Overview

overview

7

Static

static

7

41fd544d39...f3.apk

android-9-x86

7

41fd544d39...f3.apk

android-10-x64

7

41fd544d39...f3.apk

android-11-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    41fd544d39bfd535aa2b0093cdd349fa34da6b55e93d25065b4b9a713eb86df3

  • Size

    754KB

  • Sample

    221126-yxqsjsee7w

  • MD5

    59fdbaeb9b1536369ffb78e4aa7ca167

  • SHA1

    98f1e0347c92b1085a5d26a447e76b9ce695840d

  • SHA256

    41fd544d39bfd535aa2b0093cdd349fa34da6b55e93d25065b4b9a713eb86df3

  • SHA512

    841346ac999b2acd9f31d33b5ad1352e01147f0994d81f2e7b99c0f3eea8a44a3b21bbc932e03ab8bf547f88c6b23318a16ec0ef17ad92c98ece6128a0556d27

  • SSDEEP

    12288:ONn3NxAWJ89o5DokqW0yTwp6VwChXh4zJ8hbgSo4PyGN4GT:ON3jAw89yckqWjTpOJ8uC4o

Score
7/10
androidevasionransomware

Malware Config

Targets

    • Target

      41fd544d39bfd535aa2b0093cdd349fa34da6b55e93d25065b4b9a713eb86df3

    • Size

      754KB

    • MD5

      59fdbaeb9b1536369ffb78e4aa7ca167

    • SHA1

      98f1e0347c92b1085a5d26a447e76b9ce695840d

    • SHA256

      41fd544d39bfd535aa2b0093cdd349fa34da6b55e93d25065b4b9a713eb86df3

    • SHA512

      841346ac999b2acd9f31d33b5ad1352e01147f0994d81f2e7b99c0f3eea8a44a3b21bbc932e03ab8bf547f88c6b23318a16ec0ef17ad92c98ece6128a0556d27

    • SSDEEP

      12288:ONn3NxAWJ89o5DokqW0yTwp6VwChXh4zJ8hbgSo4PyGN4GT:ON3jAw89yckqWjTpOJ8uC4o

    Score
    7/10
    evasionransomware

    • Acquires the wake lock.

    • Checks Android system properties for emulator presence.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Reads information about phone network operator.

    • Removes a system notification.

      evasion

    • Uses Crypto APIs (Might try to encrypt user data).

      ransomware
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks