Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

861035d786...3b.apk

android-9-x86

10

861035d786...3b.apk

android-10-x64

10

861035d786...3b.apk

android-11-x64

10

Resubmissions

03/02/2024, 23:50 UTC

240203-3vjzfacff5 10

03/02/2024, 22:00 UTC

240203-1wnynsbad4 10

Analysis

  • max time kernel
    5s
  • max time network
    154s
  • platform
    android_x64
  • resource
    android-x64-20231215-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
  • submitted
    03/02/2024, 23:50 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    861035d786e4ba1ec206fcb22abf18e682b3c8481475e38fee54757fe8481c3b.apk

  • Size

    2.0MB

  • MD5

    7913e9cd5a581f61748f528242595843

  • SHA1

    6b46d917515c50d5d658bc7f73dd408a7c77eec7

  • SHA256

    861035d786e4ba1ec206fcb22abf18e682b3c8481475e38fee54757fe8481c3b

  • SHA512

    379617b6e340052a4148e27ea4ac606e105e44179b7d367e922463b853e8c86217de53c208295e3ea4c7f5eca4eee200094de9edab1d8cc5d1703bf4e16d7af2

  • SSDEEP

    49152:8dLFSkaUlfhR7hQsgeHqGQfRIycGDIvdrGe:8dLFVhTqGQfiRGDab

Score
10/10
ermacbankerinfostealertrojan

Malware Config

Signatures

  • Ermac

    An Android banking trojan first seen in July 2021.

    bankertrojaninfostealerermac
  • Ermac2 payload 2 IoCs
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • com.lapagopomipavu.zuke
    1⤵
    • Loads dropped Dex/Jar
    PID:5057

Network

  • flag-us
    DNS
    ssl.google-analytics.com
    Remote address:
    1.1.1.1:53
    Request
    ssl.google-analytics.com
    IN A
    Response
    ssl.google-analytics.com
    IN A
    172.217.16.232
  • flag-us
    DNS
    android.apis.google.com
    Remote address:
    1.1.1.1:53
    Request
    android.apis.google.com
    IN A
    Response
    android.apis.google.com
    IN CNAME
    clients.l.google.com
    clients.l.google.com
    IN A
    216.58.204.78
  • 172.217.16.232:443
    ssl.google-analytics.com
    tls
    1.3kB
     5.9kB
     9
    9
  • 172.217.16.238:443
    tls, https
    857 B
     40 B
     1
    1
  • 216.58.204.78:443
    android.apis.google.com
    tls
    3.7kB
     8.1kB
     12
    19
  • 216.58.213.4:443
    tls, https
    653 B
     40 B
     2
    1
  • 216.58.213.4:443
    www.google.com
    tls
    8.5kB
     12.7kB
     26
    40
  • 172.217.169.46:443
    520 B
     10
  • 172.217.16.226:443
    520 B
     10
  • 224.0.0.251:5353
    3.7kB
     11
  • 1.1.1.1:53
    ssl.google-analytics.com
    dns
    70 B
     86 B
     1
    1

    DNS Request

    ssl.google-analytics.com

    DNS Response

    172.217.16.232

  • 1.1.1.1:53
    android.apis.google.com
    dns
    69 B
     109 B
     1
    1

    DNS Request

    android.apis.google.com

    DNS Response

    216.58.204.78

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.lapagopomipavu.zuke/app_apkprotector_dex/classes-v1.bin
    Filesize

    10KB

    MD5

    301a517a2a6d68b572c6d1f729ffd981

    SHA1

    2929ad52858b63d8d9e54680baf9449c7140119b

    SHA256

    53a1b5b6788f244461e6eebf6d2db2fdccf5d4e164bdc4656802b71547570564

    SHA512

    70ba3c68b3444473b58a1217ac1e405bb2d7b44f88ba55d3a9ee085a942265d2ce7e4c689b422176d8887950799a1b7961a137f035aa1271a7c23dcc360b2f25

    Download Submit

  • /data/data/com.lapagopomipavu.zuke/no_backup/androidx.work.workdb
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.lapagopomipavu.zuke/no_backup/androidx.work.workdb-journal
    Filesize

    512B

    MD5

    37d3144e088e7ee848d73ddf16295c92

    SHA1

    be1a839d6d084721710bbb5d29287978d0867bee

    SHA256

    0ed6e373ef0d92f91ff41fe05e0ae354a6d6eb0fd3a6347cee8606279d53f757

    SHA512

    50c2ee6a697dd88081c7d125137a768ed54438bd021d9d0698b36f118397c9b0ad42edf517db8869d828ac80200ad5ecf24ddf9a67c60cc5c87af731c9420818

    Download Submit

  • /data/data/com.lapagopomipavu.zuke/no_backup/androidx.work.workdb-wal
    Filesize

    16KB

    MD5

    1503e34d173c756cbfa90e835eef7e6f

    SHA1

    232ca7bacc6441f67663d5c31e90e26367973579

    SHA256

    9e1e0070d788241eadd211ce8ee0968f9f264c05e57de29afcf299b3f28302a6

    SHA512

    5beee5674282cb322d26917f4974dc0fab69821f5b31e9650b1b422d1bfbd7a3abf947eaa910f17c73cf36e6ff59585e404fb596a1813ef98bb3a4cdcd2a306c

    Download Submit

  • /data/user/0/com.lapagopomipavu.zuke/app_apkprotector_dex/classes-v1.bin
    Filesize

    1.7MB

    MD5

    d75cf9b3238dd299ca9c2e41bb286b0e

    SHA1

    597f5b25648eff50dbb72962a592b4be98c60e16

    SHA256

    81ee1aaf066b158109b5208dfa554683c1a9681331b82c9e22f5023bb993552d

    SHA512

    65062731b58d675d890c9bf4265a1dec5959a8eba0691f373e330262b51d8593a2738a6abfcc54022dc65952aa49064c26e36065067b3daac50446f8812b4fee

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.