hook | 5789aeb0d77bd94cb024c2baeda436ee0361ecf68b474a8185a933b5dee000ce | Triage

Submit
Reports

Overview

overview

Static

static

6

5789aeb0d7...ce.apk

android-9-x86

5789aeb0d7...ce.apk

android-10-x64

5789aeb0d7...ce.apk

android-11-x64

Sharing

General

Target

5789aeb0d77bd94cb024c2baeda436ee0361ecf68b474a8185a933b5dee000ce.bin
Size

1.9MB
Sample

240219-1xkyeaeg87
MD5

4801b59592e9a335cef4a3e210f38c68
SHA1

089cb14e41feec7fcffa1ca934f15db33d5bae90
SHA256

5789aeb0d77bd94cb024c2baeda436ee0361ecf68b474a8185a933b5dee000ce
SHA512

23d052f51fb2fc48b7f5fd77f1f5d69a6ed1e0ddcf82c3ba74b0aa26bdacb38f6893c06eb4aa6b648a84a6e3ca1f977f2c4722831c89f67b386f3a2c7ecfc4d4
SSDEEP

49152:WEmKrjPT0dWF05dLMVTFdr4pstRMhE5cJ5nh2:JPP4dWWbMVTFdr4ePh5c2

Score

10^/10

hook android banker infostealer rat stealth trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

5789aeb0d77bd94cb024c2baeda436ee0361ecf68b474a8185a933b5dee000ce.apk

Resource

android-x86-arm-20231215-en

hook banker infostealer rat stealth trojan

android-9-x86

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

5789aeb0d77bd94cb024c2baeda436ee0361ecf68b474a8185a933b5dee000ce.apk

Resource

android-x64-20231215-en

hook banker infostealer rat stealth trojan

android-10-x64

7 signatures

150 seconds

Behavioral task

behavioral3

Sample

5789aeb0d77bd94cb024c2baeda436ee0361ecf68b474a8185a933b5dee000ce.apk

Resource

android-x64-arm64-20231215-en

hook infostealer rat stealth trojan

android-11-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

hook

C2

http://94.177.106.48:3434

AES_key

Targets

- Target
  
  5789aeb0d77bd94cb024c2baeda436ee0361ecf68b474a8185a933b5dee000ce.bin
- Size
  
  1.9MB
- MD5
  
  4801b59592e9a335cef4a3e210f38c68
- SHA1
  
  089cb14e41feec7fcffa1ca934f15db33d5bae90
- SHA256
  
  5789aeb0d77bd94cb024c2baeda436ee0361ecf68b474a8185a933b5dee000ce
- SHA512
  
  23d052f51fb2fc48b7f5fd77f1f5d69a6ed1e0ddcf82c3ba74b0aa26bdacb38f6893c06eb4aa6b648a84a6e3ca1f977f2c4722831c89f67b386f3a2c7ecfc4d4
- SSDEEP
  
  49152:WEmKrjPT0dWF05dLMVTFdr4pstRMhE5cJ5nh2:JPP4dWWbMVTFdr4ePh5c2
Score

10^/10

hook banker infostealer rat stealth trojan
- Hook
  Hook is an Android malware that is based on Ermac with RAT capabilities.
  rat trojan infostealer hook
- Makes use of the framework's Accessibility service
  Retrieves information displayed on the phone screen using AccessibilityService.
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker
- Removes its main activity from the application launcher
  stealth trojan
- Acquires the wake lock
- Reads information about phone network operator.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

hookbankerinfostealerratstealthtrojan

behavioral2

hookbankerinfostealerratstealthtrojan

behavioral3

hookinfostealerratstealthtrojan

© 2018-2025

Terms | Privacy