Overview

overview

10

Static

static

6

0ed0bba407...d1.apk

android-9-x86

10

0ed0bba407...d1.apk

android-10-x64

10

0ed0bba407...d1.apk

android-11-x64

10

Analysis

  • max time kernel
    69s
  • max time network
    152s
  • platform
    android-10_x64
  • resource
    android-x64-20240910-en
  • resource tags

    arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system
  • submitted
    02-01-2025 22:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0ed0bba407ad0834d3102b016a06c3816ecf0b05902e2b79213a6382704475d1.apk

  • Size

    2.4MB

  • MD5

    b9d127d674f3377d43ffc97153d764a7

  • SHA1

    359b807a002880959d2d08fde054d5d0cd65b27c

  • SHA256

    0ed0bba407ad0834d3102b016a06c3816ecf0b05902e2b79213a6382704475d1

  • SHA512

    1415b7fa017edc582e719d6be17b01135c14954a18e87704b7d7718f3d3dbaedee90cd31396d29652bde9304e46c468fa6ef9ee5641c29b5bea784d39dad349a

  • SSDEEP

    49152:Og+DzeC+Epozryg8+cUJibUHtevQe4JsSuElgEwX5TYLMrg:OYCXuzrQUJiAHteIJsS3LwXEME

Score
10/10
ermachookbankercollectioncredential_accessdiscoveryevasionexecutionimpactinfostealerpersistencerattrojan

Malware Config

Extracted

Family

ermac

AES_key

Extracted

Family

hook

AES_key

Signatures

Processes

  • com.tencent.mm
    1⤵
    • Loads dropped Dex/Jar
    • Obtains sensitive information copied to the device clipboard
    • Queries information about running processes on the device
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Schedules tasks to execute at a specified time
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    • Checks memory information
    PID:5136

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.tencent.mm/app_DynamicOptDex/YYludQy.json
    Filesize

    673KB

    MD5

    8b1e19be17ff10c590d3325b82add647

    SHA1

    df82bed047be54e328fc174f5abb0d9f34dffb15

    SHA256

    c16f1dcac28176c3ee91267ca08fd26228897e648df28a9286e635476cef43c1

    SHA512

    1da06fcee20d01110d57da9a34a08432dd1208b3f308baf8c5353575c92cef5f251a55db799508478d8416270fe788ef757a97928267a5cf0d665e5f4fb29361

    Download Submit

  • /data/data/com.tencent.mm/app_DynamicOptDex/YYludQy.json
    Filesize

    673KB

    MD5

    fddaaa01f64dd2c49820d368f4439d07

    SHA1

    fc366242b63375b5b880ecbda4cabe744d939712

    SHA256

    508678f484040b5d15f4c72e4121ba3ad0edecfb484cab7c38c57999e8781ea3

    SHA512

    d54ab121a25119ea4ec526ac9aa1fe5e92151aa7fc31556bd2cb4453649857122d3c5ddbd167a9b2edb55c7a943cae111e9da1634fb040696bd04d95596d2f97

    Download Submit

  • /data/data/com.tencent.mm/app_DynamicOptDex/oat/YYludQy.json.cur.prof
    Filesize

    3KB

    MD5

    c3548ecad7cfe0f8dce5533feb2c613f

    SHA1

    bc98a5150030c34a24c54f90ff904b8613c08504

    SHA256

    e8922b69afd62f971ee6a1037fc13a5673556eae028ae71805a4024afc4c0271

    SHA512

    3f88dab13ea64eb196d94d4b05e0b8bdb5b6158fde74ad7b798ce252c840783920e232956bd42e4e36846be0d9a7f62b884b266dc4fa67e15f95c691b9c8cd15

    Download Submit

  • /data/data/com.tencent.mm/no_backup/androidx.work.workdb
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.tencent.mm/no_backup/androidx.work.workdb-journal
    Filesize

    512B

    MD5

    1a75c56601a1fc9b8bfff27d878ec638

    SHA1

    e95c2a66770a4403274856bf086851327a3dd798

    SHA256

    7d540f661739b719c8186f9c0ad10a1b660b56f7d08692200722a4bbb45e6e3a

    SHA512

    07e659d3c84e9414dea04dbd2ee8f8ec9ed162b542bc79da94485730b33463bad00713acb355486e114f688fe0d373a29eeb15ef7767e9a54403e829b3175796

    Download Submit

  • /data/data/com.tencent.mm/no_backup/androidx.work.workdb-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit

  • /data/data/com.tencent.mm/no_backup/androidx.work.workdb-wal
    Filesize

    16KB

    MD5

    76060f2099d70e3d8f59a890f0d35fd0

    SHA1

    f496135c0a7d859033e45c2838e950881154cf20

    SHA256

    35bf29bee89b716b39bdd4c8111b3151e02828614a7a40a62e4a696239aae7f6

    SHA512

    587ec3cd2dc3915b229e2e3023b327ac29aae06ec0cb48bb7e479fb9ac3155c5b4d8de08c01eba4b03dd576f05a562b63587f644b53c83f9ed2f11396a408c56

    Download Submit

  • /data/data/com.tencent.mm/no_backup/androidx.work.workdb-wal
    Filesize

    108KB

    MD5

    281e078fb733f713dbe36776560249f1

    SHA1

    147878b6205923cf8074ccb9b14aba2a4dddad80

    SHA256

    a5cc769d5db521f662f028c66c8c3cffd2deb80d9f8b115f285d66406986eaee

    SHA512

    8eed4e09adf90cbcfc4d24d9b7de9becfe2642757b5a81bb893f5f8e9a7fcae159c9b1c3685db033669fb1e4f4ebe393af6281582cadf2ad6172549ba1c53be8

    Download Submit

  • /data/data/com.tencent.mm/no_backup/androidx.work.workdb-wal
    Filesize

    173KB

    MD5

    7f49da540863b2b4c6b75c8f53eb5d4e

    SHA1

    c8cc8eade08cb25e4dd1c80b66ce96ff57175b79

    SHA256

    2df9876548c0c3db4d235194922c778299a8eee594bcda83c8135564b68017e3

    SHA512

    a89c59b7dd3807cacba013ac44bac4ff48c103e1c3d60de89798575096edad043ea7652d12e28f345eb70545aa13069f3e791ce39657825ecc2456d96064a129

    Download Submit

  • /data/user/0/com.tencent.mm/app_DynamicOptDex/YYludQy.json
    Filesize

    1.5MB

    MD5

    a6fef560e44eabf751351e35b35a9594

    SHA1

    19c7fd5c165e9ab3fbfdabf67df653311f69cf7b

    SHA256

    b811b19a1b192155686236850aa343367c2a5d6c9dd47704814f10e1ea3bcf81

    SHA512

    15bbc3929d6bd8f95685fdbaeb01b0dbb3ef66f8613e03e9dd881aa9121557798be04493033519b44dcc98415beb152795200215b25775b6324e15ece1258d20

    Download Submit