General

  • Target

    0d0c23a96dc90d431a8ce01f0cee1575.bin

  • Size

    2.6MB

  • MD5

    021d816e2c9cacc41a072127d0416661

  • SHA1

    3e85635578b69ece2b9e5b909b5288a46098089c

  • SHA256

    c274e1c3eb15ebc79f91814fb5b4eb53380890c936529adc5903def3f04fa2f7

  • SHA512

    bf0809fdea371bb068f10767cc1b8b02e291f6dd1caeb0b5c60d2e524959574e8747a251949f82068db2a7cc7d073ac527ce85d18f2c0a851fea949e7390fd8a

  • SSDEEP

    49152:9TDpdfOP7KIq3tNP+V5DepvuX/ekYAAdd8j+2NtSl4pIXTyVHoeTiBJTlW:9TfOP7KTtnpvK0vd89YlFXTkIeSk

Score
10/10

Malware Config

Signatures

  • Ermac family
  • Ermac2 payload 1 IoCs
  • Hook family
  • Declares broadcast receivers with permission to handle system events 1 IoCs
  • Declares services with permission to bind to the system 2 IoCs
  • Requests dangerous framework permissions 15 IoCs

Files

  • 0d0c23a96dc90d431a8ce01f0cee1575.bin
    .zip

    Password: infected

  • aea84ebd9c1194efa69033231fe055a9fa79f3e740825965ab2767c4f61b0531.apk
    .apk android

    Password: infected

    com.tencent.mm

    com.tencent.mm.Main2