Overview

overview

8

Static

static

7

8780e34996...3f.apk

android-9-x86

8

8780e34996...3f.apk

android-10-x64

6

8780e34996...3f.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8780e349963c4e30602bc7e349c49157c999f7e044a0c30c1d3e0cbf908d423f

  • Size

    1.6MB

  • Sample

    221123-sra71sca45

  • MD5

    5816131ee36a5d08686c9ab9babc59c1

  • SHA1

    67b42cc66d8562510985ee9c4b3ad7d2447f389a

  • SHA256

    8780e349963c4e30602bc7e349c49157c999f7e044a0c30c1d3e0cbf908d423f

  • SHA512

    a9c951ee874da0c0ebb37a14baa24cb7b743ca6c63c9c12bcb365eada27c2ffe31b8cf9f4b0f8c2cef6fe345a9f6d14713dd0172496ee3365874408836d6697e

  • SSDEEP

    49152:lZqwa/JNrF0jWl/wc3/EP0UIJP/Co8AsH:lcwsNB0KjEPRu3CHJ

Score
8/10
androidbankerevasionransomware

Malware Config

Targets

    • Target

      8780e349963c4e30602bc7e349c49157c999f7e044a0c30c1d3e0cbf908d423f

    • Size

      1.6MB

    • MD5

      5816131ee36a5d08686c9ab9babc59c1

    • SHA1

      67b42cc66d8562510985ee9c4b3ad7d2447f389a

    • SHA256

      8780e349963c4e30602bc7e349c49157c999f7e044a0c30c1d3e0cbf908d423f

    • SHA512

      a9c951ee874da0c0ebb37a14baa24cb7b743ca6c63c9c12bcb365eada27c2ffe31b8cf9f4b0f8c2cef6fe345a9f6d14713dd0172496ee3365874408836d6697e

    • SSDEEP

      49152:lZqwa/JNrF0jWl/wc3/EP0UIJP/Co8AsH:lcwsNB0KjEPRu3CHJ

    Score
    8/10
    bankerevasionransomware

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).

      banker

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Reads information about phone network operator.

    • Removes a system notification.

      evasion

    • Uses Crypto APIs (Might try to encrypt user data).

      ransomware
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks