SARA-2[.]0[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

SARA-2.0.zip
Size

8.9MB
MD5

4db815c1f8c4f7a6058c43ab239df1f6
SHA1

a0b94f49574a7ed40aa419fc6c7c86339d926756
SHA256

ba8ebc203a7c8d1e29c62df26870d5880cb7d42bb01b708f972a5746e63b5a52
SHA512

0638b59c6acf44d6b8e2ffc65298542fa501cc5c5d720754b096aaf7499d09acb7f810b0dd0c9a29fa79fb9606ce93826ecf86a752cf19da8b938ea92e9fea8c
SSDEEP

196608:VkDSnHi7VOmL0CNiYVsP3UhFOF3UhFOJCJr4mMO9CZ6vE0wD+MLL4:V3CErCNiVPwOFwOy4mMO9CZwwDH0

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 6 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Required to be able to access the camera device.	android.permission.CAMERA

Files

SARA-2.0.zip
.zip
SARA-2.0/LICENSE
SARA-2.0/README.md
SARA-2.0/data/v1/ransomware-v1.0
SARA-2.0/data/v1/sara.apk
.apk android

com.termuxhackers.id

com.termuxhackers.id.MainActivity

Activities

com.termuxhackers.id.MainActivity

android.intent.action.MAIN

Permissions

android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.SET_WALLPAPER
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_CONTACTS
android.permission.READ_SMS
android.permission.ACCESS_FINE_LOCATION
android.permission.WAKE_LOCK
android.permission.INTERNET
android.permission.REQUEST_INSTALL_PACKAGE
android.permission.CAMERA

Receivers

com.termuxhackers.id.BootReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

Services
SARA-2.0/data/v2/ransomware-v2.0
SARA-2.0/data/v2/sara.apk
.apk android

com.termuxhackersid

com.termuxhackersid.ui.MainActivity

Activities

com.termuxhackersid.ui.MainActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.QUICKBOOT_POWERON
android.permission.ACCESS_NETWORK_STATE
android.permission.FOREGROUND_SERVICE
android.permission.WAKE_LOCK

Receivers

com.termuxhackersid.receivers.BootCompletedReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
com.htc.intent.action.QUICKBOOT_POWERON

Services
SARA-2.0/install.sh
SARA-2.0/installtermux.sh
.sh linux
SARA-2.0/sara.py
SARA-2.0/src/output.jpg
.jpg
SARA-2.0/src/outputlog.jpg
.jpg
SARA-2.0/src/overview.jpg
.png
SARA-2.0/src/sources.img
SARA-2.0/src/toolview.png
.png
SARA-2.0/src/v1.jpg
.jpg
SARA-2.0/src/v2.jpg
.jpg
SARA-2.0/testkey.jks
SARA-2.0/ubersigner.jar
.jar

Sharing

General

Malware Config

Signatures

Files

com.termuxhackers.id

com.termuxhackers.id.MainActivity

Activities

com.termuxhackers.id.MainActivity

Permissions

Receivers

com.termuxhackers.id.BootReceiver

Services

com.termuxhackersid

com.termuxhackersid.ui.MainActivity

Activities

com.termuxhackersid.ui.MainActivity

Permissions

Receivers

com.termuxhackersid.receivers.BootCompletedReceiver

Services