furball | 290d70472f4b00a1cf01f5c1311aacffaa39057bb1c826c99419999ccef7ae53 | Triage

Submit
Reports

Overview

overview

Static

static

290d70472f...53.apk

android-9-x86

7

290d70472f...53.apk

android-10-x64

6

290d70472f...53.apk

android-11-x64

7

Resubmissions

27/10/2022, 16:01 UTC

221027-tgl27scff7 10

21/10/2022, 10:54 UTC

221021-mzjapsgegm 7

Sharing

General

Target

290d70472f4b00a1cf01f5c1311aacffaa39057bb1c826c99419999ccef7ae53.apk
Size

1.7MB
Sample

221027-tgl27scff7
MD5

c4951ce5e946596e0356979341e6f240
SHA1

530e602b959009f80b5161aeb0eaec7c75dfd826
SHA256

290d70472f4b00a1cf01f5c1311aacffaa39057bb1c826c99419999ccef7ae53
SHA512

dd4a04c5875319432b60a5f8ee5054503b68cacb72966f1dedb71af6a41dfcc8c2ebff54a865d08a043bba46989f05239bbcb77f59419e2552e227ef415c6f48
SSDEEP

24576:Y/sKffJ6jKuJjE62OdFTeLNFVMV40UfVkaVBRm1LMX9xfZvYQaFe:FKffJmKojE6DwNFC4PdkKmGXdae

Score

10^/10

furball android ransomware

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

290d70472f4b00a1cf01f5c1311aacffaa39057bb1c826c99419999ccef7ae53.apk

Resource

android-x86-arm-20220823-en

android-9-x86

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

290d70472f4b00a1cf01f5c1311aacffaa39057bb1c826c99419999ccef7ae53.apk

Resource

android-x64-20220823-en

android-10-x64

2 signatures

150 seconds

Behavioral task

behavioral3

Sample

290d70472f4b00a1cf01f5c1311aacffaa39057bb1c826c99419999ccef7ae53.apk

Resource

android-x64-arm64-20220823-en

android-11-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

furball

C2

http://www.firmwaresystemupdate.com/mmh

Targets

- Target
  
  290d70472f4b00a1cf01f5c1311aacffaa39057bb1c826c99419999ccef7ae53.apk
- Size
  
  1.7MB
- MD5
  
  c4951ce5e946596e0356979341e6f240
- SHA1
  
  530e602b959009f80b5161aeb0eaec7c75dfd826
- SHA256
  
  290d70472f4b00a1cf01f5c1311aacffaa39057bb1c826c99419999ccef7ae53
- SHA512
  
  dd4a04c5875319432b60a5f8ee5054503b68cacb72966f1dedb71af6a41dfcc8c2ebff54a865d08a043bba46989f05239bbcb77f59419e2552e227ef415c6f48
- SSDEEP
  
  24576:Y/sKffJ6jKuJjE62OdFTeLNFVMV40UfVkaVBRm1LMX9xfZvYQaFe:FKffJmKojE6DwNFC4PdkKmGXdae
Score

7^/10

ransomware
- Acquires the wake lock.
- Reads information about phone network operator.
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.