Overview

overview

8

Static

static

7

f31645a1e8...fa.apk

android-9-x86

8

f31645a1e8...fa.apk

android-10-x64

5

f31645a1e8...fa.apk

android-11-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    f31645a1e8f52a4ee7e3b1af776780b02150b22894cc287e6630007d5aeb1afa

  • Size

    498KB

  • Sample

    221102-rmav1scabk

  • MD5

    a9aaf3b367ae1f19149af5eb06c6516f

  • SHA1

    0b051f60d4f3a1f0d2bdd5e5bac035ad6ef71316

  • SHA256

    f31645a1e8f52a4ee7e3b1af776780b02150b22894cc287e6630007d5aeb1afa

  • SHA512

    b0ad084f1894e48c4c17bd26bd2d33e81906ea41e3c3ad5e1e1fbd28ecc74c3b6c9680e1bdad10597ef3e51170cdb41efc0ee3285742863b19a1add1c0102779

  • SSDEEP

    12288:YJx+YCCJbHg3ThvYW/s8Lteg3VX5kGQCnr54+E2jEjdUm1K:AxcC5HgDhgu982t5UirQcEjA

Score
8/10
androidevasioninfostealerransomware

Malware Config

Targets

    • Target

      f31645a1e8f52a4ee7e3b1af776780b02150b22894cc287e6630007d5aeb1afa

    • Size

      498KB

    • MD5

      a9aaf3b367ae1f19149af5eb06c6516f

    • SHA1

      0b051f60d4f3a1f0d2bdd5e5bac035ad6ef71316

    • SHA256

      f31645a1e8f52a4ee7e3b1af776780b02150b22894cc287e6630007d5aeb1afa

    • SHA512

      b0ad084f1894e48c4c17bd26bd2d33e81906ea41e3c3ad5e1e1fbd28ecc74c3b6c9680e1bdad10597ef3e51170cdb41efc0ee3285742863b19a1add1c0102779

    • SSDEEP

      12288:YJx+YCCJbHg3ThvYW/s8Lteg3VX5kGQCnr54+E2jEjdUm1K:AxcC5HgDhgu982t5UirQcEjA

    Score
    8/10
    evasioninfostealerransomware

    • Makes use of the framework's Accessibility service.

    • Acquires the wake lock.

    • Reads the content of SMS inbox messages.

      infostealer

    • Reads the content of outgoing SMS messages.

      infostealer

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion

    • Removes a system notification.

      evasion

    • Uses Crypto APIs (Might try to encrypt user data).

      ransomware
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks