50e389dac5e66e3ccdea412288115ced667b07cdedc9f2e6d8ba8203091d1b7b | Triage

Submit
Reports

Overview

overview

7

Static

static

cb0f7dcdfadf4d9.apk

android-9-x86

7

Sharing

Copy URL Twitter E-mail

General

Target

cb0f7dcdfadf4d9.apk
Size

9.6MB
Sample

221206-pc573aba6y
MD5

95e23c1f49c58a73351434de10b81f36
SHA1

f42283e26054a1d2ffcf61495e431889ddf11295
SHA256

50e389dac5e66e3ccdea412288115ced667b07cdedc9f2e6d8ba8203091d1b7b
SHA512

e59e1ba0538e85b3b0f425bc477bf06f00353d45a2408040b78f9d846116c011fbf3035c53b6775465a9fe4297cb0c6b32314d203c19315d396e36d542804657
SSDEEP

196608:2eSu/WALr3vVU7N2B/QWqEj4iR3HKzLoyGG0BOA6aIzHPbmYdCtMC2u48P9ts:lSKP327N2BoWTFHKzQFBI7bmUEPZ48PQ

Score

7^/10

android evasion ransomware

Static task

static1

Behavioral task

behavioral1

Sample

cb0f7dcdfadf4d9.apk

Resource

android-x86-arm-20220823-en

evasion ransomware

android-9-x86

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  cb0f7dcdfadf4d9.apk
- Size
  
  9.6MB
- MD5
  
  95e23c1f49c58a73351434de10b81f36
- SHA1
  
  f42283e26054a1d2ffcf61495e431889ddf11295
- SHA256
  
  50e389dac5e66e3ccdea412288115ced667b07cdedc9f2e6d8ba8203091d1b7b
- SHA512
  
  e59e1ba0538e85b3b0f425bc477bf06f00353d45a2408040b78f9d846116c011fbf3035c53b6775465a9fe4297cb0c6b32314d203c19315d396e36d542804657
- SSDEEP
  
  196608:2eSu/WALr3vVU7N2B/QWqEj4iR3HKzLoyGG0BOA6aIzHPbmYdCtMC2u48P9ts:lSKP327N2BoWTFHKzQFBI7bmUEPZ48PQ
Score

7^/10

evasion ransomware
- Checks Android system properties for emulator presence.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Reads information about phone network operator.
- Removes a system notification.
  evasion
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

evasionransomware

© 2018-2025

Terms | Privacy