Overview

overview

9

Static

static

7

Take Chat Message.apk

android-9-x86

9

Take Chat Message.apk

android-10-x64

9

Take Chat Message.apk

android-11-x64

7

1.webp

android-9-x86

1.webp

android-10-x64

1.webp

android-11-x64

10.webp

android-9-x86

10.webp

android-10-x64

10.webp

android-11-x64

10a.webp

android-9-x86

10a.webp

android-10-x64

10a.webp

android-11-x64

10b.webp

android-9-x86

10b.webp

android-10-x64

10b.webp

android-11-x64

11.webp

android-9-x86

11.webp

android-10-x64

11.webp

android-11-x64

11a.webp

android-9-x86

11a.webp

android-10-x64

11a.webp

android-11-x64

11b.webp

android-9-x86

11b.webp

android-10-x64

11b.webp

android-11-x64

12.webp

android-9-x86

12.webp

android-10-x64

12.webp

android-11-x64

12a.webp

android-9-x86

12a.webp

android-10-x64

12a.webp

android-11-x64

12b.webp

android-9-x86

12b.webp

android-10-x64

Resubmissions

10-06-2023 23:35

230610-3k6qfsga68 9

26-02-2022 15:07

220226-shbgesbcb5 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Take Chat Message.apk

  • Size

    27.2MB

  • Sample

    230610-3k6qfsga68

  • MD5

    83f75f295c4756841f0a46e60b088cd1

  • SHA1

    998138ba24fd4d2d20616fba97c5d440abf7ad1f

  • SHA256

    af6bb4d550d911a6ef3b004dd2e245c9f5c4598b64073e524487add5e8b80897

  • SHA512

    cf6591e3024b809d19bf17f40f1ad3dc6fbfc59dc9bf1f542106c11fb00bb5bfcdcff221dce780a28ac03f775ddf872eea454330a8b8dcce277d241e6530454a

  • SSDEEP

    786432:E4rA0EQBtkQPyZKcrWecqjzPNpnIbEAL2ZQTJN:DrA0hbkaizHn2E6n

Score
9/10
androidevasionransomware

Malware Config

Targets

    • Target

      Take Chat Message.apk

    • Size

      27.2MB

    • MD5

      83f75f295c4756841f0a46e60b088cd1

    • SHA1

      998138ba24fd4d2d20616fba97c5d440abf7ad1f

    • SHA256

      af6bb4d550d911a6ef3b004dd2e245c9f5c4598b64073e524487add5e8b80897

    • SHA512

      cf6591e3024b809d19bf17f40f1ad3dc6fbfc59dc9bf1f542106c11fb00bb5bfcdcff221dce780a28ac03f775ddf872eea454330a8b8dcce277d241e6530454a

    • SSDEEP

      786432:E4rA0EQBtkQPyZKcrWecqjzPNpnIbEAL2ZQTJN:DrA0hbkaizHn2E6n

    Score
    9/10
    evasionransomware

    • Renames multiple (52) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Renames multiple (54) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

    behavioral1behavioral2behavioral3

    • Target

      1.webp

    • Size

      7KB

    • MD5

      d70380854723ae331f1f0db7e902bddd

    • SHA1

      a53b6fea06540c3c3448cec8cc404fd49f7a3263

    • SHA256

      c70023e1d419368c39c3414f0ebd5184f95d17891a770b6ccf2ae1e14c5695db

    • SHA512

      95ed5b2d38d5ddd4f83187cfa0a03f75f5e4495416edbc8e1bcf57d460da667a1a135f1f7ec178a1799f60aff49e01bdcea78f638285438f93cd4e7344ddc07e

