General

  • Target

    fd7e7e.apk

  • Size

    7.9MB

  • Sample

    220118-2vjs1adhan

  • MD5

    82ffff3a21f4c819ef87c3a0a814a3db

  • SHA1

    371b09369d2337d93d557e5835db12a1cf3b848b

  • SHA256

    fd7e7e23db5f645db9ed47a5d36e7cf57ca2dbdf46a37484eafa1e04f657bf02

  • SHA512

    c1b554b115fbb66d20db91e73ffaeff78be1925fc35a550e839ca1855051a8d34fb9816eab30e52ac2d17826ea5775b9400e9982c9a9f367b80cc096a61b3221

Malware Config

Targets

    • Target

      fd7e7e.apk

    • Size

      7.9MB

    • MD5

      82ffff3a21f4c819ef87c3a0a814a3db

    • SHA1

      371b09369d2337d93d557e5835db12a1cf3b848b

    • SHA256

      fd7e7e23db5f645db9ed47a5d36e7cf57ca2dbdf46a37484eafa1e04f657bf02

    • SHA512

      c1b554b115fbb66d20db91e73ffaeff78be1925fc35a550e839ca1855051a8d34fb9816eab30e52ac2d17826ea5775b9400e9982c9a9f367b80cc096a61b3221

    • Ermac

      An android banking trojan first seen in July 2021.

    • Ermac Payload

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Uses Crypto APIs (Might try to encrypt user data).

MITRE ATT&CK Matrix

Tasks