Overview

overview

10

Static

static

10

3fb779f445...9b.apk

android-9-x86

10

3fb779f445...9b.apk

android-10-x64

10

3fb779f445...9b.apk

android-11-x64

10

Analysis

  • max time kernel
    70s
  • max time network
    161s
  • platform
    android_x64
  • resource
    android-x64-arm64-20231215-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
  • submitted
    06-02-2024 22:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3fb779f4458ffedbf966e8b35040351968b657bf79c74e957ee550b9cb196d9b.apk

  • Size

    1.1MB

  • MD5

    6c27f2410f1185d4b9aac8d70e3cc2f1

  • SHA1

    5b4b87177d0b67fd6840f975ca3958b1d3339db1

  • SHA256

    3fb779f4458ffedbf966e8b35040351968b657bf79c74e957ee550b9cb196d9b

  • SHA512

    c9b811bbcf0ab88b61f6503623a95c091827b2e46e2f7ade508f7aa5042676b5439f8fd92952857f076e1e6772039827315ef7e5a0210102608366c27fdb747b

  • SSDEEP

    24576:TnS7OIqxgl2af2bJZFkbeIGsAEL6kgdZJo2y9Uzg/LbQq7T:bSLf2lZaeAL6pi9Uzg/T7T

Score
10/10
hookinfostealerrattrojan

Malware Config

Signatures

  • Hook

    Hook is an Android malware that is based on Ermac with RAT capabilities.

    rattrojaninfostealerhook
  • Makes use of the framework's Accessibility service 3 IoCs

    Retrieves information displayed on the phone screen using AccessibilityService.

  • Acquires the wake lock 1 IoCs
  • Reads information about phone network operator.

Processes

  • com.xahinelasonukagu.hudegeki
    1⤵
    • Makes use of the framework's Accessibility service
    • Acquires the wake lock
    PID:4485

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.xahinelasonukagu.hudegeki/no_backup/androidx.work.workdb
    Filesize

    4KB

    MD5

    7e858c4054eb00fcddc653a04e5cd1c6

    SHA1

    2e056bf31a8d78df136f02a62afeeca77f4faccf

    SHA256

    9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad

    SHA512

    d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

    Download Submit

  • /data/user/0/com.xahinelasonukagu.hudegeki/no_backup/androidx.work.workdb-journal
    Filesize

    512B

    MD5

    a7a68c33c9689415baf28fa3b184fb33

    SHA1

    4ced3d7e41a66962ac93f2610ed24147f95c037c

    SHA256

    47ae6e5713fd793ac1fb494213f6638e03243429468d7e782ff202eee616d53f

    SHA512

    89d8dcab8a67f55ae32bef93586bfdd28fe48d83e0e78b3a69c168abf0222fe153562ea2dfa5dba233df9d077c138d06036613de4f26469597aeb90a540ca901

    Download Submit

  • /data/user/0/com.xahinelasonukagu.hudegeki/no_backup/androidx.work.workdb-wal
    Filesize

    16KB

    MD5

    4f54e81a0952d0d8726d1f06f36f365f

    SHA1

    18baf7f63a6c3012da0312ce641deccc52a6f320

    SHA256

    2faaf42fab5b525f20fa8a9af3cbf8b65e878f5c98c14d1471dc86a7046b12c5

    SHA512

    893323e2e4d77d20f047b5ca6debe0466a907e4c8b5727e9067eba95ce69e4711b34b4cde5edb343721f1d0c6cd4bd94b618908c3ac9936e927a04627d06deca

    Download Submit

  • /data/user/0/com.xahinelasonukagu.hudegeki/no_backup/androidx.work.workdb-wal
    Filesize

    108KB

    MD5

    656cb927c7682e9ebe25354d7cdef6fa

    SHA1

    a8ee4a8f5954eb373b2b37d1876dc23853cfb2c9

    SHA256

    ffb677a1e4f8d6b2b7e6283b520faeee8782494a71555fab5f41305876eb13bf

    SHA512

    1eed22e9cb2b6aaca4954267f6b986aee368128654b5c580225aaab5bfc8c0559d950546422af427e37c5aabed309466a30535e84fcda001a43dbb9be09ca78b

    Download Submit

  • /data/user/0/com.xahinelasonukagu.hudegeki/no_backup/androidx.work.workdb-wal
    Filesize

    173KB

    MD5

    b2eea2e7a757f9794fdb3500659e2f20

    SHA1

    dca44ef689e2b91addea8f592eee5f621647c3cd

    SHA256

    7b1c0e8e6e2ed7c1ccd6f0f61e1255048cb0f76867163a392c640361b7fe8b4d

    SHA512

    8a2053812c7c29d78363dab87066e47aa616b205060251cb0838f1383c056c61dbd023b8b0233b80e2cda525a843df7f033bf987597e4403e82c99b80d5b8ca1

    Download Submit