783d4313bb355012cc553d19abb8cca7ce97fee68d8c73d257c1094eaff1c523 | Triage

Resubmissions

26-11-2022 15:16

221126-snk8tadb36 7

26-11-2022 15:11

221126-skkg4scg99 7

Sharing

General

Target

YouTube.Vanced.v17.45.34_Dark_Universal.apk
Size

124.4MB
Sample

221126-skkg4scg99
MD5

d13b84a2f7eefc4c053243c5fd1228ea
SHA1

087e2318995e6fc7756a5a72683d4c776946252f
SHA256

783d4313bb355012cc553d19abb8cca7ce97fee68d8c73d257c1094eaff1c523
SHA512

f5a2401df4075c23abda3e28c6a16951e6786b6b15a730ea73cbdba99a5598c0eca30cb2ddbc7fcf90ab4a48930ea8dd8cc07f1831d331923201dcb16a021eba
SSDEEP

3145728:yRwJSPzids5C9pICLTMyg6lR8k19hepao8lUe:yRkSmd3pICLTMc/jhepb8lN

Score

7^/10

android ransomware

Malware Config

Targets

- Target
  
  YouTube.Vanced.v17.45.34_Dark_Universal.apk
- Size
  
  124.4MB
- MD5
  
  d13b84a2f7eefc4c053243c5fd1228ea
- SHA1
  
  087e2318995e6fc7756a5a72683d4c776946252f
- SHA256
  
  783d4313bb355012cc553d19abb8cca7ce97fee68d8c73d257c1094eaff1c523
- SHA512
  
  f5a2401df4075c23abda3e28c6a16951e6786b6b15a730ea73cbdba99a5598c0eca30cb2ddbc7fcf90ab4a48930ea8dd8cc07f1831d331923201dcb16a021eba
- SSDEEP
  
  3145728:yRwJSPzids5C9pICLTMyg6lR8k19hepao8lUe:yRkSmd3pICLTMc/jhepb8lN
Score

7^/10

ransomware
- Acquires the wake lock.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads information about phone network operator.
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2