Overview

overview

10

Static

static

10

63e606cf64...08.apk

android-9-x86

8

63e606cf64...08.apk

android-10-x64

5

63e606cf64...08.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    63e606cf643dea4a7434b391e450537285d221d5fbba4400f6c9172ac7e8c308.apk

  • Size

    3.9MB

  • Sample

    221108-nbspxafcbl

  • MD5

    fb16ce7216ef97e8ac60c73f74d104a5

  • SHA1

    7b4628a1166690fdb008655b4928c6a895a700ae

  • SHA256

    63e606cf643dea4a7434b391e450537285d221d5fbba4400f6c9172ac7e8c308

  • SHA512

    c480b0c19cc3511993bf0a66f5694815d32b59669ea0f79ca49e4ba42f5d31e4c97a58d0010a0f3e9dc5f1f62c6de00c365072ee9229a737d8e1c5df6e6be7d3

  • SSDEEP

    98304:QhJC9HmLBxqZFgot6WcdB1bld6r/yJNzfrPaag:QhJiHmLBA3ZYWild6r6Jq

Score
10/10
sharkbotandroidbankerevasionransomware

Malware Config

Extracted

Family

sharkbot

C2

http://c2hhcmtlzdq3cg9qqkk.info/,http://nddwb2pcstlmsedgzgz.top/

Targets

    • Target

      63e606cf643dea4a7434b391e450537285d221d5fbba4400f6c9172ac7e8c308.apk

    • Size

      3.9MB

    • MD5

      fb16ce7216ef97e8ac60c73f74d104a5

    • SHA1

      7b4628a1166690fdb008655b4928c6a895a700ae

    • SHA256

      63e606cf643dea4a7434b391e450537285d221d5fbba4400f6c9172ac7e8c308

    • SHA512

      c480b0c19cc3511993bf0a66f5694815d32b59669ea0f79ca49e4ba42f5d31e4c97a58d0010a0f3e9dc5f1f62c6de00c365072ee9229a737d8e1c5df6e6be7d3

    • SSDEEP

      98304:QhJC9HmLBxqZFgot6WcdB1bld6r/yJNzfrPaag:QhJiHmLBA3ZYWild6r6Jq

    Score
    8/10
    bankerevasionransomware

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).

      banker

    • Removes a system notification.

      evasion

    • Uses Crypto APIs (Might try to encrypt user data).

      ransomware
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks