Overview

overview

8

Static

static

7

40e529b6a5...ea.apk

android-9-x86

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    40e529b6a564e16d419f4b3d53039ffd89f791156d614fae52cbbe16470fa6ea

  • Size

    15.3MB

  • Sample

    221127-jjarvaad93

  • MD5

    ca76d062e31fc0de0f75283b46f65834

  • SHA1

    0084fbc22f2c2c795650bd82dbc842ba15263c5a

  • SHA256

    40e529b6a564e16d419f4b3d53039ffd89f791156d614fae52cbbe16470fa6ea

  • SHA512

    96d244dad4663ebfbde4b1ed7757040110580afb51460965714040f0078a03213dd50244ea29aed55a51d07219244e72adc95105427528d4ee81efc21b645c0d

  • SSDEEP

    393216:a7EOFUCexOle2GQsfM3xLBRSpgLgW7HdSvdt0GGDQVD:a3FUtxEGPfCLB8pgEWUdt0Rq

Score
8/10
androidbankerevasionransomware

Malware Config

Targets

    • Target

      40e529b6a564e16d419f4b3d53039ffd89f791156d614fae52cbbe16470fa6ea

    • Size

      15.3MB

    • MD5

      ca76d062e31fc0de0f75283b46f65834

    • SHA1

      0084fbc22f2c2c795650bd82dbc842ba15263c5a

    • SHA256

      40e529b6a564e16d419f4b3d53039ffd89f791156d614fae52cbbe16470fa6ea

    • SHA512

      96d244dad4663ebfbde4b1ed7757040110580afb51460965714040f0078a03213dd50244ea29aed55a51d07219244e72adc95105427528d4ee81efc21b645c0d

    • SSDEEP

      393216:a7EOFUCexOle2GQsfM3xLBRSpgLgW7HdSvdt0GGDQVD:a3FUtxEGPfCLB8pgEWUdt0Rq

    Score
    8/10
    bankerevasionransomware

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).

      banker

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Acquires the wake lock.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

    • Removes a system notification.

      evasion

    • Uses Crypto APIs (Might try to encrypt user data).

      ransomware
    behavioral1

MITRE ATT&CK Matrix

Tasks