Overview

overview

8

Static

static

8

WIFI.apk

android_x86

8

WIFI.apk

android_x64

8

WIFI.apk

android_x64

Resubmissions

23-04-2024 07:56

240423-js1dvseg4v 8

15-04-2024 17:56

240415-wh898seg9w 8

25-06-2021 19:13

210625-g3rlde4dqn 8

17-01-2021 18:18

210117-lzgtt5m89n 10

12-01-2021 14:53

210112-6aqfd4757x 10

Analysis

  • max time kernel
    1150944s
  • max time network
    154s
  • platform
    android_x86
  • resource
    android-x86-arm
  • submitted
    25-06-2021 19:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    WIFI.apk

  • Size

    2.9MB

  • MD5

    79ba96848428337e685e10b06ccc1c89

  • SHA1

    51b31827c1d961ced142a3c5f3efa2b389f9c5ad

  • SHA256

    854774a198db490a1ae9f06d5da5fe6a1f683bf3d7186e56776516f982d41ad3

  • SHA512

    ed0e788b735de1508eb387a20bff312094bb9b935c5b2d278391c01edf27550816515e60054b687f14ce04e7ccb7c46f0169a93df571abd623d4ee0b150f1f43

Score
8/10
obfuscationransomware

Malware Config

Signatures

  • Reads device subscriber ID 1 IoCs

    Uses Android APIs to read subscriber ID (IMSI on GSM devices).

  • Requests cell location 1 IoCs

    Uses Android APIs to to get current cell location.

  • Checks Android system properties for emulator presence. 4 IoCs
  • Reads name of network operator 1 IoCs

    Uses Android APIs to discover system information.

  • Reads serial number of SIM 1 IoCs
  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware
  • Uses reflection 64 IoCs
    obfuscation

Processes

  • org.xmlpush.v3
    1⤵
    • Reads device subscriber ID
    • Requests cell location
    • Checks Android system properties for emulator presence.
    • Reads name of network operator
    • Reads serial number of SIM
    • Uses Crypto APIs (Might try to encrypt user data).
    • Uses reflection
    PID:4674
    • org.xmlpush.v3
      2⤵
        PID:4991

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/user/0/org.xmlpush.v3/cache/e648569b
      MD5

      7f12ab5fe29ef31e2002114c0afbdba2

      SHA1

      a9e4b43a3665498460cfca5126f6fdd30a0903bc

      SHA256

      a6efbc56be7f4166574cdf2d3ec58463f63323f0d726b73dc07674ee64fa43f9

      SHA512

      c1fb88c766c4443044b3e7140118446dd72840c6967ea8ae5ebe2db8dee706ba9cb7d16bdcaaecefa8464fa1c3d6f70c90446c0b1427350c464d102d49909f86

      Download Submit
    • /data/user/0/org.xmlpush.v3/files/42e65e56b27dd4bac0df1a
      MD5

      d41d8cd98f00b204e9800998ecf8427e

      SHA1

      da39a3ee5e6b4b0d3255bfef95601890afd80709

      SHA256

      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

      SHA512

      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

      Download Submit
    • /data/user/0/org.xmlpush.v3/files/641ea378
      MD5

      d41d8cd98f00b204e9800998ecf8427e

      SHA1

      da39a3ee5e6b4b0d3255bfef95601890afd80709

      SHA256

      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

      SHA512

      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

      Download Submit
    • /data/user/0/org.xmlpush.v3/files/RANDSEED.001
      MD5

      d41d8cd98f00b204e9800998ecf8427e

      SHA1

      da39a3ee5e6b4b0d3255bfef95601890afd80709

      SHA256

      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

      SHA512

      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

      Download Submit
    • /data/user/0/org.xmlpush.v3/files/rmil5e
      MD5

      d41d8cd98f00b204e9800998ecf8427e

      SHA1

      da39a3ee5e6b4b0d3255bfef95601890afd80709

      SHA256

      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

      SHA512

      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

      Download Submit