Overview

overview

10

Static

static

6

b39066b6ef...c9.apk

android-9-x86

10

b39066b6ef...c9.apk

android-10-x64

10

b39066b6ef...c9.apk

android-11-x64

10

Analysis

  • max time kernel
    9s
  • max time network
    155s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    16-01-2025 06:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b39066b6ef956b773733e3441485e2e3a6b412251a33113bf7f29de7f010d3c9.apk

  • Size

    3.9MB

  • MD5

    bd281af4799e607361972e7db41aeb84

  • SHA1

    0fbfd66b84bef8c44f8cc1eb222ce39b40f5e9aa

  • SHA256

    b39066b6ef956b773733e3441485e2e3a6b412251a33113bf7f29de7f010d3c9

  • SHA512

    86f1fe505b00fdb2c8a14addbb98159eb5c980d7a81036c7d017573465eab5a425da25718d4403d0118ad726640021e947044eb5f99155a0b1dad1b3a95da887

  • SSDEEP

    98304:9L2WOfKPr7DNEj05LKba0ySreQY6V4FlX8ExdXRElQaqv:oWOoDNEjoLgCQb4oExlREcv

Score
10/10
ermachookbankercollectioncredential_accessdiscoveryevasionexecutionimpactinfostealerpersistencerattrojan

Malware Config

Extracted

Family

ermac

C2

http://154.216.18.137

AES_key

Extracted

Family

hook

C2

http://154.216.18.137

AES_key

Signatures

Processes

  • com.zkasaslkasata.kuri
    1⤵
    • Loads dropped Dex/Jar
    • Obtains sensitive information copied to the device clipboard
    • Queries information about running processes on the device
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Schedules tasks to execute at a specified time
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    • Checks memory information
    PID:4962

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.zkasaslkasata.kuri/app_exercise/UNq.json
    Filesize

    736KB

    MD5

    5d672c08aad79b225d9e420bf4089408

    SHA1

    8c9d7e9e94c8866dd2df48123ed223c59f615188

    SHA256

    af8d3366a547d8fdabd01b98da0c947b8477aa81f85e3c1672303a3f5064b29e

    SHA512

    c31d09e892ae0a1bf3d1bd903648f773607fe163b8ee386c11e4b5516c68db747f4d7ad91bba17443b446589c4b70db62e1079afca5badbc3f63968dcd8d6c4b

    Download Submit

  • /data/data/com.zkasaslkasata.kuri/app_exercise/UNq.json
    Filesize

    736KB

    MD5

    9aa5cea33b9868b1a19149a4f89be59d

    SHA1

    32b040b6f045c127da1ae04dc33737914cb6e01f

    SHA256

    e1df0b98068001a3532efca304f30e272c9f4661bc62e5ec952b1399ddbd639b

    SHA512

    d81e4943c13ff2bb484b297ac35e2fd20b6fbfd8d49c649c6ffea8574316abf626316a18793e196f2c785bbdd4fd01f11fab828caeae0611247bcbb39d75dc96

    Download Submit

  • /data/data/com.zkasaslkasata.kuri/no_backup/androidx.work.workdb
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.zkasaslkasata.kuri/no_backup/androidx.work.workdb-journal
    Filesize

    512B

    MD5

    dd517c7ac66bcfdbd059cdb40b938318

    SHA1

    e5fe93964f10c50845a077d9759bc96d8b41b594

    SHA256

    32b1f6ce0d9413d53974ef32787e3f5d0a0bd4ff24cdd4ed0c0c24035544ffd0

    SHA512

    911491fc7fb1eed88b944ee145db9f49a610871c4c2d59a4f26afceeb33e1a16d41248bb96c66624bea866fd74b17392c5f80451d0b871dd475184bbc642235f

    Download Submit

  • /data/data/com.zkasaslkasata.kuri/no_backup/androidx.work.workdb-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit

  • /data/data/com.zkasaslkasata.kuri/no_backup/androidx.work.workdb-wal
    Filesize

    16KB

    MD5

    749681f6f278855fba655b144bca95d3

    SHA1

    b3f3758895d56532c5bb60615782b3dff7ab0922

    SHA256

    b81b52a6a6b0fcd7504b64074f522268a359913a3a4787a14a096b1f30f84360

    SHA512

    eaaae6849ff3eac8e698bfa5251d370aba2348c568a0afd1fc9f280ba6dac4a50c66dfadf74d6ddab7be03a86e08067e0f3f807e489b10d83c537c2a6bb79ad3

    Download Submit

  • /data/data/com.zkasaslkasata.kuri/no_backup/androidx.work.workdb-wal
    Filesize

    108KB

    MD5

    23f97b551d3f7aa3a81d55b3ab84e9cd

    SHA1

    232d41249773f392a9bc64b54a2a10a46a3571d8

    SHA256

    eecb479a593141cc595db97320999a4d11c3dc04de16738598feb7122fda1dc3

    SHA512

    a961bd46149d64c34073ce683fd90d0ce267b1119934400bf7404e1d2c29e8cb8ba935314bdd67631556ef8e00ef7a2906f46df28eb6ae5348c71066ad847786

    Download Submit

  • /data/data/com.zkasaslkasata.kuri/no_backup/androidx.work.workdb-wal
    Filesize

    173KB

    MD5

    e6b2fc2ec32818f872b086bfb894a93f

    SHA1

    9015b824c6960fb6a446f5e03d05cb70e3a768f6

    SHA256

    70f6cde73bbc680869276c0091d2e6bd946d9f3d2c5f53b5d79b6e5afb8f8d51

    SHA512

    983e309d3a34b74269d04ebade9d2fdc6ccb3859a1b1a7ddea0a74ebf21abb27a6d1b6b9b90a0f0bab147cbfacad663456f546459899fa2fc52f76832a31a5a5

    Download Submit

  • /data/user/0/com.zkasaslkasata.kuri/app_exercise/UNq.json
    Filesize

    1.7MB

    MD5

    40a20d8c23e21773552ed5f59ecb321f

    SHA1

    4823c1f50540d987bd530b729f908fbefce04def

    SHA256

    b5c5ef231d9a03d37e7c9b99e2796734f072cc085b117f4e424c9583db02dc01

    SHA512

    5e4634b040c5989763fce4f9e8776d19687f0dd2a169cbbc13ef4ae4563aba1a1fcb19b22486814bf3d220eb87db7c5437433a2fd3310b5378d804b4fe5f3570

    Download Submit