    • SSDEEP

      192:OUnQvJ9yckYff/CXSE3ckbd3fVoSq9XeGqonH8P7w:tUJASf3iSeJFfOH9iY8Ps

    Score
    1/10
    behavioral4behavioral5behavioral6

    • Target

      10.webp

    • Size

      14KB

    • MD5

      274efa3c2eed59bd6edabede8c550144

    • SHA1

      cacb630e93cafd1ee03dfedc3f3e94eff4867fca

    • SHA256

      c27012b5b22a63faa5f5a6ae2b1af9af71d796829a386e7dde96df19322a9ac2

    • SHA512

      5acb3781cef0edaf444fbc03d59578ea922b7ea3e5ae9a11b51e7ef181527feb5f45251d350b7cb8900d9569bcfaab83e92c6493b445d9674b24dae2f33decb2

    • SSDEEP

      384:OqLR91BdHQ3jugH8gtPl8zqcRtxWC5PxextJB0k:OqLL1w39GvxlNo/

    Score
    1/10
    behavioral7behavioral8behavioral9

    • Target

      10a.webp

    • Size

      49KB

    • MD5

      18c460e9582d1a6ae28ed84faa1d7698

    • SHA1

      cf7bc55fd2cd60877841f4aa61e0990562b26c31

    • SHA256

      b8db9b86f0b19b4f11a71f82bf1e3418c2179440bbdbbc1074f7b3de3bab6a7f

    • SHA512

      f1b06e2ee30f492e8a015e7407743fbb141040fdee68d04f0aa7ac8dc36cce9c6feaf1d4ac72a555775d9def40498bc06cb1498d8b0d19df714ea207106356d7

    • SSDEEP

      1536:sd9Kue+kcu1ttID3WIW1KqSxK1qLig6E14o8:QeZ3QUFAK1qLb6E14o8

    Score
    1/10
    behavioral10behavioral11behavioral12

    • Target

      10b.webp

    • Size

      49KB

    • MD5

      2e6e14ccae35276394d4ce2ce56d8ee4

    • SHA1

      61be188a2d120be6867e32211f6f1afc104f34c0

    • SHA256

      46666c2fe9c2323225f73edf0599bd329c179b53d2771562105861ba1fafca8c

    • SHA512

      de062a1b2d1b8e14fca25c659afa00c5ce824e4e54051f6ce7ed4c3195a0081254b80a6141cb294dae6736a99f6e01821fd392dc033a17d067047d2c6cf13faa

    • SSDEEP

      768:kDUxtc2FwMj2VsLZ93yxWaKxpUjQYL4rmDHpfKqdffIaDOo6168ZATAS:Bxtc3MqWPCxWtpUVMi7jxfIaC7LWAS

    Score
    1/10
    behavioral13behavioral14behavioral15

    • Target

      11.webp

    • Size

      14KB

    • MD5

      4174fe55311079fd575a101033c3a255

    • SHA1

      e93ba7d1e5904c6fbf52c51f9875db1cbbee61c0

    • SHA256

      44032e8e40cf195d15ad2efd059b2ac42b3d55d365259c7ba68aad6d7c54cc69

    • SHA512

      8f8431446900d8f25768c584ff433affd9040b181219d55836bd42d878ae98d3c33f97f6012c81b6c53aa0e4ed5ebda4cc4307ed76970ba482e1305acb039a58

    • SSDEEP

      384:Yrg13Uvt11WfZN6I8ibOD3DFiTtyTmPnI+e:cWRN1fODzFiTtyiPI+e

    Score
    1/10
    behavioral16behavioral17behavioral18

    • Target

      11a.webp

    • Size

      47KB

    • MD5

      a21d49d63b0367524a3dd690c4a5fa90

    • SHA1

      589b2e6e1e7a4ed2286f272059e22a0fe4b8c658

    • SHA256

      6d283e02b3800338907acab30797060e6c216d9fa6cae29a27b8f673a5ee9ef3

    • SHA512

      5eaf8611c44c9bd026f1e95919a723bfc53fcad17cc0539a44112eca24c31b9950c059df268f146e0fc8ac6ce385f3168d56853aec1b747890651fac42872d3d

    • SSDEEP

      768:8re2C1O4PyaQopE10dn6256547jubSTqMROaMKh7rDm+3Xvi7nXrHQQJcd0QozF5:8q2CjKkpaI625YbYqOOUJKbXrHLKroJ5

    Score
    1/10
    behavioral19behavioral20behavioral21

    • Target

      11b.webp

    • Size

      39KB

    • MD5

      854a1a9842182da5345d4fa4b05badc7

    • SHA1

      4d10e1a9a469a2774ff4d843439e0483f24e0a72

    • SHA256

      1de0fe830e41ce4f1096b0d6a501fc22105e709d9d5b9735c3d932fb452b3f87

    • SHA512

      651439b7fc78c743a0fd85c2bc169b11ef7994472b958f44b6b79874e91268ecac0a9187e3a5b01dd012475da0f79f91dcd43ac20184bbcc0ae82bef9d7bd324

    • SSDEEP

      768:gBV4OjnHfdv6DxycXc2st7C+DYqspFvqwUBtkvtTX3YPajQeOZZT0OHbaYQQ+h:gBVjN6sm7stJD+pFqwQaYjZTR7aYo

    Score
    1/10
    behavioral22behavioral23behavioral24

    • Target

      12.webp

    • Size

      19KB

    • MD5

      63561aa2f151edad37fd0f06220e9d0a

    • SHA1

      49d1fa2d8a1fa3822b4885d48f86e08d13733203

    • SHA256

      db6e1c235184509d7b4824dec9784475133b1fb12e3650cab0ea085c1b32b669

    • SHA512

      1b652254b5539625c99e041baef69fa41ac2cffe4713afc01867028f3b91f9718e8624bca548c4bd47be86c2535d318319a30825fb1eaddc60a87c2cebd85920

    • SSDEEP

      384:hzTet6P13k1jCAPryz27Q+BBChQRjLhejMUqDFTZJg59z/P13IoYf:hneu96jpVnpiC0P3k

    Score
    1/10
    behavioral25behavioral26behavioral27

    • Target

      12a.webp

    • Size

      47KB

    • MD5

      28ce26e250f13a8b5596d76a4bb87d85

    • SHA1

      a540398f6612fd0ddfd7cee56d2ad8fe8f6d2e69

    • SHA256

      adcb9d6ab9351223a5cab07195e0606153ef61ff71a5ceea339830fb009fb9b1

    • SHA512

      f776ad3865ff6f620721b7130d4a79a2658f2c319bc40ed3d1c10fdd2af1290e2993c6811ce172ffe99358c8364a0b452529f39a4d163974513d50adc2c005b2

    • SSDEEP

      768:RXraw/nDcvc3kiyJeVtcUxuAJTrZF9mErz4NagBaJ9YciRSbV2JihiX:Rbaw/nkc3kirVNuwFUC4zBa9k

    Score
    1/10
    behavioral28behavioral29behavioral30

    • Target

      12b.webp

    • Size

      39KB

    • MD5

      551b7929cf163998cdcd0b1a79005ef4

    • SHA1

      eb4dbcdc1e8f489c675815227dfff5a9a29a415e

    • SHA256

      fa040b8ed42bde886d4140e1bcc2180238901c62679d1b96ffb47d57094f0210

    • SHA512

      438605818ebf43a04832b00bd5e769fd3ca51b7f2bbb3aa133f27a33152b626fb4a199e31fcdfb79636fbae1a8dcc72f5ff0f8abf9d7e8964983ffeb3bb98e87

    • SSDEEP

      768:Vbo/mPloT6aynDTncxNj5f30n6D4+Z/5rzm5WTXA1PRpLW3coBRlmUhpQh3l+r:VPPqT6acncn5M6fvUyQ1Piz6apQtl+r

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Matrix

Tasks

static1

Score
7/10

behavioral1

evasionransomware
Score
9/10

behavioral2

evasionransomware
Score
9/10

behavioral3

evasion
Score
7/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10