4776f6dcc764dc695a4b06a2a0199fb06a1236dcd7ba042fae8ab8657c8723f4 | Triage

Sharing

General

Target

Tap Translate Screen v1.62 [Modded].apk
Size

41.4MB
Sample

230203-exa8baea8v
MD5

7d4bac1d6f790c1391cd9633dc1920ee
SHA1

4fcb936d9a79a23b9114fccbeba2c82163fca65b
SHA256

4776f6dcc764dc695a4b06a2a0199fb06a1236dcd7ba042fae8ab8657c8723f4
SHA512

718478765461a25d9970037a847c62ece3bc8785a04ea9769dc33a1ea7bb26fe00d7d70d08f1679895c48455b894c1c5144c8ad65052fc23dd63799f0dac85f9
SSDEEP

786432:cKqxHJ73haO8X8JMC5OuRuH1d1Na4WssX6/I7fFqRkmIR7ifHOWU6nbH4LNE:cKqvjA8JMC5OAOTuq0XRhRiU6nboS

Score

7^/10

android evasion ransomware

Malware Config

Targets

- Target
  
  Tap Translate Screen v1.62 [Modded].apk
- Size
  
  41.4MB
- MD5
  
  7d4bac1d6f790c1391cd9633dc1920ee
- SHA1
  
  4fcb936d9a79a23b9114fccbeba2c82163fca65b
- SHA256
  
  4776f6dcc764dc695a4b06a2a0199fb06a1236dcd7ba042fae8ab8657c8723f4
- SHA512
  
  718478765461a25d9970037a847c62ece3bc8785a04ea9769dc33a1ea7bb26fe00d7d70d08f1679895c48455b894c1c5144c8ad65052fc23dd63799f0dac85f9
- SSDEEP
  
  786432:cKqxHJ73haO8X8JMC5OuRuH1d1Na4WssX6/I7fFqRkmIR7ifHOWU6nbH4LNE:cKqvjA8JMC5OAOTuq0XRhRiU6nboS
Score

7^/10

evasion ransomware
- Checks Android system properties for emulator presence.
- Legitimate hosting services abused for malware hosting/C2
- Reads information about phone network operator.
- Removes a system notification.
  evasion
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

evasionransomware