Overview

overview

8

Static

static

7

psk.apk

android_x86

8

psk.apk

android_x64

7

psk.apk

android_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    psk.apk

  • Size

    2.0MB

  • Sample

    220505-jzd47sffc6

  • MD5

    26bbb10b28f49e3f0802e515b80b433c

  • SHA1

    e92586db0d1e1699baba2de748562d11b2177380

  • SHA256

    9eceb9cfa14c5f82cf31bdced380faec9bf35060defe355c066e1acb36ba66ea

  • SHA512

    1febd124383efddad324b0cc6f0ce73fd231f0e8bcc85e076622533a66d30b3a86505acb079cce77d258f155ccc8522c645da49f5bd90cf2cc15d20560166ac0

Score
8/10
androidbankerevasionransomware

Malware Config

Targets

    • Target

      psk.apk

    • Size

      2.0MB

    • MD5

      26bbb10b28f49e3f0802e515b80b433c

    • SHA1

      e92586db0d1e1699baba2de748562d11b2177380

    • SHA256

      9eceb9cfa14c5f82cf31bdced380faec9bf35060defe355c066e1acb36ba66ea

    • SHA512

      1febd124383efddad324b0cc6f0ce73fd231f0e8bcc85e076622533a66d30b3a86505acb079cce77d258f155ccc8522c645da49f5bd90cf2cc15d20560166ac0

    Score
    8/10
    evasionransomwarebanker

    • Makes use of the framework's Accessibility service.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).

      banker

    • Acquires the wake lock.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries the unique device ID (IMEI, MEID, IMSI).

    • Reads information about phone network operator.

    • Removes a system notification.

      evasion

    • Uses Crypto APIs (Might try to encrypt user data).

      ransomware
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks