Overview

overview

10

Static

static

10

Chrome.apk

android-10-x64

6

Chrome.apk

android-11-x64

8

Chrome.apk

android-9-x86

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Chrome.apk

  • Size

    1014KB

  • Sample

    230630-ww3dvaec35

  • MD5

    535d423f8b0c9d9513c593c047d8d3df

  • SHA1

    076273b577ee80383f264ea2b169e1f620171109

  • SHA256

    fdccb6b1b3052841a5d73196965bab668256036483dca5768a7192748bf8e580

  • SHA512

    72ac870c1fd1ebef4b76988b83795e4a11a058eeb86d83c83476838f8591b3812caac5018ed978ed785f16ca9e85aaeab88815ab81a3b91c138b5f4f54c263b9

  • SSDEEP

    24576:4vIKLQv8rdHsYV17CHV6oINF5ppSQ3BxeHSgS+Ubn8:4vsvW+Y7YdINf+HSgSd8

Score
10/10
ermacandroidevasionransomwarestealthtrojan

Malware Config

Targets

    • Target

      Chrome.apk

    • Size

      1014KB

    • MD5

      535d423f8b0c9d9513c593c047d8d3df

    • SHA1

      076273b577ee80383f264ea2b169e1f620171109

    • SHA256

      fdccb6b1b3052841a5d73196965bab668256036483dca5768a7192748bf8e580

    • SHA512

      72ac870c1fd1ebef4b76988b83795e4a11a058eeb86d83c83476838f8591b3812caac5018ed978ed785f16ca9e85aaeab88815ab81a3b91c138b5f4f54c263b9

    • SSDEEP

      24576:4vIKLQv8rdHsYV17CHV6oINF5ppSQ3BxeHSgS+Ubn8:4vsvW+Y7YdINf+HSgSd8

    Score
    8/10
    ransomwareevasionstealthtrojan

    • Makes use of the framework's Accessibility service.

    • Removes its main activity from the application launcher

      stealthtrojan

    • Acquires the wake lock.

    • Queries the unique device ID (IMEI, MEID, IMSI).

    • Reads information about phone network operator.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion

    • Removes a system notification.

      evasion

    • Uses Crypto APIs (Might try to encrypt user data).

      ransomware
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks