Overview

overview

10

Static

static

Android APK

android_x86

10

Resubmissions

17-01-2021 18:27

210117-cmyktp43ee 10

30-12-2020 05:40

201230-s9z6hjadhj 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    rwbjmjigjv.apk

  • Size

    205KB

  • Sample

    210117-cmyktp43ee

  • MD5

    b46157e537fddb256f8ebf5965edd34b

  • SHA1

    410e4332d470e764e13ab8016cf4cc23fb74f64e

  • SHA256

    7843d056e42bc194275b946226418c1dd1929b4ae9438a20846d4deb67e6682a

  • SHA512

    6446d22573587e28cb67607954ad25221b0d9b03eb131acdb00dae66ecec3695557901fdf19b26417c387c1c9f57e87170a90f975cbdaf39008c96246849f67a

Score
10/10
androidobfuscationransomwarestealthtrojan

Malware Config

Extracted

DES_key

Targets

    • Target

      rwbjmjigjv.apk

    • Size

      205KB

    • MD5

      b46157e537fddb256f8ebf5965edd34b

    • SHA1

      410e4332d470e764e13ab8016cf4cc23fb74f64e

    • SHA256

      7843d056e42bc194275b946226418c1dd1929b4ae9438a20846d4deb67e6682a

    • SHA512

      6446d22573587e28cb67607954ad25221b0d9b03eb131acdb00dae66ecec3695557901fdf19b26417c387c1c9f57e87170a90f975cbdaf39008c96246849f67a

    Score
    10/10
    obfuscationransomwarestealthtrojan

    • Removes its main activity from the application launcher

      stealthtrojan

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads name of network operator

      Uses Android APIs to discover system information.

    • Uses Crypto APIs (Might try to encrypt user data).

      ransomware
    behavioral1

MITRE ATT&CK Matrix

Tasks