Overview

overview

7

Static

static

7

happymod-2-9-6.apk

android-9-x86

7

happymod-2-9-6.apk

android-11-x64

7

demo.html

windows7-x64

1

demo.html

windows10-2004-x64

1

happygame.js

windows7-x64

1

happygame.js

windows10-2004-x64

1

slow.html

windows7-x64

1

slow.html

windows10-2004-x64

1

t86

ubuntu-18.04-amd64

1

t86_64

ubuntu-18.04-amd64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    happymod-2-9-6.apk

  • Size

    12.9MB

  • Sample

    230610-vegv5sga8y

  • MD5

    15d1b37503fb24d31cf612c4a8120275

  • SHA1

    e7fbf54a50583562c4a08259051a64cfafabfcf0

  • SHA256

    1fc27cff9f43ea736b221efdc78163051a3187f1718eb5e13692e298f163ebc1

  • SHA512

    4e832dcd9d01cca04822c0d2780cc06fc780657c24c08fd63ec15ec4a033f2a0821f9a13946648aabbc5a21289ace44c121acd5b155736e756a9d7c2b1dc0e51

  • SSDEEP

    196608:W4iGcEbIMcth5/IEtInqw3npU5a1W3aeR8D43tqywVOp+W8/H19RFhNDcWt00keA:ZhcEb7NWWmaOdf0OYW09wpCA

Score
7/10
androidlinuxransomware

Malware Config

Targets

    • Target

      happymod-2-9-6.apk

    • Size

      12.9MB

    • MD5

      15d1b37503fb24d31cf612c4a8120275

    • SHA1

      e7fbf54a50583562c4a08259051a64cfafabfcf0

    • SHA256

      1fc27cff9f43ea736b221efdc78163051a3187f1718eb5e13692e298f163ebc1

    • SHA512

      4e832dcd9d01cca04822c0d2780cc06fc780657c24c08fd63ec15ec4a033f2a0821f9a13946648aabbc5a21289ace44c121acd5b155736e756a9d7c2b1dc0e51

    • SSDEEP

      196608:W4iGcEbIMcth5/IEtInqw3npU5a1W3aeR8D43tqywVOp+W8/H19RFhNDcWt00keA:ZhcEb7NWWmaOdf0OYW09wpCA

    Score
    7/10
    ransomware

    • Checks Android system properties for emulator presence.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

    • Uses Crypto APIs (Might try to encrypt user data).

      ransomware
    behavioral1behavioral2

    • Target

      demo.html

    • Size

      1KB

    • MD5

      03b178d1ff60f7b47438321299c1e1ea

    • SHA1

      b4097afe68a2b28456cafad4b70f28bb87020527

    • SHA256

      56a53efdc143e241faafa8eb1fafbf8aa82ea1c630465a5d66a9c406a134c99b

    • SHA512

      ccd7c1c2c99de385b4c53056d2e014ae03164cc3927084750716a100316bb94a42ce4c127faf0bf8caf884ef470df23216c004b5f75deff1a4b62721d233ff7f

    Score
    1/10
    behavioral3behavioral4

    • Target

      happygame.js

    • Size

      2KB

    • MD5

      35087f967af3fc9a9cc42df602eff110

    • SHA1

      e100c9518d9d689ebb58849508c9da8ed8b745a4

    • SHA256

      585ae6e48db41266166f185b8c7c9b17876b23f70b8205d14f94ee737a081eb9

    • SHA512

      2e1473138b031ac0bfe79423009619a5a7ead16a04d4018f40aa3c0e956ae43cd3455cf488f8cc1137d76b27aa3d4278dc0b967cacd385a70b77ca595c622260

    Score
    1/10
    behavioral5behavioral6

    • Target

      slow.html

    • Size

      3KB

    • MD5

      bb5120365ae32b156749e60184fdd68e

    • SHA1

      2b7fbd67c51d0c0a39682c09d75912fbd44061c1

    • SHA256

      189c01f32ddaa5a2e43676447b86fda1696e8ff9ed7cb8cd5ea1aad0b5d7b532

    • SHA512

      c42d8d7d623422e5852e07fa488cde5d3576882cfdb621ad4b31bc357231f0d69f4c0a893f57b6839b5bf260a56657638e03988ff9c25af32e6cd30d57d83680

    Score
    1/10
    behavioral7behavioral8

    • Target

      t86

    • Size

      276KB

    • MD5

      f9cdb8f55b2217f0b9ccdef3ffc4b036

    • SHA1

      8dadc7e6ac72a7671feb0de1d4738d576165132c

    • SHA256

      9169d7be0c21bd0e62d6908cb6efe3c0088d25502c2803d9897dd51e802d40ce

    • SHA512

      de40d6aa8837b3cfa6622d3f086bf9e811db35d6072f45cf8d0cb7b0a74ad619bb96151ba2f8b0aa196faddbcc468fff898ffcc22f86217a439699527484fc3e

    • SSDEEP

      6144:31ML+5ZeatsS6XT53NEaGoPYYG0VOOMn4j:Q+5ZeCshXT5O5n4

    Score
    1/10
    behavioral9

    • Target

      t86_64

    • Size

      285KB

    • MD5

      55a9e782b33a5f69010c80ca24e8aa9d

    • SHA1

      8f183eeba8f5f44b85880fae8639adf94cefac46

    • SHA256

      e12170526f7ebce55780a191e4d72af1af7820201007367d00c70e91dba94697

    • SHA512

      273783505d63ea8b5dcfbae1ef4572895a5c3bd882d1facdeace198de108cebf9d97fda747c749333f0991eb98d5ce873617041d044560567b76a986af05a010

    • SSDEEP

      3072:prtSpPgajE4ZZy82m1G5Ej6fDbOqczY7wlTvUvVEk2b81kfV+9R7:prgpP5jM82aAHDJwljUvVEk2b8iN+9

    Score
    1/10
    behavioral10

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks