ermac | 8d20189cd3865e13ce0c943b72472600308b40db54080c45d6b84117b69a6d52 | Triage

Submit
Reports

Overview

overview

Static

static

8d20189cd3...52.apk

android-9-x86

8d20189cd3...52.apk

android-10-x64

8d20189cd3...52.apk

android-11-x64

Sharing

General

Target

8d20189cd3865e13ce0c943b72472600308b40db54080c45d6b84117b69a6d52
Size

1.1MB
Sample

240314-kxt83sfg3v
MD5

f6c6e7b69ba6026646d229757a7c0dcd
SHA1

af240d54bc5c9f31646da0a220e0679b0acb194e
SHA256

8d20189cd3865e13ce0c943b72472600308b40db54080c45d6b84117b69a6d52
SHA512

b0220f3171cda248a3306547c58fb52323467553cca7290e1c3ccb78855b4244b1c45576508f42f86c76c1352dbf5148156aa62251320d07e6bb7346cbe2c2dd
SSDEEP

24576:NUlxsCIH/aelw2APkxE5ecT6AEVj3nIg/SsDl:NmxsfaAx+kMCBnIg/1

Score

10^/10

ermac hook android collection discovery evasion infostealer rat trojan

Static task

static1

5 signatures

Behavioral task

behavioral1

Sample

8d20189cd3865e13ce0c943b72472600308b40db54080c45d6b84117b69a6d52.apk

Resource

android-x86-arm-20240221-en

hook collection discovery evasion infostealer rat trojan

android-9-x86

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

8d20189cd3865e13ce0c943b72472600308b40db54080c45d6b84117b69a6d52.apk

Resource

android-x64-20240221-en

hook collection discovery evasion infostealer rat trojan

android-10-x64

4 signatures

150 seconds

Behavioral task

behavioral3

Sample

8d20189cd3865e13ce0c943b72472600308b40db54080c45d6b84117b69a6d52.apk

Resource

android-x64-arm64-20240221-en

hook collection discovery evasion infostealer rat trojan

android-11-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

hook

C2

%INSERT_URL_HERE%

Targets

- Target
  
  8d20189cd3865e13ce0c943b72472600308b40db54080c45d6b84117b69a6d52
- Size
  
  1.1MB
- MD5
  
  f6c6e7b69ba6026646d229757a7c0dcd
- SHA1
  
  af240d54bc5c9f31646da0a220e0679b0acb194e
- SHA256
  
  8d20189cd3865e13ce0c943b72472600308b40db54080c45d6b84117b69a6d52
- SHA512
  
  b0220f3171cda248a3306547c58fb52323467553cca7290e1c3ccb78855b4244b1c45576508f42f86c76c1352dbf5148156aa62251320d07e6bb7346cbe2c2dd
- SSDEEP
  
  24576:NUlxsCIH/aelw2APkxE5ecT6AEVj3nIg/SsDl:NmxsfaAx+kMCBnIg/1
Score

10^/10

hook collection discovery evasion infostealer rat trojan
- Hook
  Hook is an Android malware that is based on Ermac with RAT capabilities.
  rat trojan infostealer hook
- Makes use of the framework's Accessibility service
  Retrieves information displayed on the phone screen using AccessibilityService.
  collection evasion
- Acquires the wake lock
- Reads information about phone network operator.
  discovery
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

hookcollectiondiscoveryevasioninfostealerrattrojan

behavioral2

hookcollectiondiscoveryevasioninfostealerrattrojan

behavioral3

hookcollectiondiscoveryevasioninfostealerrattrojan

© 2018-2024

Terms | Privacy