Overview

overview

10

Static

static

10

7c7e421374...a2.apk

android-9-x86

10

7c7e421374...a2.apk

android-10-x64

10

7c7e421374...a2.apk

android-11-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7c7e4213746a2816953fc46ce73e69a1b38ded44263a810a4eaedde8511800a2

  • Size

    1.1MB

  • Sample

    240224-l63r9agf28

  • MD5

    a9cb55488b48219352f8c0eb7b5c3b72

  • SHA1

    5bd952beda27c8c16d88a3ac5e55a1ff9f1e67ef

  • SHA256

    7c7e4213746a2816953fc46ce73e69a1b38ded44263a810a4eaedde8511800a2

  • SHA512

    9fb71720a0a6322e2d86fa349cb9c5dcdc78fe2e2f93601d403bf4ea1b87488d0b8006e3b0dd5cf29d08d6f525f919e9fa47e13c7bb9cd54b48fab8622f6e246

  • SSDEEP

    24576:f0AVatewyf+fWGsGzGYPz2LXR5yPkoMOgSYv:M+j2fWGPXyDD2TgSE

Score
10/10
ermachookandroidcollectiondiscoveryevasioninfostealerrattrojan

Malware Config

Extracted

Family

hook

C2

http://93.123.39.169

AES_key

Targets

    • Target

      7c7e4213746a2816953fc46ce73e69a1b38ded44263a810a4eaedde8511800a2

    • Size

      1.1MB

    • MD5

      a9cb55488b48219352f8c0eb7b5c3b72

    • SHA1

      5bd952beda27c8c16d88a3ac5e55a1ff9f1e67ef

    • SHA256

      7c7e4213746a2816953fc46ce73e69a1b38ded44263a810a4eaedde8511800a2

    • SHA512

      9fb71720a0a6322e2d86fa349cb9c5dcdc78fe2e2f93601d403bf4ea1b87488d0b8006e3b0dd5cf29d08d6f525f919e9fa47e13c7bb9cd54b48fab8622f6e246

    • SSDEEP

      24576:f0AVatewyf+fWGsGzGYPz2LXR5yPkoMOgSYv:M+j2fWGPXyDD2TgSE

    Score
    10/10
    hookcollectiondiscoveryevasioninfostealerrattrojan

    • Hook

      Hook is an Android malware that is based on Ermac with RAT capabilities.

      rattrojaninfostealerhook

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

      collectionevasion

    • Acquires the wake lock

    • Reads information about phone network operator.

      discovery
    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks