ermac | 49b1a094b7abe2f2d0202cfc3023535d43b8450cf08e19647bb7127f22e5d739 | Triage

Submit
Reports

Overview

overview

Static

static

49b1a094b7...39.apk

android-9-x86

49b1a094b7...39.apk

android-10-x64

49b1a094b7...39.apk

android-11-x64

Sharing

General

Target

49b1a094b7abe2f2d0202cfc3023535d43b8450cf08e19647bb7127f22e5d739.bin
Size

1.1MB
Sample

240124-1yg8xaabhp
MD5

5f90d143a5de2341d18fc09d6977e27d
SHA1

0b3c79eaceb6fcedc61d7281bc08666c333c69b5
SHA256

49b1a094b7abe2f2d0202cfc3023535d43b8450cf08e19647bb7127f22e5d739
SHA512

bcb30c4ab6947bf31fe183e8d3cf234b076b4bbc28b34d9d68dc31971796fed9957bde69460c10ea4881a08c683cb9d26267ba9fa2689499af301c9157d314ba
SSDEEP

24576:zS4ik8yDvJ+iEGfXex8Ds1zoQQoip/ojyMxg/XvZKy5:zDR8yDQiE4eXj+/XMxg/Yy5

Score

10^/10

ermac hook android infostealer rat trojan

Static task

static1

6 signatures

Behavioral task

behavioral1

Sample

49b1a094b7abe2f2d0202cfc3023535d43b8450cf08e19647bb7127f22e5d739.apk

Resource

android-x86-arm-20231215-en

hook infostealer rat trojan

android-9-x86

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

49b1a094b7abe2f2d0202cfc3023535d43b8450cf08e19647bb7127f22e5d739.apk

Resource

android-x64-20231215-en

hook infostealer rat trojan

android-10-x64

5 signatures

150 seconds

Behavioral task

behavioral3

Sample

49b1a094b7abe2f2d0202cfc3023535d43b8450cf08e19647bb7127f22e5d739.apk

Resource

android-x64-arm64-20231215-en

hook infostealer rat trojan

android-11-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

hook

AES_key

Targets

- Target
  
  49b1a094b7abe2f2d0202cfc3023535d43b8450cf08e19647bb7127f22e5d739.bin
- Size
  
  1.1MB
- MD5
  
  5f90d143a5de2341d18fc09d6977e27d
- SHA1
  
  0b3c79eaceb6fcedc61d7281bc08666c333c69b5
- SHA256
  
  49b1a094b7abe2f2d0202cfc3023535d43b8450cf08e19647bb7127f22e5d739
- SHA512
  
  bcb30c4ab6947bf31fe183e8d3cf234b076b4bbc28b34d9d68dc31971796fed9957bde69460c10ea4881a08c683cb9d26267ba9fa2689499af301c9157d314ba
- SSDEEP
  
  24576:zS4ik8yDvJ+iEGfXex8Ds1zoQQoip/ojyMxg/XvZKy5:zDR8yDQiE4eXj+/XMxg/Yy5
Score

10^/10

hook infostealer rat trojan
- Hook
  Hook is an Android malware that is based on Ermac with RAT capabilities.
  rat trojan infostealer hook
- Makes use of the framework's Accessibility service
  Retrieves information displayed on the phone screen using AccessibilityService.
- Requests enabling of the accessibility settings.
- Acquires the wake lock
- Reads information about phone network operator.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

hookinfostealerrattrojan

behavioral2

hookinfostealerrattrojan

behavioral3

hookinfostealerrattrojan

© 2018-2025

Terms | Privacy