Overview

overview

10

Static

static

10

039fc34ace...b7.apk

android-9-x86

7

039fc34ace...b7.apk

android-10-x64

6

039fc34ace...b7.apk

android-11-x64

7

Resubmissions

27-10-2022 16:01

221027-tgqemacff8 10

21-10-2022 10:53

221021-myzlasgda4 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    039fc34ace1012eff687f864369540b9085b167f0d66023f3b94f280a7fdf8b7.apk

  • Size

    1.3MB

  • Sample

    221027-tgqemacff8

  • MD5

    34be434996b9bc19112f875f0a3711d2

  • SHA1

    ad451e4fc750c83a58fe8f7234f1766ad315a565

  • SHA256

    039fc34ace1012eff687f864369540b9085b167f0d66023f3b94f280a7fdf8b7

  • SHA512

    28d6385703c1591853de9bdf7724594ba0187aeb40accf150b877a2785e915c7dd7ef8720f9cc8f0e33793b6c2b6d88845f3f7fb818e8575cf9daf259723dfd2

  • SSDEEP

    24576:RknbtoZcY5eJDj+6DiASSjctlRSEuw/pzIx27hCzGLQLfFK1RnHrmVXyQZ:RknbtoZcY5eFJibtrSEucp97hCzGLQbX

Score
10/10
furballandroidevasionransomware

Malware Config

Extracted

Family

furball

C2

http://www.firmwaresystemupdate.com/mmh

Targets

    • Target

      039fc34ace1012eff687f864369540b9085b167f0d66023f3b94f280a7fdf8b7.apk

    • Size

      1.3MB

    • MD5

      34be434996b9bc19112f875f0a3711d2

    • SHA1

      ad451e4fc750c83a58fe8f7234f1766ad315a565

    • SHA256

      039fc34ace1012eff687f864369540b9085b167f0d66023f3b94f280a7fdf8b7

    • SHA512

      28d6385703c1591853de9bdf7724594ba0187aeb40accf150b877a2785e915c7dd7ef8720f9cc8f0e33793b6c2b6d88845f3f7fb818e8575cf9daf259723dfd2

    • SSDEEP

      24576:RknbtoZcY5eJDj+6DiASSjctlRSEuw/pzIx27hCzGLQLfFK1RnHrmVXyQZ:RknbtoZcY5eFJibtrSEucp97hCzGLQbX

    Score
    7/10
    evasionransomware

    • Acquires the wake lock.

    • Reads information about phone network operator.

    • Removes a system notification.

      evasion

    • Uses Crypto APIs (Might try to encrypt user data).

      ransomware
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks