Overview

overview

9

Static

static

7

4d6e3e1241...08.apk

android-9-x86

9

licenses.html

windows7-x64

1

licenses.html

windows10-2004-x64

1

quicksilve...ace.js

windows7-x64

1

quicksilve...ace.js

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4d6e3e124131e7d61116321cc75d0908.bin

  • Size

    66MB

  • Sample

    230610-brlkbadh73

  • MD5

    4d6e3e124131e7d61116321cc75d0908

  • SHA1

    a8323c071b7fbdc829676361cb32207304a9a7ec

  • SHA256

    3c9e70556a4f79d59e9933c9b00cdad4355ec8d8bd949395a497a685a9af9ced

  • SHA512

    db5b30c3cb1086fcf5ba1e44d61d8571c05c83cffee2ef792c27164f0082e781809dc0c054f89e16a88a8c00dc1033e0fd69b2b404fcad4430b0160d60bbc17a

  • SSDEEP

    786432:DoyjoLd+1DQPI0WuxNjAutIitZcxL/ayd8F7gbnIwLaMVazdMv9lSb2aA2:oLQmILuLUviPk7m7sn8BzdMlkKX2

Score
9/10
androidransomware

Malware Config

Targets

    • Target

      4d6e3e124131e7d61116321cc75d0908.bin

    • Size

      66MB

    • MD5

      4d6e3e124131e7d61116321cc75d0908

    • SHA1

      a8323c071b7fbdc829676361cb32207304a9a7ec

    • SHA256

      3c9e70556a4f79d59e9933c9b00cdad4355ec8d8bd949395a497a685a9af9ced

    • SHA512

      db5b30c3cb1086fcf5ba1e44d61d8571c05c83cffee2ef792c27164f0082e781809dc0c054f89e16a88a8c00dc1033e0fd69b2b404fcad4430b0160d60bbc17a

    • SSDEEP

      786432:DoyjoLd+1DQPI0WuxNjAutIitZcxL/ayd8F7gbnIwLaMVazdMv9lSb2aA2:oLQmILuLUviPk7m7sn8BzdMlkKX2

    Score
    9/10
    ransomware

    • Renames multiple (60) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Reads information about phone network operator.

    behavioral1

    • Target

      licenses.xhtml

    • Size

      1MB

    • MD5

      e51c452e3c0a5322570840f145bec86f

    • SHA1

      272fd93ef8bc30ad02879ef245d626b80dad9d6b

    • SHA256

      0dd6d560372744592aced2de9424b81a3f1b14a7564ed44f60d2ba471fad48b1

    • SHA512

      c6f18f42bd764820d1e1554074627c33674f41e044e8bb171a27a9279af8323705253bb1107c1fd3b928842fbbacc93c01059c6953396738160857d968fad8fb

    • SSDEEP

      12288:q3e3P3D34353/3q3q2w2S303w3e3w3a343H3S32323+3n393C38303J3l3f3j3S+:pQq

    Score
    1/10
    behavioral2behavioral3

    • Target

      quicksilverCardAutomationInterface.js

    • Size

      2KB

    • MD5

      21b3acc1f1b722c2f3509d8a3ee06f47

    • SHA1

      0e537ea7ca9bb24d50cad2cd6c42a2cf959132ac

    • SHA256

      122af0775abfe1885ebb036ef34231ff4a9e170bc301c42919802c6c87118b67

    • SHA512

      df290df1e5462a8113a3ea5426cfd11ab9b8983e1880a9967667e0bf1e5734e6a1025021cbe53781c919371fd40b3411bc1470196b08a6a431670072d9bf533e

    Score
    1/10
    behavioral4behavioral5

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks