Overview

overview

10

Static

static

10

861035d786...3b.apk

android-9-x86

10

861035d786...3b.apk

android-10-x64

10

861035d786...3b.apk

android-11-x64

10

Resubmissions

03-02-2024 23:50

240203-3vjzfacff5 10

03-02-2024 22:00

240203-1wnynsbad4 10

Analysis

  • max time kernel
    7s
  • max time network
    131s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    03-02-2024 23:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    861035d786e4ba1ec206fcb22abf18e682b3c8481475e38fee54757fe8481c3b.apk

  • Size

    2.0MB

  • MD5

    7913e9cd5a581f61748f528242595843

  • SHA1

    6b46d917515c50d5d658bc7f73dd408a7c77eec7

  • SHA256

    861035d786e4ba1ec206fcb22abf18e682b3c8481475e38fee54757fe8481c3b

  • SHA512

    379617b6e340052a4148e27ea4ac606e105e44179b7d367e922463b853e8c86217de53c208295e3ea4c7f5eca4eee200094de9edab1d8cc5d1703bf4e16d7af2

  • SSDEEP

    49152:8dLFSkaUlfhR7hQsgeHqGQfRIycGDIvdrGe:8dLFVhTqGQfiRGDab

Score
10/10
ermacbankerinfostealertrojan

Malware Config

Signatures

  • Ermac

    An Android banking trojan first seen in July 2021.

    bankertrojaninfostealerermac
  • Ermac2 payload 2 IoCs
  • Loads dropped Dex/Jar 3 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • com.lapagopomipavu.zuke
    1⤵
    • Loads dropped Dex/Jar
    PID:4267
    • /system/bin/dex2oat --debuggable --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --debuggable --generate-mini-debug-info --dex-file=/data/user/0/com.lapagopomipavu.zuke/app_apkprotector_dex/classes-v1.bin --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/com.lapagopomipavu.zuke/app_apkprotector_dex/oat/x86/classes-v1.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4295

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.lapagopomipavu.zuke/app_apkprotector_dex/classes-v1.bin
    Filesize

    16KB

    MD5

    c934ef774d63401bb93a896c3082f742

    SHA1

    40f5c1c9bc6b7f64563f9f7e976ab982113e305f

    SHA256

    4272dcf967184999f72ad61c03d1fa52556db20d44f45bb15700aec988c397fc

    SHA512

    f89b0833b93c1077d0068d685a9e8a50c59854f3c8470f8f377799e0a8a1c1872109f5e9551be44bc8b60342370b4c5a7d1dcac925476eee0cdc1fc66d907e7b

    Download Submit

  • /data/data/com.lapagopomipavu.zuke/no_backup/androidx.work.workdb
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.lapagopomipavu.zuke/no_backup/androidx.work.workdb-journal
    Filesize

    512B

    MD5

    02f0df2b34680fef5f88a642fd1aa40c

    SHA1

    6902a25db4e02b2569fcf4d89697cabe40a347d1

    SHA256

    b333e9d22c016ad2e6a9bb75d8caaf45751c90e7665a5d084e07a85dff1b3243

    SHA512

    83fa1ce433cf5001a394a3e6ea55f8477f6155e5df29197a5cfa237a0311fe3d11663c84f009fa8e7ee45d52bd524c54858a2318e22787b95e1be3f657c5dc43

    Download Submit

  • /data/data/com.lapagopomipavu.zuke/no_backup/androidx.work.workdb-wal
    Filesize

    16KB

    MD5

    1a552a683e0e7ba5368a2139bc840cea

    SHA1

    9f24bd834b80725170936d3943c550f8a69b3da6

    SHA256

    a6ee8e39190575f2ac56dcbdc13ec1ea54f189b04f279a601fe401ddb304ada3

    SHA512

    372481525cd0d3b7001d3b1c3be05fe9ac924eff020f54cef97d0af6b1a3b3801ac62a5e203525440eb370674998417763ca8417f1dac1b455b2aa0313ed687d

    Download Submit

  • /data/user/0/com.lapagopomipavu.zuke/app_apkprotector_dex/classes-v1.bin
    Filesize

    1.7MB

    MD5

    d75cf9b3238dd299ca9c2e41bb286b0e

    SHA1

    597f5b25648eff50dbb72962a592b4be98c60e16

    SHA256

    81ee1aaf066b158109b5208dfa554683c1a9681331b82c9e22f5023bb993552d

    SHA512

    65062731b58d675d890c9bf4265a1dec5959a8eba0691f373e330262b51d8593a2738a6abfcc54022dc65952aa49064c26e36065067b3daac50446f8812b4fee

    Download Submit