Analysis
-
max time kernel
150s -
max time network
131s -
platform
android_x86 -
resource
android-x86-arm-20231215-en -
resource tags
-
submitted
06-02-2024 22:02
General
-
Target
3fb779f4458ffedbf966e8b35040351968b657bf79c74e957ee550b9cb196d9b.apk
-
Size
1.1MB
-
MD5
6c27f2410f1185d4b9aac8d70e3cc2f1
-
SHA1
5b4b87177d0b67fd6840f975ca3958b1d3339db1
-
SHA256
3fb779f4458ffedbf966e8b35040351968b657bf79c74e957ee550b9cb196d9b
-
SHA512
c9b811bbcf0ab88b61f6503623a95c091827b2e46e2f7ade508f7aa5042676b5439f8fd92952857f076e1e6772039827315ef7e5a0210102608366c27fdb747b
-
SSDEEP
24576:TnS7OIqxgl2af2bJZFkbeIGsAEL6kgdZJo2y9Uzg/LbQq7T:bSLf2lZaeAL6pi9Uzg/T7T
Malware Config
Signatures
-
Hook
Hook is an Android malware that is based on Ermac with RAT capabilities.
-
Makes use of the framework's Accessibility service 3 IoCs
Retrieves information displayed on the phone screen using AccessibilityService.
-
Acquires the wake lock 1 IoCs
-
Reads information about phone network operator.
Processes
-
com.xahinelasonukagu.hudegeki1⤵
- Makes use of the framework's Accessibility service
- Acquires the wake lock
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
108KB
MD5b24d3097d97f293e5fde9bebd8573a6a
SHA11ab3d491337931688451dbff99cf136d7b4da5b4
SHA2565dc4fa454e439e39464053b167ed3be346629b7c2e12822b760950d320f1c78f
SHA512c87bfe96ec1b1a3fe81857ef2993a26152624f7c68b5d6479d37d9d5c64ec883ac6e3e08ddc394cef655ab1814f86f88451fb79e34ddd30cdb1d0d96fbac6189
-
Filesize
148KB
MD514f77a546a4fe033e62505bdfde28d90
SHA1f3b7608d4c46a061398e93a4cae00b8de5e86d7c
SHA256605c41b95a86268fa00418f2d46da0c6e2621117704670b61041b0fc49101052
SHA512438d481281a64fc87f6d3b6c8be3b448f071463f3976974451c1a47135f1483771f0b2f7fc72ba9632a3098a3001caff9d8c8c404867f43f101da3aedae237c8