93a8d9d57a816b1c0401660256db8e37d29a92a43cd7d9668f9d05db820aa572 | Triage

Submit
Reports

Overview

overview

8

Static

static

7

93a8d9d57a...72.apk

android-9-x86

8

93a8d9d57a...72.apk

android-11-x64

8

Resubmissions

23-12-2022 07:38

221223-jgc47agb42 8

Sharing

General

Target

93a8d9d57a816b1c0401660256db8e37d29a92a43cd7d9668f9d05db820aa572
Size

5.8MB
Sample

221223-jgc47agb42
MD5

c5d12034694e80115e8e0fb599ae4718
SHA1

ac75884b3a8bd38bd3ffd759fa18a2583e7fe9d2
SHA256

93a8d9d57a816b1c0401660256db8e37d29a92a43cd7d9668f9d05db820aa572
SHA512

9f643a2966f0e21a12be11af1af3e905d73b8496eb09f31e124de0b177cb3bb3bed5339c77744852383bf2e351146420bbb4c7e2216389bb53b87f51a8f48fe4
SSDEEP

98304:+KWd2TBIwrYnhzd1gks9rAkq4JBJJfWemcmHetXbIJhiwG9ZLkzZIdyErazfr9Ca:bJYh7u98ktzTZMetXbcQ9ZoFIdyUkBVv

Score

8^/10

android evasion ransomware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

93a8d9d57a816b1c0401660256db8e37d29a92a43cd7d9668f9d05db820aa572.apk

Resource

android-x86-arm-20220823-en

evasion ransomware

android-9-x86

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

93a8d9d57a816b1c0401660256db8e37d29a92a43cd7d9668f9d05db820aa572.apk

Resource

android-x64-arm64-20220823-en

evasion ransomware

android-11-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  93a8d9d57a816b1c0401660256db8e37d29a92a43cd7d9668f9d05db820aa572
- Size
  
  5.8MB
- MD5
  
  c5d12034694e80115e8e0fb599ae4718
- SHA1
  
  ac75884b3a8bd38bd3ffd759fa18a2583e7fe9d2
- SHA256
  
  93a8d9d57a816b1c0401660256db8e37d29a92a43cd7d9668f9d05db820aa572
- SHA512
  
  9f643a2966f0e21a12be11af1af3e905d73b8496eb09f31e124de0b177cb3bb3bed5339c77744852383bf2e351146420bbb4c7e2216389bb53b87f51a8f48fe4
- SSDEEP
  
  98304:+KWd2TBIwrYnhzd1gks9rAkq4JBJJfWemcmHetXbIJhiwG9ZLkzZIdyErazfr9Ca:bJYh7u98ktzTZMetXbcQ9ZoFIdyUkBVv
Score

8^/10

evasion ransomware
- Makes use of the framework's Accessibility service.
- Acquires the wake lock.
- Requests enabling of the accessibility settings.
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

evasionransomware

behavioral2

evasionransomware

© 2018-2024

Terms | Privacy