Extracted

• • Target

    fee9632fb0d203d1e945339015252b8c4f0f326c3094b93ddc14ab7806ad80f1.bin

  • Size

    1.1MB

  • MD5

    7f3fbd968788cd060ed891149d7019e8

  • SHA1

    8c06f8c0db215d1b592b8b36581270f6f8b07bc6

  • SHA256

    fee9632fb0d203d1e945339015252b8c4f0f326c3094b93ddc14ab7806ad80f1

  • SHA512

    2a2c26757f55fc7796d54e59a41432c95959e0d54b4d49c8435f9d75bd21c90466f687af440a38f9a0ced73f5c0a8c0148d32a5d9677cbb2551ec35a94586f2a

  • SSDEEP

    24576:votkkugX/a0C9GbCJy8MkBUWjXuoE/oJyONg/Pe8TW:AtkkTa0O5UkW/tONg/nW

  Score

  10^/10

  collectiondiscoveryevasionhookinfostealerrattrojan

  • Hook

    Hook is an Android malware that is based on Ermac with RAT capabilities.

    rattrojaninfostealerhook

  • Makes use of the framework's Accessibility service

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectionevasion

  • Requests enabling of the accessibility settings.

  • Acquires the wake lock

  • Reads information about phone network operator.

    discovery
  behavioral1behavioral2behavioral3