3bcb478ac6a871408a53f37c622c1a3a40c4ea4b38062b3f7620011fe9580bdd | Triage

Submit
Reports

Overview

overview

7

Static

static

7

3bcb478ac6...dd.apk

android_x86

7

3bcb478ac6...dd.apk

android_x64

1

3bcb478ac6...dd.apk

android_x64

1

Sharing

General

Target

3bcb478ac6a871408a53f37c622c1a3a40c4ea4b38062b3f7620011fe9580bdd
Size

431KB
Sample

220703-llpd5agaf9
MD5

ac37ca7fe38e640260a98eb7418f69f0
SHA1

d8412c4008cc72533ec96e982c4fa2dd445f36a8
SHA256

3bcb478ac6a871408a53f37c622c1a3a40c4ea4b38062b3f7620011fe9580bdd
SHA512

f0b1b0c71da08c0175ecd09464e442921f5a92e48d548b03a8e605925533a63181a24ecdfa399797f526965ad8b164555ccd0e3eb53188c8d258342d47d133bb

Score

7^/10

android evasion ransomware

Static task

static1

Behavioral task

behavioral1

Sample

3bcb478ac6a871408a53f37c622c1a3a40c4ea4b38062b3f7620011fe9580bdd.apk

Resource

android-x86-arm-20220621-en

evasion ransomware

android_x86

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

3bcb478ac6a871408a53f37c622c1a3a40c4ea4b38062b3f7620011fe9580bdd.apk

Resource

android-x64-20220621-en

android_x64

0 signatures

0 seconds

Behavioral task

behavioral3

Sample

3bcb478ac6a871408a53f37c622c1a3a40c4ea4b38062b3f7620011fe9580bdd.apk

Resource

android-x64-arm64-20220621-en

android_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  3bcb478ac6a871408a53f37c622c1a3a40c4ea4b38062b3f7620011fe9580bdd
- Size
  
  431KB
- MD5
  
  ac37ca7fe38e640260a98eb7418f69f0
- SHA1
  
  d8412c4008cc72533ec96e982c4fa2dd445f36a8
- SHA256
  
  3bcb478ac6a871408a53f37c622c1a3a40c4ea4b38062b3f7620011fe9580bdd
- SHA512
  
  f0b1b0c71da08c0175ecd09464e442921f5a92e48d548b03a8e605925533a63181a24ecdfa399797f526965ad8b164555ccd0e3eb53188c8d258342d47d133bb
Score

7^/10

evasion ransomware
- Acquires the wake lock.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads information about phone network operator.
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

evasionransomware

behavioral2

behavioral3

© 2018-2024

Terms | Privacy