Extracted

• • Target

    ba77429169f0dd19d90b7cd55524569dc6823ea708e26ecac9c2f3ea9e059ab2.bin

  • Size

    3.7MB

  • MD5

    9479dd378d9fdaf5968bf0c1b25bfa89

  • SHA1

    503e752805e5d924bab849e57fafc0df2958ed57

  • SHA256

    ba77429169f0dd19d90b7cd55524569dc6823ea708e26ecac9c2f3ea9e059ab2

  • SHA512

    a84afa74265cf2ca550a869405bff4bfa434fb735f1e1ea2d66ef9bae412261e8022ab4d0502b11f767c3c92b15132448c203d5e87fc71390137f6ead673f44d

  • SSDEEP

    98304:vIpQbV2OxM597muPOB+eC11UsaJHqVMKKRW:vaGLa9LPdTfaVquKKQ

  Score

  10^/10

  hookcollectioncredential_accessdefense_evasiondiscoveryimpactinfostealerpersistencerattrojan

  • Hook

    Hook is an Android malware that is based on Ermac with RAT capabilities.

    rattrojaninfostealerhook

  • Hook family

    hook

  • Makes use of the framework's Accessibility service

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectiondefense_evasioncredential_access

  • Obtains sensitive information copied to the device clipboard

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact

  • Queries the phone number (MSISDN for GSM devices)

    discovery

  • Queries information about the current Wi-Fi connection

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery

  • Queries the mobile country code (MCC)

    discovery

  • Reads information about phone network operator.

    discovery
  behavioral1behavioral2behavioral3