166b1783ecbf6800601fe08e405f5cd98f0ab4c6f49b2a898fcac96505dbc6f3 | Triage

Submit
Reports

Overview

overview

8

Static

static

7

166b1783ec...f3.apk

android-9-x86

8

Sharing

General

Target

166b1783ecbf6800601fe08e405f5cd98f0ab4c6f49b2a898fcac96505dbc6f3
Size

515KB
Sample

221128-krqnpsfb7w
MD5

48a8ba3f68d988a8e8834f9ed5105946
SHA1

9514743aff537c7962404f4297a25d2294c42432
SHA256

166b1783ecbf6800601fe08e405f5cd98f0ab4c6f49b2a898fcac96505dbc6f3
SHA512

276bc7758f007c16cef87aefb3bcae23c6e37173e55a3fc083a646c06e2bd91c36a46667bbdab3779a0218bc76089e365f6939637775e9c7fcc6a8511268564d
SSDEEP

12288:gSODU9byvAVZRra1RnavCINVyrnFCjfZ7bsy3LVociA83coEQC:zODebWmynaaINVyLc7Z7Ay3LVwOQC

Score

8^/10

android evasion infostealer ransomware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

166b1783ecbf6800601fe08e405f5cd98f0ab4c6f49b2a898fcac96505dbc6f3.apk

Resource

android-x86-arm-20220823-en

evasion infostealer ransomware

android-9-x86

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  166b1783ecbf6800601fe08e405f5cd98f0ab4c6f49b2a898fcac96505dbc6f3
- Size
  
  515KB
- MD5
  
  48a8ba3f68d988a8e8834f9ed5105946
- SHA1
  
  9514743aff537c7962404f4297a25d2294c42432
- SHA256
  
  166b1783ecbf6800601fe08e405f5cd98f0ab4c6f49b2a898fcac96505dbc6f3
- SHA512
  
  276bc7758f007c16cef87aefb3bcae23c6e37173e55a3fc083a646c06e2bd91c36a46667bbdab3779a0218bc76089e365f6939637775e9c7fcc6a8511268564d
- SSDEEP
  
  12288:gSODU9byvAVZRra1RnavCINVyrnFCjfZ7bsy3LVociA83coEQC:zODebWmynaaINVyLc7Z7Ay3LVwOQC
Score

8^/10

evasion infostealer ransomware
- Requests cell location
  Uses Android APIs to to get current cell location.
- Reads the content of SMS inbox messages.
  infostealer
- Reads information about phone network operator.
- Removes a system notification.
  evasion
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

evasioninfostealerransomware

© 2018-2024

Terms | Privacy