Extracted

• • Target

    2142671d090e4c857137bff71cc13f05a25fe1e95bb8fcf80f554f3adf29910a.bin

  • Size

    1.1MB

  • MD5

    0b98aa107b4610cc9c2b15e685e9c802

  • SHA1

    cf612eedbe423d7c30a4bf09c3e798e08a512458

  • SHA256

    2142671d090e4c857137bff71cc13f05a25fe1e95bb8fcf80f554f3adf29910a

  • SHA512

    ea2c03fb5194b4ff2957ffbcdda475924f4f99f86a83b747ff63725cf0789ecbd19b06db858bc7d7b433fe3fbb992f197417bf3954add8f3e3ace31131b3f3c4

  • SSDEEP

    24576:BT282S4HtuWZ0p46B8ZJ8SV2BrpM7k9eLxg/Si:Ba82S4NZOp46B8Z60VLxg/p

  Score

  10^/10

  hookbankercollectiondiscoveryevasioninfostealerratstealthtrojan

  • Hook

    Hook is an Android malware that is based on Ermac with RAT capabilities.

    rattrojaninfostealerhook

  • Makes use of the framework's Accessibility service

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectionevasion

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Removes its main activity from the application launcher

    stealthtrojanevasion

  • Requests enabling of the accessibility settings.

  • Acquires the wake lock

  • Reads information about phone network operator.

    discovery
  behavioral1behavioral2behavioral3