Overview

overview

10

Static

static

Android APK

android_x86

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    etptswrnwz.apk

  • Size

    205KB

  • Sample

    210113-haz9g84rqa

  • MD5

    49e476cff9f290882ce580b9e984e4d8

  • SHA1

    af11706f6d5a8b352c11a1d0f89f2a25ace4cd73

  • SHA256

    33f0b16d0b2bc411eb93da33f7881cdecfd3e702e286a7dc162d595b91b29d28

  • SHA512

    b720475429c3ddb157c369d42a4af020e50ff9731580d28c6ce043e3e95332362bc5c46bd076fc947cc067d2de3309f76df4996e379a804c50f8f0f5d79e7864

Score
10/10
androidobfuscationransomwarestealthtrojan

Malware Config

Extracted

DES_key

Targets

    • Target

      etptswrnwz.apk

    • Size

      205KB

    • MD5

      49e476cff9f290882ce580b9e984e4d8

    • SHA1

      af11706f6d5a8b352c11a1d0f89f2a25ace4cd73

    • SHA256

      33f0b16d0b2bc411eb93da33f7881cdecfd3e702e286a7dc162d595b91b29d28

    • SHA512

      b720475429c3ddb157c369d42a4af020e50ff9731580d28c6ce043e3e95332362bc5c46bd076fc947cc067d2de3309f76df4996e379a804c50f8f0f5d79e7864

    Score
    10/10
    obfuscationransomwarestealthtrojan

    • Removes its main activity from the application launcher

      stealthtrojan

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads name of network operator

      Uses Android APIs to discover system information.

    • Uses Crypto APIs (Might try to encrypt user data).

      ransomware
    behavioral1

MITRE ATT&CK Matrix

Tasks