ermac | 6458c39b417c7d61028c5187b083c92fd74a77694cd0958b7f48249c9ff1297b | Triage

Submit
Reports

Overview

overview

Static

static

6458c39b41...7b.apk

android-9-x86

6458c39b41...7b.apk

android-10-x64

6458c39b41...7b.apk

android-11-x64

Sharing

General

Target

6458c39b417c7d61028c5187b083c92fd74a77694cd0958b7f48249c9ff1297b.bin
Size

1.5MB
Sample

240124-1xmr1aabep
MD5

2d394b49050f9d5280a010774301b46e
SHA1

f786cbbdadc23884dc4d1def78870611b0248ca8
SHA256

6458c39b417c7d61028c5187b083c92fd74a77694cd0958b7f48249c9ff1297b
SHA512

77f49f62ea63da3a2abab6a912118ca3d49830e73fb9a9fce60144c7f51c6ac3407a21cada7bd6f825d6efccd37260af55392ee4f70ebfdc5e83d79c46555ae8
SSDEEP

24576:Hw/7W29sPCKOvEeyxkYG2PBaPnsiYB41oIDYUvsp6yqymn9+uZvaoqiLGbeg/lbU:HwTWMsPCHwx1TpaEwvvnqe9zYoCbeg/+

Score

10^/10

ermac hook android infostealer rat trojan

Static task

static1

5 signatures

Behavioral task

behavioral1

Sample

6458c39b417c7d61028c5187b083c92fd74a77694cd0958b7f48249c9ff1297b.apk

Resource

android-x86-arm-20231215-en

hook infostealer rat trojan

android-9-x86

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

6458c39b417c7d61028c5187b083c92fd74a77694cd0958b7f48249c9ff1297b.apk

Resource

android-x64-20231215-en

hook infostealer rat trojan

android-10-x64

5 signatures

150 seconds

Behavioral task

behavioral3

Sample

6458c39b417c7d61028c5187b083c92fd74a77694cd0958b7f48249c9ff1297b.apk

Resource

android-x64-arm64-20231215-en

hook infostealer rat trojan

android-11-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

hook

C2

http://135.181.168.156; http://135.181.168.156

http://135.181.168.156

AES_key

Targets

- Target
  
  6458c39b417c7d61028c5187b083c92fd74a77694cd0958b7f48249c9ff1297b.bin
- Size
  
  1.5MB
- MD5
  
  2d394b49050f9d5280a010774301b46e
- SHA1
  
  f786cbbdadc23884dc4d1def78870611b0248ca8
- SHA256
  
  6458c39b417c7d61028c5187b083c92fd74a77694cd0958b7f48249c9ff1297b
- SHA512
  
  77f49f62ea63da3a2abab6a912118ca3d49830e73fb9a9fce60144c7f51c6ac3407a21cada7bd6f825d6efccd37260af55392ee4f70ebfdc5e83d79c46555ae8
- SSDEEP
  
  24576:Hw/7W29sPCKOvEeyxkYG2PBaPnsiYB41oIDYUvsp6yqymn9+uZvaoqiLGbeg/lbU:HwTWMsPCHwx1TpaEwvvnqe9zYoCbeg/+
Score

10^/10

hook infostealer rat trojan
- Hook
  Hook is an Android malware that is based on Ermac with RAT capabilities.
  rat trojan infostealer hook
- Makes use of the framework's Accessibility service
  Retrieves information displayed on the phone screen using AccessibilityService.
- Acquires the wake lock
- Reads information about phone network operator.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

hookinfostealerrattrojan

behavioral2

hookinfostealerrattrojan

behavioral3

hookinfostealerrattrojan

© 2018-2025

Terms | Privacy