sharkbot | bee3fc6b875e49edaa983ef9d38d0bcafe82abca82e684ef4fdca6df0c695c8b | Triage

Resubmissions

08-11-2022 11:36

221108-nqkmvagabm 10

26-08-2022 06:04

220826-gssb5shce5 8

15-11-2021 10:12

211115-l8nfcahha8 7

12-11-2021 16:55

211112-ve7rkaahck 7

12-11-2021 15:17

211112-sn192adfg8 7

Sharing

General

Target

BEE3FC6B875E49EDAA983EF9D38D0BCAFE82ABCA82E684EF4FDCA6DF0C695C8B.apk
Size

4.2MB
Sample

221108-nqkmvagabm
MD5

9b7de37409f92e43d800c81a192fddee
SHA1

2ba54a6fa514ef38b12358ba5a06b55522faf020
SHA256

bee3fc6b875e49edaa983ef9d38d0bcafe82abca82e684ef4fdca6df0c695c8b
SHA512

91e4b360bc32441a96ebfba986613fb3cb82ea9adcbfb6b7cd29ca02d72b1081a1773f2b1ab15c11ce6654e9b56d78196e832e92d231124583dd51508aec9cd4
SSDEEP

98304:xMlvNargDRH/zaJn4VrsIz4NyEEl6y+y1fzfrrVO:6NargN/zaJ4Vruw5t1A

Score

10^/10

sharkbot android banker evasion ransomware

Malware Config

Extracted

Family

sharkbot

C2

http://sharkedtest1.xyz/

Targets

- Target
  
  BEE3FC6B875E49EDAA983EF9D38D0BCAFE82ABCA82E684EF4FDCA6DF0C695C8B.apk
- Size
  
  4.2MB
- MD5
  
  9b7de37409f92e43d800c81a192fddee
- SHA1
  
  2ba54a6fa514ef38b12358ba5a06b55522faf020
- SHA256
  
  bee3fc6b875e49edaa983ef9d38d0bcafe82abca82e684ef4fdca6df0c695c8b
- SHA512
  
  91e4b360bc32441a96ebfba986613fb3cb82ea9adcbfb6b7cd29ca02d72b1081a1773f2b1ab15c11ce6654e9b56d78196e832e92d231124583dd51508aec9cd4
- SSDEEP
  
  98304:xMlvNargDRH/zaJn4VrsIz4NyEEl6y+y1fzfrrVO:6NargN/zaJ4Vruw5t1A
Score

8^/10

banker evasion ransomware
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
  banker
- Removes a system notification.
  evasion
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bankerevasionransomware

behavioral2

behavioral3