Overview

overview

10

Static

static

10

dadf2f59ba...b9.apk

android-9-x86

10

dadf2f59ba...b9.apk

android-10-x64

10

dadf2f59ba...b9.apk

android-11-x64

10

Analysis

  • max time kernel
    146s
  • max time network
    176s
  • platform
    android-10_x64
  • resource
    android-x64-20240910-en
  • resource tags

    arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system
  • submitted
    19/03/2025, 12:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dadf2f59ba0336e468370144affe3ac67c26107ed1d596acb9cf35956a56c1b9.apk

  • Size

    1.7MB

  • MD5

    8ac1d0861cbee7940253e4b8f0a1784c

  • SHA1

    d93270a4ed0b73c1c9de5250aa6b59277ebb228b

  • SHA256

    dadf2f59ba0336e468370144affe3ac67c26107ed1d596acb9cf35956a56c1b9

  • SHA512

    168c8070a103a3c8bcfbe8a4fbcbbb35a0769634d23ca922d3b0e5dd8d02d61d5220a01e6e6845b97b26aaa8a4ca28f80ff6659459abfff7c0c6c63450a9225b

  • SSDEEP

    24576:9lkEBm5zFdCJ62zpHAB4ZAbZOtLEZL2ELlKVm8t9RVxtcbifJiVkggSRvb:9lkyOdozpW9bZkkLlWm8DRKbikVdgS1

Score
10/10
ermachookbankercollectioncredential_accessdefense_evasiondiscoveryevasionexecutionimpactinfostealerpersistencerattrojan

Malware Config

Extracted

Family

ermac

C2

http://154.90.62.12

AES_key

Extracted

Family

hook

C2

http://154.90.62.12

AES_key

Signatures

Processes

  • com.tencent.mm
    1⤵
    • Loads dropped Dex/Jar
    • Obtains sensitive information copied to the device clipboard
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Queries information about the current Wi-Fi connection
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Schedules tasks to execute at a specified time
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    • Checks memory information
    PID:5199

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.tencent.mm/.google/libgooglev1.so
    Filesize

    326KB

    MD5

    609a5b818ea46513fe8dae39bc138727

    SHA1

    34458ea3b8537fca43efe8e3ff488ed9c83a56e6

    SHA256

    48f6991213387355b1a17e11124de4f0923944c3f2c4869e06fc96a742d9cd49

    SHA512

    9c06c480633d6449532f45c70d71866389a8d1ed6eb1cb9621a3a59d2542fe0a8cb911de92d148473d24af47f548a1321ddef09423cfe831a34c6cded20cd57f

    Download Submit

  • /data/data/com.tencent.mm/no_backup/androidx.work.workdb
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.tencent.mm/no_backup/androidx.work.workdb-journal
    Filesize

    512B

    MD5

    086f27d53bb385e281231923d03275ad

    SHA1

    769c51af1d8a008e73636558aeb17f484200cce9

    SHA256

    a12277e6f1e0dc7f0dcfd900024a5c37de5968c6c024095223bdd966e2f1eaa9

    SHA512

    512dd17bc1cc46821ce25e993ad7c0f26dcb10b7ae3a6ea0a8c446522fba6df17494a3925e236b6ad251a6002a7d714d00d34a45e93ebca7af341e1a27790fca

    Download Submit

  • /data/data/com.tencent.mm/no_backup/androidx.work.workdb-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit

  • /data/data/com.tencent.mm/no_backup/androidx.work.workdb-wal
    Filesize

    16KB

    MD5

    d9aa4b75efb1811e52ae5b2dddaaf2b8

    SHA1

    0b394c4f435a2a72a961727af7d577e13ad51c2a

    SHA256

    e88a95fcd4f451d220f12a0be4bf109c552a47ed06903267adac17e2853cc26f

    SHA512

    4ec4061f7d597fed4c1c352977b1631464f16d46bfb8c4c9441acc0358f2c4e63d3f36fafdeee627f9fffc60c8ca428f2595459148baa545e5571d155bf0768a

    Download Submit

  • /data/data/com.tencent.mm/no_backup/androidx.work.workdb-wal
    Filesize

    112KB

    MD5

    62b2978e16f8276298ac755e5226643b

    SHA1

    13f303e5571f6cff306a3dd18c04bf4bc8e96161

    SHA256

    11a33b9c5b1d053a4d6deac9c9bebdf2a5d97d53eb1adece69ffcc019addf2ff

    SHA512

    8d1be50c3eca65d73aa92bbe8f7fa8990aa30ea750f8045cd96ca6cf42190f7bc3634d430f7ac47bcc0fe6933666952ce1ad2e431c30db1cfb3dd2621b0f6433

    Download Submit

  • /data/data/com.tencent.mm/no_backup/androidx.work.workdb-wal
    Filesize

    185KB

    MD5

    6c92095df0f4f64b9340d50fdbe70d72

    SHA1

    e38adf9fdcdcff34baf5be7bb958eef9648f146d

    SHA256

    f91b49001ca7644dcc29aa484a7dc775cbefb8c7a6689bfa17ea7c3975dd7292

    SHA512

    81ca97b6ee5794a39a862a14198a58e0d3f2ae7a2c03be3e0a295dc4feedd466f12b7327d05dd19a5bb71ad739ea2674db5bdeaf358c3cf367929eb348ac5363

    Download Submit

  • /data/data/com.tencent.mm/oat/x86_64/[email protected]
    Filesize

    4KB

    MD5

    7a5ac055f226cff7cbb4691006ec8f20

    SHA1

    e64f5f7e5cf6b19aaea3984d6ea86ff5458aabb6

    SHA256

    a5f823a6f4ad064c7d806097911cdcc8b435fe27c96076e4be718c5368bea3d1

    SHA512

    8a2442d2c0c3432e9f2921a0fa7badab0b58c9736304297138015fdb5dea80a3b9e9639e096378dcc60b9f76ad55dbcdd9800ac57d3106bf18a444a9b5c7c25b

    Download Submit

  • /data/user/0/com.tencent.mm/[email protected]
    Filesize

    2.0MB

    MD5

    40cb56a4d76414296a84bfed60b6c127

    SHA1

    6b2a5132dd77022708b2b9959737f8377a93a465

    SHA256

    9364ddf46fe1bf90cebac61bc7cbba8707de8158ce444a8fb43220dd50d0699d

    SHA512

    ea743dbf8e188e17589a443c49bbd07d5ebef8edd8a02b40f32bdd9fdbfcdcc63e298f6c4cbd27cfcd9033fc9382b30b0c5fec3e60e400f2dca34a40f5815a02

    Download Submit