Extracted

• • Target

    0af0346e32955f66d6de014d6bbb096337ffc1632b62a077034f8426ef9c365c.bin

  • Size

    3.8MB

  • MD5

    8fb4312542d665397898fcae12d9a7d3

  • SHA1

    7dfee7eced4717e0b11ee828bf04cc9678be877a

  • SHA256

    0af0346e32955f66d6de014d6bbb096337ffc1632b62a077034f8426ef9c365c

  • SHA512

    161e16b76d46f11f6511007ab854e4a0d68e42eb7c795b137d417bf100c4c7412ccdfb8850a9f7445da271df02681779becaf1e5300e609f49a99be687b375e6

  • SSDEEP

    98304:zImjEiCIHoP9M3ywsFhXFgTtGkpZjOjjuJoy0VFm/:jExvVM3y/LXF6ttpJ6yk2

  Score

  10^/10

  hookcollectiondiscoveryevasioninfostealerrattrojanbanker

  • Hook

    Hook is an Android malware that is based on Ermac with RAT capabilities.

    rattrojaninfostealerhook

  • Makes use of the framework's Accessibility service

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectionevasion

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Loads dropped Dex/Jar

    Runs executable file dropped to the device during analysis.

  • Acquires the wake lock

  • Reads information about phone network operator.

    discovery

  • Requests disabling of battery optimizations (often used to enable hiding in the background).

    evasion
  behavioral1behavioral2behavioral3