According to ThreatFabric, this is a malware family based on apk.ermac. The name hook is the self-advertised named by its vendor DukeEugene. It provides WebSocket communication and has RAT capabilities.
|2023-01-19 ⋅ ThreatFabric ⋅ |
Hook: a new Ermac fork with RAT capabilities
There is no Yara-Signature yet.