Hook (Malware Family)

SYMBOL	COMMON_NAME	aka. SYNONYMS

apk.hook (Back to overview)

Hook

According to ThreatFabric, this is a malware family based on apk.ermac. The name hook is the self-advertised named by its vendor DukeEugene. It provides WebSocket communication and has RAT capabilities.

References

2024-01-12 ⋅ Spamhaus ⋅ Spamhaus Malware Labs
Spamhaus Botnet Threat Update Q4 2023
FluBot Hook FAKEUPDATES AsyncRAT BianLian Cobalt Strike DCRat Havoc IcedID Lumma Stealer Meterpreter NjRAT Pikabot QakBot Quasar RAT RecordBreaker RedLine Stealer Remcos Rhadamanthys Sliver

2023-11-14 ⋅ Medium joshuapenny88 ⋅ Joshua Penny
HostingHunter Series: CHANG WAY TECHNOLOGIES CO. LIMITED
Hook Hydra Cobalt Strike SectopRAT

2023-09-11 ⋅ NCC Group ⋅ Alberto Segura, Joshua Kamp
From ERMAC to Hook: Investigating the technical differences between two Android malware variants
ERMAC Hook

2023-07-22 ⋅ Github (0xperator) ⋅ 0xperator
HookBot Android Malware Builder Panel and APK Source
Hook

2023-02-03 ⋅ KNF CSIRT ⋅ Michał Strzelczyk, Łukasz Cepok
HookBot – A New Mobile Malware
Hook

2023-01-19 ⋅ ThreatFabric ⋅ ThreatFabric
Hook: a new Ermac fork with RAT capabilities
Hook

There is no Yara-Signature yet.

Hook Propose Change

References

Hook