Overview

overview

10

Static

static

7f199a0afd...ae.apk

android_x86

10

7f199a0afd...ae.apk

android_x86_64

10

Resubmissions

03-03-2021 14:50

210303-wz5vqzmpfn 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7f199a0afda7936c7fa74f9a7614640f12fcfb46e350111bce359964e164adae

  • Size

    13.2MB

  • Sample

    210303-wz5vqzmpfn

  • MD5

    0d1df5c35c3c43e1b8bb7daec2495c06

  • SHA1

    d5f2c4659648098acb87811bcdd9fc8814d2e4fd

  • SHA256

    7f199a0afda7936c7fa74f9a7614640f12fcfb46e350111bce359964e164adae

  • SHA512

    fc40838367f214acbe2961eab55845bd9e08e0e49fb9720c5952ca23bd1cd6391051774b984cc343cd5eb337d1f3184fe40eabc28437e0b56f95abb94d3eeea1

Score
10/10
androidobfuscationransomwarestealthtrojan

Malware Config

Extracted

AES_key

Targets

    • Target

      7f199a0afda7936c7fa74f9a7614640f12fcfb46e350111bce359964e164adae

    • Size

      13.2MB

    • MD5

      0d1df5c35c3c43e1b8bb7daec2495c06

    • SHA1

      d5f2c4659648098acb87811bcdd9fc8814d2e4fd

    • SHA256

      7f199a0afda7936c7fa74f9a7614640f12fcfb46e350111bce359964e164adae

    • SHA512

      fc40838367f214acbe2961eab55845bd9e08e0e49fb9720c5952ca23bd1cd6391051774b984cc343cd5eb337d1f3184fe40eabc28437e0b56f95abb94d3eeea1

    Score
    10/10
    obfuscationstealthtrojanransomware

    • Removes its main activity from the application launcher

      stealthtrojan

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Reads name of network operator

      Uses Android APIs to discover system information.

    • Uses Crypto APIs (Might try to encrypt user data).

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks