Overview

overview

10

Static

static

10

4F18228176...EE.apk

android-9-x86

8

4F18228176...EE.apk

android-10-x64

5

4F18228176...EE.apk

android-11-x64

8

Resubmissions

08-11-2022 11:39

221108-nsq8eagbfj 10

26-08-2022 06:04

220826-gst6qshce8 8

18-11-2021 07:55

211118-jr5l7aehg4 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4F1822817690D89943E7E57468AB4366E360772C0ADCE67BF74A7224B3732DEE.apk

  • Size

    4.2MB

  • Sample

    221108-nsq8eagbfj

  • MD5

    beae001d3bbdcf7a05c053e6773f9796

  • SHA1

    126733f5903afb06a47a59600366fec2dcca45db

  • SHA256

    4f1822817690d89943e7e57468ab4366e360772c0adce67bf74a7224b3732dee

  • SHA512

    0885d5887b59e6d151b570647ae40b5dd3504facd65d73d4ba66098ea7d731cabed36593b06297c5f100bd8b87e695528c2deffa9066ae5b6b20862d161e5f46

  • SSDEEP

    98304:RwYcdN9tr46+WcK3Ts22fm95RmOnn6iFPC/yNhzfrPEt:SYeN9tr4Xl+Ts2B58Onn6i46Nw

Score
10/10
sharkbotandroidbankerevasionransomware

Malware Config

Extracted

Family

sharkbot

C2

http://c2hhcmtlzdq3cg9qqkk.info/,http://nddwb2pcstlmsedgzgz.top/

Targets

    • Target

      4F1822817690D89943E7E57468AB4366E360772C0ADCE67BF74A7224B3732DEE.apk

    • Size

      4.2MB

    • MD5

      beae001d3bbdcf7a05c053e6773f9796

    • SHA1

      126733f5903afb06a47a59600366fec2dcca45db

    • SHA256

      4f1822817690d89943e7e57468ab4366e360772c0adce67bf74a7224b3732dee

    • SHA512

      0885d5887b59e6d151b570647ae40b5dd3504facd65d73d4ba66098ea7d731cabed36593b06297c5f100bd8b87e695528c2deffa9066ae5b6b20862d161e5f46

    • SSDEEP

      98304:RwYcdN9tr46+WcK3Ts22fm95RmOnn6iFPC/yNhzfrPEt:SYeN9tr4Xl+Ts2B58Onn6i46Nw

    Score
    8/10
    bankerevasionransomware

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).

      banker

    • Removes a system notification.

      evasion

    • Uses Crypto APIs (Might try to encrypt user data).

      ransomware
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks