Overview

overview

9

Static

static

1

app2622982...u].apk

android-9-x86

9

app2622982...u].apk

android-10-x64

7

Resubmissions

06/06/2023, 14:59

230606-sczl3aeb74 9

06/06/2023, 14:58

230606-sb9qmseb69 1

06/06/2023, 14:51

230606-r8jp2seg3x 1

Sharing

Copy URL Twitter E-mail

General

  • Target

    app2622982-t8b3cp [MConverter.eu].jar

  • Size

    19.5MB

  • Sample

    230606-sczl3aeb74

  • MD5

    08d853b5745b6bedc13e41a6e5de97bb

  • SHA1

    f68107c5b7d44ce02a2d3fc9db30b10367fb10c1

  • SHA256

    9d07c4e94a41fc15dc9dcada96e5c6e5d872446aa91158959801f3934da6e2d9

  • SHA512

    312efef590e13980f462c6b9d491e67288b7f28a50b3983b49851f73a8f0e433db7c7ca32bde9f64ba49f0215feda5b34bf211915db49664a3ba7d5c3c711157

  • SSDEEP

    393216:bUaXTC6z3PFXCkR+lNTNKXOHFx2C9uCISKP32N8+YH:bUmW6z3tXCH7NAOHFxl/KPMpG

Score
9/10
androidevasionransomware

Malware Config

Targets

    • Target

      app2622982-t8b3cp [MConverter.eu].jar

    • Size

      19.5MB

    • MD5

      08d853b5745b6bedc13e41a6e5de97bb

    • SHA1

      f68107c5b7d44ce02a2d3fc9db30b10367fb10c1

    • SHA256

      9d07c4e94a41fc15dc9dcada96e5c6e5d872446aa91158959801f3934da6e2d9

    • SHA512

      312efef590e13980f462c6b9d491e67288b7f28a50b3983b49851f73a8f0e433db7c7ca32bde9f64ba49f0215feda5b34bf211915db49664a3ba7d5c3c711157

    • SSDEEP

      393216:bUaXTC6z3PFXCkR+lNTNKXOHFx2C9uCISKP32N8+YH:bUmW6z3tXCH7NAOHFxl/KPMpG

    Score
    9/10
    evasionransomware

    • Renames multiple (90) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Legitimate hosting services abused for malware hosting/C2

    • Removes a system notification.

      evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks