Overview

overview

10

Static

static

6

cd6509d9fb...5f.apk

android-9-x86

10

cd6509d9fb...5f.apk

android-10-x64

10

cd6509d9fb...5f.apk

android-11-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cd6509d9fbd70121035a18f0e75b0e5f.apk

  • Size

    3.1MB

  • Sample

    240212-w4x44aah7z

  • MD5

    cd6509d9fbd70121035a18f0e75b0e5f

  • SHA1

    ce71b79b5dcdcf2ec07ba90e32baa4b782d635da

  • SHA256

    c92742794cd107cd3aaa340461c8957134af7d6a8c703545be09eadad6a3ebf2

  • SHA512

    b0ed3f65b81102ccee1e539125df2be49390d2dfb90cea32eb439a849a5882db71dc17e4c269c0d777f8e39ffd39418287f3573e92b7b99e3f33de7ca83a2049

  • SSDEEP

    98304:YiFhn+C12SojeGOuIQnHQ9XieS6qke2DcxPtjyK/Cxl:WSojeGnIyHQRG6qke2DqPxo

Score
10/10
ermachookandroidbankerinfostealerratstealthtrojan

Malware Config

Extracted

Family

ermac

AES_key

Extracted

Family

hook

AES_key

Targets

    • Target

      cd6509d9fbd70121035a18f0e75b0e5f.apk

    • Size

      3.1MB

    • MD5

      cd6509d9fbd70121035a18f0e75b0e5f

    • SHA1

      ce71b79b5dcdcf2ec07ba90e32baa4b782d635da

    • SHA256

      c92742794cd107cd3aaa340461c8957134af7d6a8c703545be09eadad6a3ebf2

    • SHA512

      b0ed3f65b81102ccee1e539125df2be49390d2dfb90cea32eb439a849a5882db71dc17e4c269c0d777f8e39ffd39418287f3573e92b7b99e3f33de7ca83a2049

    • SSDEEP

      98304:YiFhn+C12SojeGOuIQnHQ9XieS6qke2DcxPtjyK/Cxl:WSojeGnIyHQRG6qke2DqPxo

    Score
    10/10
    ermachookbankerinfostealerratstealthtrojan

    • Ermac

      An Android banking trojan first seen in July 2021.

      bankertrojaninfostealerermac

    • Ermac2 payload

    • Hook

      Hook is an Android malware that is based on Ermac with RAT capabilities.

      rattrojaninfostealerhook

    • Removes its main activity from the application launcher

      stealthtrojan

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks