Overview

overview

10

Static

static

10

0464a52a8f...52.apk

android-9-x86

0464a52a8f...52.apk

android-10-x64

0464a52a8f...52.apk

android-11-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8d771de68809aa009a86c0cf89bf1422.bin

  • Size

    913KB

  • MD5

    633e88af6224fb941133f564304b6d17

  • SHA1

    fdcf2548d09a3889a134bb1161c0bdea947d2fa7

  • SHA256

    9495b3a5e148572e252f9bef7acd9b4de7c8e42bc907d2ce107d844b09a206b6

  • SHA512

    ba2e991720252bd51e7b8d5cf4ba39d3812462174730caf7322023804bb18d6d520668a4b8acfb265a53b0f5a64f712c7a8600a0d546e8e678b2730cc50ee2c8

  • SSDEEP

    24576:A5+LB+EHtgrQ4zfODrv36NoZmDfUBQiEWN38YdCp1:NL0EKr9ovnZmzc3aoy

Score
10/10
ermachook

Malware Config

Signatures

  • Ermac family
    ermac
  • Ermac2 payload 1 IoCs
  • Hook family
    hook
  • Declares broadcast receivers with permission to handle system events 1 IoCs
  • Declares services with permission to bind to the system 2 IoCs
  • Requests dangerous framework permissions 15 IoCs

Files

  • 8d771de68809aa009a86c0cf89bf1422.bin
    .zip

    Password: infected

  • 0464a52a8f1f020cd1931b2f500ef12abe56d6b12b3c94d5bbb2c014e2a8ad52.zip
    .apk android

    Password: infected

    com.sisedicilemuha.wikaxa

    com.sisedicilemuha.wikaxa.yugamunopogifa