5.apk

Resource

android-x64-20231215-en

hook infostealer rat trojan

android-10-x64

4 signatures

150 seconds

Behavioral task

behavioral3

Sample

5084b7d04053dee696cf2c0774b9ce2862fc52d94cb91a817e6e2519199a61d5.apk

Resource

android-x64-arm64-20231215-en

hook evasion infostealer rat trojan

android-11-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  5084b7d04053dee696cf2c0774b9ce2862fc52d94cb91a817e6e2519199a61d5.bin
- Size
  
  1.1MB
- MD5
  
  fdf405da2e5ea9d17bbd80c7135ff126
- SHA1
  
  88df35260863316572f7c1f4954715153e3b572d
- SHA256
  
  5084b7d04053dee696cf2c0774b9ce2862fc52d94cb91a817e6e2519199a61d5
- SHA512
  
  94e581eb2d9d09ad5d228218559f8fa8e2e2831f1998887fe242fa341777e5bb25fd5446836d4e4c54b25b6b2ca8c2d4dea5aad9c47d726246141f750c97ce57
- SSDEEP
  
  24576:h0gZareG8LKsstERHb1E8hsCDxRkpT2OU/o6yeng/8vpL:FMrH8W5texE85eT2z/Ceng/qL
Score

10^/10

hook infostealer rat trojan evasion
- Hook
  Hook is an Android malware that is based on Ermac with RAT capabilities.
  rat trojan infostealer hook
- Makes use of the framework's Accessibility service
  Retrieves information displayed on the phone screen using AccessibilityService.
- Requests enabling of the accessibility settings.
- Acquires the wake lock
- Reads information about phone network operator.
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

hookinfostealerrattrojan

behavioral2

hookinfostealerrattrojan

behavioral3

hookevasioninfostealerrattrojan

© 2018-2025

Terms | Privacy