Overview

overview

10

Static

static

6

808b2efcfc...08.apk

android-9-x86

10

808b2efcfc...08.apk

android-10-x64

10

808b2efcfc...08.apk

android-11-x64

10

Analysis

  • max time kernel
    32s
  • max time network
    150s
  • platform
    android-11_x64
  • resource
    android-x64-arm64-20240910-en
  • resource tags

    arch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240910-enlocale:en-usos:android-11-x64system
  • submitted
    01/03/2025, 22:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    808b2efcfc28db5b072445482c8123231fd00258d5b3761a6536a3347df2f008.apk

  • Size

    2.9MB

  • MD5

    6acb44a2a17eb24da5f51b9bf7dfbfe2

  • SHA1

    86c6c15e204f7bcc8f18d6e672dbdfe3226030e2

  • SHA256

    808b2efcfc28db5b072445482c8123231fd00258d5b3761a6536a3347df2f008

  • SHA512

    599f3c2fc349d5f04a088f4e3bf1e0628a6ba1ed04e7e1c9d18c85da9e6bc929263cfd83780d89a85cafca37489864a6107ea5c904aca048c99b22ba85712670

  • SSDEEP

    49152:7DHvVps5b5ByeH97lLqHe+7sdT0+XFrkzGqZ9/j7L7EhYVAqaf8OpY7lPAxhK8xE:7DPVSmoVdPFrkzzZ98LfDEAhgJMvyB4e

Score
10/10
ermachookbankercollectioncredential_accessdefense_evasiondiscoveryevasionexecutionimpactinfostealerpersistencerattrojan

Malware Config

Extracted

Family

ermac

AES_key

Extracted

Family

hook

AES_key

Signatures

Processes

  • com.tencent.mm
    1⤵
    • Loads dropped Dex/Jar
    • Obtains sensitive information copied to the device clipboard
    • Queries information about running processes on the device
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Schedules tasks to execute at a specified time
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    • Checks memory information
    PID:4777

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.tencent.mm/app_DynamicOptDex/miQpStX.json
    Filesize

    702KB

    MD5

    9b27046e8007dded0e9963257fd1c044

    SHA1

    b65bb1f70731e5a20435269d99906ef0653e5bf0

    SHA256

    1430fae1e99473a5c9d8d047777741e370c7cb94f14db778e889b357d869d7e4

    SHA512

    2289b005955b987be1ec0890bd68625ae3b1c7ad5c853013b93ba396b5f9dd28d0a51c595d0b96b1d8918f11598c229a6a3c1e92a1fb6ce70297f23392fc793b

    Download Submit

  • /data/user/0/com.tencent.mm/app_DynamicOptDex/miQpStX.json
    Filesize

    702KB

    MD5

    b4ed5beb81681a541c94df8be1a50b13

    SHA1

    ced1fa6359857864ff2af7e54c6f47e8b2013ef9

    SHA256

    9f1c37243f247c0e555422da0754c5d90b51249656dba266d9741541bc3c6726

    SHA512

    9a4c6b62a015fedbe9c168f4ba3544fb3f440f2bb2574fdb0f5658e5b422689837d8eb18ee47b31994808e90d7f8e0cb23a49aa31878d75f973191203bf63bf8

    Download Submit

  • /data/user/0/com.tencent.mm/app_DynamicOptDex/miQpStX.json
    Filesize

    1.5MB

    MD5

    998753d51562c21f97f24a706e88fb05

    SHA1

    ac7536f8d79055812ff1bb1eb9c7d9859fb552b5

    SHA256

    f74f6f912ea01034f43112487a31bd8e3f3df7ccffa8804c6e6ec9e1995678cf

    SHA512

    b021c1cb0426d24b54b80fe1bc8c056cfac077f616e04e8b5554e34ee31433dc40fb638ca226f00f8e6f2f6350fec643dd7972bacb509f55132aa1f82eff2c1e

    Download Submit

  • /data/user/0/com.tencent.mm/no_backup/androidx.work.workdb
    Filesize

    4KB

    MD5

    7e858c4054eb00fcddc653a04e5cd1c6

    SHA1

    2e056bf31a8d78df136f02a62afeeca77f4faccf

    SHA256

    9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad

    SHA512

    d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

    Download Submit

  • /data/user/0/com.tencent.mm/no_backup/androidx.work.workdb-journal
    Filesize

    512B

    MD5

    dd9befed121855897c185ffeccababd4

    SHA1

    1ceac5a5fc168767a741cf4c55c9e9b310d55cc5

    SHA256

    35df3733185d0ba1a569eb7a93a813ce57e54199753e1523c67cd8cccb3f14d5

    SHA512

    7b3be3f26dc97dfa2dbdb3a901d27ae298e3393561ea7ef0c270848153b0581cd89c75c1a898e476412157be1c512217d012dd851f92be706d4ae0d370efe5f5

    Download Submit

  • /data/user/0/com.tencent.mm/no_backup/androidx.work.workdb-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit

  • /data/user/0/com.tencent.mm/no_backup/androidx.work.workdb-wal
    Filesize

    16KB

    MD5

    45b547a72815314531bdbfdf86f12efb

    SHA1

    d67181e95a3c84a4d3314084273cc9003b8e666f

    SHA256

    6fb33e59c7790913b166e8c6ccb3563f5c3e9e48ce76b50fd321cc199eb627df

    SHA512

    357f3a102e6865ca66b007da7bebe818654afa2c60662d26dd67e014b26c0ae1c3fb86ec24da42d8ff69b38be7d061fcd1d3feca7affaee670793eed233e8696

    Download Submit

  • /data/user/0/com.tencent.mm/no_backup/androidx.work.workdb-wal
    Filesize

    108KB

    MD5

    268a60c8c8c6cc2a63d05a581025cff5

    SHA1

    a520f3c2bdefaeb1b3e47850c072943766f1fb3a

    SHA256

    bdbee3b4b2bc9774097d109fe1b8e853ab3b4d90c0058182b4ce643458354f1a

    SHA512

    12072a01e9eabb1d3b46a55b664dbc1b2d559683488f958d512883336f99e727e9260b89037a484db13af73e905fe612eb8ad6a97042697579e5c8d790a3758b

    Download Submit

  • /data/user/0/com.tencent.mm/no_backup/androidx.work.workdb-wal
    Filesize

    173KB

    MD5

    d931934301b547a171b2ce31c35a11c5

    SHA1

    b3533d34cd256c7c9bd02d31040910d49bacbd3e

    SHA256

    7b1c5130c063a985e10c23f21a6e19d8155bd4b4d7c54473ff11c797bec72819

    SHA512

    17bda8e59aac07be3d5bb0a318f4a617466386e2837025271f421d18f78a217f50a74fdd6cb2d459d990515fa3354feabbed6566cc1b0b49e9571b27f96a7201

    Download Submit