Overview

overview

7

Static

static

7

171b3db115...41.apk

android-9-x86

1

171b3db115...41.apk

android-10-x64

7

171b3db115...41.apk

android-11-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    171b3db11544f064404ec493c243d91e9f0835f3c5bd8e37a8bafc842ba61341

  • Size

    865KB

  • Sample

    221127-ffcv9aec8y

  • MD5

    062ae02cd2c2d6204c75e1c4cd13221e

  • SHA1

    025be407147dd44aa85d1c1be30220ec2cf130e6

  • SHA256

    171b3db11544f064404ec493c243d91e9f0835f3c5bd8e37a8bafc842ba61341

  • SHA512

    4445434e0a58b769277e996be535d0fbfbcd453f84f503f875c7c0cd5edce7a88ea85a7d4ff769d211147cb259b4d0b9d39023d6dc4c0dc9543e32e1c46ca532

  • SSDEEP

    24576:4UuckfQo5RmT3AK1J/bYR6S8/uC4k9P8cTd91:79kfQonmcKXbS8/u49PV

Score
7/10
androidransomware

Malware Config

Targets

    • Target

      171b3db11544f064404ec493c243d91e9f0835f3c5bd8e37a8bafc842ba61341

    • Size

      865KB

    • MD5

      062ae02cd2c2d6204c75e1c4cd13221e

    • SHA1

      025be407147dd44aa85d1c1be30220ec2cf130e6

    • SHA256

      171b3db11544f064404ec493c243d91e9f0835f3c5bd8e37a8bafc842ba61341

    • SHA512

      4445434e0a58b769277e996be535d0fbfbcd453f84f503f875c7c0cd5edce7a88ea85a7d4ff769d211147cb259b4d0b9d39023d6dc4c0dc9543e32e1c46ca532

    • SSDEEP

      24576:4UuckfQo5RmT3AK1J/bYR6S8/uC4k9P8cTd91:79kfQonmcKXbS8/u49PV

    Score
    7/10
    ransomware

    • Acquires the wake lock.

    • Checks Android system properties for emulator presence.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Reads information about phone network operator.

    • Uses Crypto APIs (Might try to encrypt user data).

      ransomware
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks