e38d7ba21a48ad32963bfe6cb0203afe0839eca9a73268a67422109da282eae3 | Triage

Submit
Reports

Overview

overview

8

Static

static

7

e38d7ba21a...e3.apk

android_x86

8

e38d7ba21a...e3.apk

android_x64

6

Resubmissions

21/07/2022, 15:40 UTC

220721-s4kl8agdh4 10

20/07/2022, 04:04 UTC

220720-em11zscbgr 8

17/06/2022, 11:31 UTC

220617-nmpsdsbgfp 8

Sharing

General

Target

e38d7ba21a48ad32963bfe6cb0203afe0839eca9a73268a67422109da282eae3
Size

2.9MB
Sample

220617-nmpsdsbgfp
MD5

db253c49fa9375e6eaa7f23661c58554
SHA1

527141e1ee5d76b55b7c7640f7dcf222cb93e010
SHA256

e38d7ba21a48ad32963bfe6cb0203afe0839eca9a73268a67422109da282eae3
SHA512

e15c29a45813977896487240692c5286053ca4e63f8da92709e4ea56ec354a039fcd5fe8168076da9d2e718cd89704e117e4ea690f5102383253f94f24ac362d

Score

8^/10

android banker evasion ransomware

Static task

static1

Behavioral task

behavioral1

Sample

e38d7ba21a48ad32963bfe6cb0203afe0839eca9a73268a67422109da282eae3.apk

Resource

android-x86-arm-20220310-en

banker evasion ransomware

android_x86

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

e38d7ba21a48ad32963bfe6cb0203afe0839eca9a73268a67422109da282eae3.apk

Resource

android-x64-20220310-en

android_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  e38d7ba21a48ad32963bfe6cb0203afe0839eca9a73268a67422109da282eae3
- Size
  
  2.9MB
- MD5
  
  db253c49fa9375e6eaa7f23661c58554
- SHA1
  
  527141e1ee5d76b55b7c7640f7dcf222cb93e010
- SHA256
  
  e38d7ba21a48ad32963bfe6cb0203afe0839eca9a73268a67422109da282eae3
- SHA512
  
  e15c29a45813977896487240692c5286053ca4e63f8da92709e4ea56ec354a039fcd5fe8168076da9d2e718cd89704e117e4ea690f5102383253f94f24ac362d
Score

8^/10

banker evasion ransomware
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
  banker
- Requests cell location
  Uses Android APIs to to get current cell information.
- Acquires the wake lock.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads information about phone network operator.
- Removes a system notification.
  evasion
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bankerevasionransomware

behavioral2

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.