Overview

overview

10

Static

static

10

d37a174544...b8.apk

android-9-x86

10

d37a174544...b8.apk

android-10-x64

8

d37a174544...b8.apk

android-11-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    86eb8c78cf477ddc6638da4f4271bba7.bin

  • Size

    901KB

  • MD5

    eca491e0f8ec643be24f806a65b095e4

  • SHA1

    785c5162cc6729c03f7cefe86a006453036ca1e1

  • SHA256

    7c5b8ef2ef5755e0a981910792be222ceade41eb99235df3b0010b65dacc6cdd

  • SHA512

    94776c94ecaf0524978448515b9e46d2d2de32d7386741e17ee7ec03dc871131c94431cd9af927b35fcff2749a776fbddc7cdb5a7c3d86da7e6820e593de9ffa

  • SSDEEP

    24576:qt0RYFVu9FumrVrxVoFy9B732WUZpEKF+bnECJ91U:qtFMumZrxV39ByWUZp2wK9i

Score
10/10
ermachook

Malware Config

Signatures

  • Ermac family
    ermac
  • Ermac2 payload 1 IoCs
  • Hook family
    hook
  • Declares broadcast receivers with permission to handle system events 1 IoCs
  • Declares services with permission to bind to the system 2 IoCs
  • Requests dangerous framework permissions 15 IoCs

Files

  • 86eb8c78cf477ddc6638da4f4271bba7.bin
    .zip

    Password: infected

  • d37a174544220e93a0425afce2b1e76b8b29c97ce18588037ae76b45c26d08b8.zip
    .apk android

    Password: infected

    com.yogadisodoxatuse.fapeze

    com.yogadisodoxatuse.fapeze.hazusovahivi