Overview

overview

9

Static

static

7

aeb0f38b1a...4b.apk

android-9-x86

9

licenses.html

windows7-x64

1

licenses.html

windows10-2004-x64

1

quicksilve...ace.js

windows7-x64

1

quicksilve...ace.js

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    aeb0f38b1a1ed2a46a6596c9129dd74b.bin

  • Size

    72MB

  • Sample

    230610-cln9paeg3s

  • MD5

    aeb0f38b1a1ed2a46a6596c9129dd74b

  • SHA1

    97a445e0d2e5089437b22b788b972b80097e0129

  • SHA256

    7ca3ad74714893ada4c7b1e2597ff650944428181a170c746e8eb0f8624c2e5c

  • SHA512

    3c731a11f8483821eea5d1f214f4ef282e1bc069d8ab19fc6bdc28e5946faffcda1990d82dc045b5c4fae3b0c7f622f98632c6495353bf0d873fece1ff607981

  • SSDEEP

    786432:P9dVrVrpVknwpceSmNORCtEhOXkwTSschc28vr7gutvlQj1FypDk1X:7VhpynwaeB8RCAHjzP83ztvlQypYX

Score
9/10
androidransomware

Malware Config

Targets

    • Target

      aeb0f38b1a1ed2a46a6596c9129dd74b.bin

    • Size

      72MB

    • MD5

      aeb0f38b1a1ed2a46a6596c9129dd74b

    • SHA1

      97a445e0d2e5089437b22b788b972b80097e0129

    • SHA256

      7ca3ad74714893ada4c7b1e2597ff650944428181a170c746e8eb0f8624c2e5c

    • SHA512

      3c731a11f8483821eea5d1f214f4ef282e1bc069d8ab19fc6bdc28e5946faffcda1990d82dc045b5c4fae3b0c7f622f98632c6495353bf0d873fece1ff607981

    • SSDEEP

      786432:P9dVrVrpVknwpceSmNORCtEhOXkwTSschc28vr7gutvlQj1FypDk1X:7VhpynwaeB8RCAHjzP83ztvlQypYX

    Score
    9/10
    ransomware

    • Renames multiple (60) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Acquires the wake lock.

    • Reads information about phone network operator.

    behavioral1

    • Target

      licenses.xhtml

    • Size

      1MB

    • MD5

      2d0ce6886e0879d82423a72a61e25478

    • SHA1

      9995d5943ab31a652dabd412b8f7f6d0c7f87742

    • SHA256

      aa9201dd0fe5c65745b0ddb4ea7b83bf9b61e1c3f3debbae884bc47458d80726

    • SHA512

      1bf810001bce87f0a5bd0e40fd4d6dc2e4d36a66fe32121a84e457f7295f59832d6c5e79634944c0225e1d1d3300031513c28a8670aaaf7bb4e5423ff5c3db82

    • SSDEEP

      12288:53V3e3P3D34353/3q3q2w2FDS303w3e3w3a343H3S32323+3n393C38303J3l3fz:P7q

    Score
    1/10
    behavioral2behavioral3

    • Target

      quicksilverCardAutomationInterface.js

    • Size

      2KB

    • MD5

      21b3acc1f1b722c2f3509d8a3ee06f47

    • SHA1

      0e537ea7ca9bb24d50cad2cd6c42a2cf959132ac

    • SHA256

      122af0775abfe1885ebb036ef34231ff4a9e170bc301c42919802c6c87118b67

    • SHA512

      df290df1e5462a8113a3ea5426cfd11ab9b8983e1880a9967667e0bf1e5734e6a1025021cbe53781c919371fd40b3411bc1470196b08a6a431670072d9bf533e

    Score
    1/10
    behavioral4behavioral5

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks