blackrock | a25bf4bdb2ed9872456af0057eb21ce31fd03d680d63a9da469519060b4814bc | Triage

Submit
Reports

Overview

overview

Static

static

7

a25bf4bdb2...bc.apk

android-10-x64

a25bf4bdb2...bc.apk

android-11-x64

a25bf4bdb2...bc.apk

android-9-x86

Sharing

General

Target

a25bf4bdb2ed9872456af0057eb21ce31fd03d680d63a9da469519060b4814bc.apk
Size

3.5MB
Sample

221115-sj3x3aac6t
MD5

0d4a272052b87d098271ddfb6f4ea191
SHA1

c1b3db52e0aa1798b9193ea7f1a2c8d7747aeec8
SHA256

a25bf4bdb2ed9872456af0057eb21ce31fd03d680d63a9da469519060b4814bc
SHA512

b891f95ea0aee3b04ffd62714a17e5c9c25491a51934ab0642dfd5c7c8ead2558b3f29a37c0b2a45b45a19113a28cf1b2d47115d8b2a8cf00067d7daa5316deb
SSDEEP

98304:t91OL1lrWdyaMKcPr0clWlAP8r8VMZmARB9exM:t91OJlrWYf3lKAkroARB9exM

Score

10^/10

blackrock android banker infostealer ransomware trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a25bf4bdb2ed9872456af0057eb21ce31fd03d680d63a9da469519060b4814bc.apk

Resource

android-x64-20220823-en

blackrock banker infostealer ransomware trojan

android-10-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

a25bf4bdb2ed9872456af0057eb21ce31fd03d680d63a9da469519060b4814bc.apk

Resource

android-x64-arm64-20220823-en

blackrock banker infostealer ransomware trojan

android-11-x64

8 signatures

150 seconds

Behavioral task

behavioral3

Sample

a25bf4bdb2ed9872456af0057eb21ce31fd03d680d63a9da469519060b4814bc.apk

Resource

android-x86-arm-20220823-en

blackrock banker infostealer ransomware trojan

android-9-x86

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  a25bf4bdb2ed9872456af0057eb21ce31fd03d680d63a9da469519060b4814bc.apk
- Size
  
  3.5MB
- MD5
  
  0d4a272052b87d098271ddfb6f4ea191
- SHA1
  
  c1b3db52e0aa1798b9193ea7f1a2c8d7747aeec8
- SHA256
  
  a25bf4bdb2ed9872456af0057eb21ce31fd03d680d63a9da469519060b4814bc
- SHA512
  
  b891f95ea0aee3b04ffd62714a17e5c9c25491a51934ab0642dfd5c7c8ead2558b3f29a37c0b2a45b45a19113a28cf1b2d47115d8b2a8cf00067d7daa5316deb
- SSDEEP
  
  98304:t91OL1lrWdyaMKcPr0clWlAP8r8VMZmARB9exM:t91OJlrWYf3lKAkroARB9exM
Score

10^/10

blackrock banker infostealer ransomware trojan
- BlackRock
  BlackRock is an android banker based on Xerxes banking Trojan.
  banker trojan infostealer blackrock
- BlackRock payload
- Makes use of the framework's Accessibility service.
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
  banker
- Acquires the wake lock.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Requests enabling of the accessibility settings.
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackrockbankerinfostealerransomwaretrojan

behavioral2

blackrockbankerinfostealerransomwaretrojan

behavioral3

blackrockbankerinfostealerransomwaretrojan

© 2018-2024

Terms | Privacy