General
-
Target
Piano Tiles 2_By HugoxGaming.apk
-
Size
55.8MB
-
Sample
230529-eyebcshh9w
-
MD5
abc18319eb2aac03f98de7e7eff0ba4e
-
SHA1
f8ddde4f33f0a6eb7146f70273dc5a0c29574b6a
-
SHA256
7350e4610fd476ec7d36aa495e46e9c20a036d8592339649918711a70b987c04
-
SHA512
f7c9e864e64aba1002d3f8b297e3ff81bce347e45c25436ff45dc728596d0896a580a675f10491e62c464d3afff43ccd230afb913b81b6758ec09e7b36bcaaf6
-
SSDEEP
1572864:6SiPiLXcBbp3tPtZBn4BEzUPRHsebb3EmOhrz:6S0lNtZSE4JsYImOhn
Malware Config
Targets
-
-
Target
Piano Tiles 2_By HugoxGaming.apk
-
Size
55.8MB
-
MD5
abc18319eb2aac03f98de7e7eff0ba4e
-
SHA1
f8ddde4f33f0a6eb7146f70273dc5a0c29574b6a
-
SHA256
7350e4610fd476ec7d36aa495e46e9c20a036d8592339649918711a70b987c04
-
SHA512
f7c9e864e64aba1002d3f8b297e3ff81bce347e45c25436ff45dc728596d0896a580a675f10491e62c464d3afff43ccd230afb913b81b6758ec09e7b36bcaaf6
-
SSDEEP
1572864:6SiPiLXcBbp3tPtZBn4BEzUPRHsebb3EmOhrz:6S0lNtZSE4JsYImOhn
Score9/10-
Renames multiple (160) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Reads information about phone network operator.
-
Removes a system notification.
-
Uses Crypto APIs (Might try to encrypt user data).
-
-
-
Target
1.plist
-
Size
16KB
-
MD5
ac99ac64ddf939964f5b5c232f727183
-
SHA1
29ea2e1de817ab2f9272d3dec20934681ccd525e
-
SHA256
928e61694435e74bc3792cc0625a42afd53aebac14bdf98e60a1b85d5d6e4e07
-
SHA512
fe9970f31af8b9cb2797bfda78271bee6361ca8aea17f90c92510d6562d8f4f035bbd0cddf5e037a3b6fc31e01245724d2ca119e0201958eab5cb238a0639f04
-
SSDEEP
96:mysiAiMWtbX0e/eZwSEqP9rzC2Q5OMtTZQwFI+l59iYAim9NWpwtkmDec:zsBuz5Oe9DtsDZ
Score1/10 -
-
-
Target
Plist_resource.plist
-
Size
9KB
-
MD5
65cef279873d1e07f2aeda7810be1c08
-
SHA1
e18e00baff2a34eed24c000204b50ce90f9c881a
-
SHA256
e6b324bbbcf9e80e8cdaaeb3100e1e4f51856ee4a589a3844d699333ba4f6502
-
SHA512
1ca94843920ded31990c6acbc0e34dfe14ca6aa4f4d6131316773c3ca9689e1c536fa0c3c87b71b5c32f8ade2df5731e2654dbccdce4b37dd8ac2f47946f23e4
-
SSDEEP
96:mysb02ehxV8VPZDptiSI4M15xIjwPC4PWwgwsfrQp:zsheTmfjMVZR
Score1/10 -
-
-
Target
Plist_share.plist
-
Size
6KB
-
MD5
ac26f88055a29abc1d7743484fce8620
-
SHA1
be3dfeb521a24ab06820c994221b9ba6d5166aeb
-
SHA256
28b435f30e834abefaa896db7a4c7567c68f289a14ab59aa1e91d402fe06a464
-
SHA512
168a003f92d72b9ae8521a8b9a21a239f68ab20dc8271fcaf6039fc8d7dd2306bee89f0ef8192f7e67be0e5069e116485af2a454e4f017be0334669394d747e6
-
SSDEEP
24:2dnysvVeinvFREvcMUISSqzznNREvcMUISTzLXin7qREvcMUISUzbnhVnvuREvcr:cnys4wHB8MS3outZqH8a17BbxS0j
Score1/10 -
-
-
Target
Plist_share2.plist
-
Size
8KB
-
MD5
5c21ead19df2b7f8a73342bef01c26a0
-
SHA1
436d24cf43470f220b0c2b793c1e0381569aa81b
-
SHA256
e1b4d3773f133f5daa8bb4a918684c07f55adef2b3904b5de7b8cec0f69f47fc
-
SHA512
b8071ce2ecf52887385ed44c140d364fe2452ccfc7de8537d6686ae32316e67f4907a6c05969ec4ebf9ef3e94335ef32df80e4fa0aa619b1e9150df2ab25b107
-
SSDEEP
48:cnys8N/C63d+v4RkKSNkr6RPEbuf1ePjf0jxSn/:mys8N/CKd04KKSaWReKcPL0de/
Score1/10 -
-
-
Target
Plist_shop.plist
-
Size
15KB
-
MD5
e6e1be8ef3968a0330e0f2f3944f1ae9
-
SHA1
87a0513132a41148bdd8f5cfa9b59b9c56edd829
-
SHA256
46a75bbe82053a03f1941247cef054607533c477fde81d9dd32b5a9ded496348
-
SHA512
2cd19f2d1cbac7c535bb86201188595ba4a335ea6a26530b362b5e1475f2289a10802c839a4e933d561deb3da6ea4ca909ea553dfb6b64d7f342b551302e3617
-
SSDEEP
96:mysVJPAkR6j1myL87sx1WYkmV7kR2iwlxRNCJTyh:zsv4r
Score1/10 -
-
-
Target
Plist_social.plist
-
Size
11KB
-
MD5
ec41d3c869fe0b9b256c1f3b6912e0f1
-
SHA1
6badd7a06fb1bb6dcec99a4cfc9d08299e387697
-
SHA256
7000f7cd762b34d0e63f6ce48887e5d5f7bd8c66901bd8dace56ea5f7fd0e1c7
-
SHA512
e3a72aab7b2a5812bd4003865efb92d806594d896d5acc9f2d27923f80d1e5d16cd5a40211468ea113b461e87ba6b0493e612b96909ef45f4dea6320af92e2f7
-
SSDEEP
96:myspAL0o21G9sE8Ugbo8+JGsMrHouMA2gdE3r:zsk2LhbdYr
Score1/10 -
-
-
Target
new9.plist
-
Size
6KB
-
MD5
7a0c188c82a110d086728d7cb97240db
-
SHA1
bed6e37ebf81e6de0964dd714e41e9484789fb00
-
SHA256
fcbe6ec0f66912fd9522e6b19b20ef6fa62e73127a570e3b90c16acec0510f2a
-
SHA512
5b18713f09191bf640ba5de65fe00690c9b1421542d1601da23d76a761d363e891b3a648bc0adcf748ccfd85c6ffafbdaa8e2ad160385e265077474a376ff00b
-
SSDEEP
96:9ysHY3fafIcIrLf8BfOzgF3jbYyUAvWcUXlQccqmYqVdnGrq5ShRvw2if8rKwj:Is43iAcI/0BGz03nN9UV+GrIevw2iFwj
Score1/10 -
-
-
Target
particle_coin.plist
-
Size
2KB
-
MD5
c233b42ae099a0c86d2dbfdd1c24ce95
-
SHA1
3e4f8f9e1d1974b48a1a353505066e1eef6a95e9
-
SHA256
3689b7a245cc6a00b3ef17417a281ddb6941464438cad41c2454d28365d6f3d1
-
SHA512
0213c9ad7300a497761b61c84e56fd11b1e4306c8ef06ade55b0a08881bc9388a9a7afc581f0137140c7eb12f92d64d98fc4572b39fd7629d61e68794ccf8691
Score1/10 -
-
-
Target
particle_dialog_selection_despacito_002.plist
-
Size
3KB
-
MD5
34a5eff1102297b9e11c43bf51c12d0c
-
SHA1
16025277f3328006182db3933748d761fef40202
-
SHA256
ca07c396340c1a6e465ddcc68db19a4a094f84877f35eb0158a921d0b1d12da4
-
SHA512
195e0d24d57a1f5a556ce7ed2bde1e834978a9f55d80fae607ff63cd033562d1ba708b5bf92b9196e65b104e2b493de716c072a123f4dee707c31c01130c9147
Score1/10 -
-
-
Target
particle_levelup.plist
-
Size
2KB
-
MD5
8a5364e7c0d41165e527faafefd6c04f
-
SHA1
2a0d02f90efc56f61b8a70bcb35f34448d64b2a8
-
SHA256
61fa19e53f9a01d9010488ca793f40e0560abe8bb6c44f14673bfbe44ff3fafc
-
SHA512
2875569875229a5194e54d4e1dec16a134f18ba86d2a266e06db6d2711b7486503607eb2150daa362642fc8c57c1b750adb03b58550ba5ae0580aba37778215a
Score1/10 -
-
-
Target
particle_levelupblue_r.plist
-
Size
2KB
-
MD5
ae059405b9298ec50392be10064cc2a1
-
SHA1
abfdde48f2d48a0f1f053dab13bb9d8f12bea3df
-
SHA256
d207cb50deac6c6f3aceca1a1bde4315bf6756a58e3b21b088df6e6984ed1337
-
SHA512
eb27728b85a663d8f5c7a348f0dec44f3e086ef123b49b795c20c1434051260956424fd3a1fd8c9cfe437dbb366ce484889dd902e401603d814b6838571b84df
Score1/10 -
-
-
Target
particle_levelupfinally.plist
-
Size
2KB
-
MD5
4f643acbdba37cb1c70b97906b05b4e3
-
SHA1
a683f1ed88b45a5650869fb6116d4f4a9200d830
-
SHA256
1bb0810967a64e18fe5e3f292346c756c1d58aede52f163ca2e62bf0dc0883a7
-
SHA512
b057df1acd46c33f3085aacfdc0f8276ee952ef131e27bc33bac6964e4b3f0f0fc56d6b60e35ce412ce1bec93a6af984d3a2ef4fea06bf0bcef8a130de5b6602
Score1/10 -
-
-
Target
particle_levelupgreen_l.plist
-
Size
2KB
-
MD5
62d3a21e4aeaba5d3fcccfbf19aae0c9
-
SHA1
ea8b9dbbe3c562a37f92a12dff9121f6ee3ec745
-
SHA256
cf0d61fdda4a239af23eec0509e44999a822cc261a2b8b351a978ddb7c04e06e
-
SHA512
3939ce8c277fba52b7dee667fca448e4d63d099392ebac159301e71810cc1d4834b6337aa9fea99d0b34431061c28825fd6198cafbd664257a4520fb6d6c8829
Score1/10 -
-
-
Target
particle_yellow_r.plist
-
Size
2KB
-
MD5
f260576382e8b26b12e88959855f4bd3
-
SHA1
8ea0a69a378b713cb8a9696912e2d7ffff02c2ae
-
SHA256
33e67859d484ff1e960d147158861488be0c7c0c08e7078d97844ee539a51027
-
SHA512
d587f6d5de89dc67ecc913b74472dfa2de8fc9a90fb0dcd3c733c94d0b96d404e4b7df6c2f1e228e8e4dd093d5f8516a4754760ca23b58662287e0a91134e7b3
Score1/10 -
-
-
Target
snow1_1.plist
-
Size
2KB
-
MD5
fb8a6d70b3ebe583cac69f906c6815c0
-
SHA1
e55aeb8c1cad0a3b2d240d28adc9daacd0ce94d2
-
SHA256
319199d84eafb92c44ecc7054a5968e0186d4d44d9c3502de79fbf77bc858f38
-
SHA512
63b187140cbdab2634e0ee7265c7fb02a2fa1287cfe2039b948a01557633d7f972b1e6098715473e5de7e2401cf2f78d310123dceccd069e9846101517bb35c5
Score1/10 -
-
-
Target
snow_big_xmas.plist
-
Size
2KB
-
MD5
1b4ef20872ba8944ceaec50678cb5460
-
SHA1
2a583f82df7da1f63133bdc4c86a65f9153d3149
-
SHA256
c04710afeb378c4432627dbf3b56675b862439535e146d2f13ba51a7a36c0dab
-
SHA512
9b67b0fe6898f01fb29d1791bcc781daeae20e27a8d23f9cbaf61e22d5eb5a6044626de48dba7350144f244f8453f47b5449b599bef4206df71f21f119629e76
Score1/10 -