Extracted

• • Target

    a3baebaf9d5c91a34c7adc8435d069d0abd8099d0e38a177d4c6704b476447c8.bin

  • Size

    4.0MB

  • MD5

    cd8010eb4a1945384d673fa2ee24a277

  • SHA1

    8dfcc36d74e2b158d76572fdea955b068fda19ed

  • SHA256

    a3baebaf9d5c91a34c7adc8435d069d0abd8099d0e38a177d4c6704b476447c8

  • SHA512

    e42445d44454e3de4659c416a2647aafc5008b89eb62fe248770a72c2207742f8f8efa2ecaefe114eff12823592aa30d704c444831c0d46cef08cfd960804545

  • SSDEEP

    98304:Fi4V399CFmuXBlChb/+RvvRgP6tQ8aVMcHi3l:F73CcuRlE/+RWiraVzHi3l

  Score

  10^/10

  hookcollectioncredential_accessdefense_evasiondiscoveryimpactinfostealerpersistencerattrojan

  • Hook

    Hook is an Android malware that is based on Ermac with RAT capabilities.

    rattrojaninfostealerhook

  • Hook family

    hook

  • Makes use of the framework's Accessibility service

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectiondefense_evasioncredential_access

  • Obtains sensitive information copied to the device clipboard

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact

  • Queries the phone number (MSISDN for GSM devices)

    discovery

  • Queries information about the current Wi-Fi connection

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery

  • Queries the mobile country code (MCC)

    discovery

  • Reads information about phone network operator.

    discovery
  behavioral1behavioral2behavioral3