General
-
Target
b6249fa996cb4046bdab37bab5e3b4d43c79ea537f119040c3b3e138149897fd.apk
-
Size
11.5MB
-
Sample
230606-qk2ehsec9z
-
MD5
7e061e87f9a4c27bfb69980980270720
-
SHA1
34d37927b35f422e7c28055ea989ef6524a668ef
-
SHA256
b6249fa996cb4046bdab37bab5e3b4d43c79ea537f119040c3b3e138149897fd
-
SHA512
aa7fc96da1040e1c97c522bc23e2a84c7684813185289cde4ff57937b11b7866ad5ea5a87df19fe7dbd090b18efb1540146380f4e91fd2104e0cf15e0e5545fd
-
SSDEEP
196608:HNQ+EyaHv2Dl1bQ6x49K6MoJzMHWjfd/7LbDRtUlCv1phj2oIK1Dfo:H4DHv2vme04HafVLDRKlCv1phj2FK1ro
Malware Config
Extracted
godfather
https://t.me/rosesoldiermans
Targets
-
-
Target
b6249fa996cb4046bdab37bab5e3b4d43c79ea537f119040c3b3e138149897fd.apk
-
Size
11.5MB
-
MD5
7e061e87f9a4c27bfb69980980270720
-
SHA1
34d37927b35f422e7c28055ea989ef6524a668ef
-
SHA256
b6249fa996cb4046bdab37bab5e3b4d43c79ea537f119040c3b3e138149897fd
-
SHA512
aa7fc96da1040e1c97c522bc23e2a84c7684813185289cde4ff57937b11b7866ad5ea5a87df19fe7dbd090b18efb1540146380f4e91fd2104e0cf15e0e5545fd
-
SSDEEP
196608:HNQ+EyaHv2Dl1bQ6x49K6MoJzMHWjfd/7LbDRtUlCv1phj2oIK1Dfo:H4DHv2vme04HafVLDRKlCv1phj2FK1ro
Score9/10-
Renames multiple (74) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Makes use of the framework's Accessibility service.
-
Acquires the wake lock.
-
Reads information about phone network operator.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-
Removes a system notification.
-