godfather | 6e0d01c4c547d235c247a6d0719f2aca2d4996ae78df4b671275914a9e3fd2d3 | Triage

Submit
Reports

Overview

overview

Static

static

MarMuzik.mp3indir.apk

android-9-x86

7

MarMuzik.mp3indir.apk

android-10-x64

5

Sharing

General

Target

MarMuzik.mp3indir.apk
Size

4.4MB
Sample

230516-m7zbwsad75
MD5

dfb59aa18633530f29a7fb27cb156187
SHA1

ed6b9ce8013ca13678a77e1ce53100ddff392c92
SHA256

6e0d01c4c547d235c247a6d0719f2aca2d4996ae78df4b671275914a9e3fd2d3
SHA512

7dbd8ce3559b44ae5c7411036f4a9b70820040ea3b00eed89bd86037feff51172cd3ff5f7030195d286f3b003c44fc5e8bd80810fb8c1353e1699328c248b50d
SSDEEP

98304:k4Y9fsk3NdWLn5JuhaSjYVMvbAukWlpbmdyEdGzfrX4oD:k6cNdWLn5AhBOMvbAtWllmdyQuD

Score

10^/10

godfather android ransomware

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

MarMuzik.mp3indir.apk

Resource

android-x86-arm-20220823-en

android-9-x86

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

MarMuzik.mp3indir.apk

Resource

android-x64-20220823-en

android-10-x64

1 signatures

150 seconds

Malware Config

Extracted

Family

godfather

C2

https://t.me/falerominoterax

Targets

- Target
  
  MarMuzik.mp3indir.apk
- Size
  
  4.4MB
- MD5
  
  dfb59aa18633530f29a7fb27cb156187
- SHA1
  
  ed6b9ce8013ca13678a77e1ce53100ddff392c92
- SHA256
  
  6e0d01c4c547d235c247a6d0719f2aca2d4996ae78df4b671275914a9e3fd2d3
- SHA512
  
  7dbd8ce3559b44ae5c7411036f4a9b70820040ea3b00eed89bd86037feff51172cd3ff5f7030195d286f3b003c44fc5e8bd80810fb8c1353e1699328c248b50d
- SSDEEP
  
  98304:k4Y9fsk3NdWLn5JuhaSjYVMvbAukWlpbmdyEdGzfrX4oD:k6cNdWLn5AhBOMvbAtWllmdyQuD
Score

7^/10

ransomware
- Acquires the wake lock.
- Requests enabling of the accessibility settings.
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy