66a32b79ff2c15ac32dd147b9509c1d0b8fb0e24f91f478352fb9564d45416f8

Resubmissions

06-08-2023 19:58

230806-yps8psde2y 7

Sharing

Copy URL

Twitter E-mail

General

Target

McAfee_Security_7.5.0.599_615100599_66a32b.apk
Size

85.9MB
Sample

230806-yps8psde2y
MD5

00ef23c6a72ced426d89d643e5a51b46
SHA1

ddbe295d30c7105bbeccecf1a4953d342d2411c4
SHA256

66a32b79ff2c15ac32dd147b9509c1d0b8fb0e24f91f478352fb9564d45416f8
SHA512

a784afe07bcb06b880eed73c76c9ad9224322dcdef74bfb477f0be58c09c4dd5e950bd1042000900e33c4d37c86647e7b5825c2743630c61f49531ffe6876ff0
SSDEEP

1572864:lrVsBWluSMy1gm/PCgz8fJ/fU86QAkwIIFYJE/c5B7ZP5UFx8zIZaF4qkaM:9+BW0by1gmnzCfL63Ju5DyFyzI463

Score

7^/10

android ransomware

Malware Config

Targets

- Target
  
  McAfee_Security_7.5.0.599_615100599_66a32b.apk
- Size
  
  85.9MB
- MD5
  
  00ef23c6a72ced426d89d643e5a51b46
- SHA1
  
  ddbe295d30c7105bbeccecf1a4953d342d2411c4
- SHA256
  
  66a32b79ff2c15ac32dd147b9509c1d0b8fb0e24f91f478352fb9564d45416f8
- SHA512
  
  a784afe07bcb06b880eed73c76c9ad9224322dcdef74bfb477f0be58c09c4dd5e950bd1042000900e33c4d37c86647e7b5825c2743630c61f49531ffe6876ff0
- SSDEEP
  
  1572864:lrVsBWluSMy1gm/PCgz8fJ/fU86QAkwIIFYJE/c5B7ZP5UFx8zIZaF4qkaM:9+BW0by1gmnzCfL63Ju5DyFyzI463
Score

6^/10

ransomware
- Reads information about phone network operator.
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1 behavioral2
- Target
  
  01_FormAppearance.json
- Size
  
  2KB
- MD5
  
  b3a51c4b4e79266232efc89ea7794a3d
- SHA1
  
  6efe88afa92f72e9b0902ca0ec175a1b6c10a194
- SHA256
  
  4ac103dfbcbdf7bc260e6f1ecae6d51b8568b527a72c3089df6e4698186e9869
- SHA512
  
  4eaeb2a7bead275be983e4b7d17cfedca9d816de93ae82b067ab35e140019603f1ea4f14d55a9034c288aefb816457f82628f17db41b9c72ce28b07b5df021ea
Score

3^/10
behavioral3 behavioral4
- Target
  
  01_FormAppearance.md
- Size
  
  322B
- MD5
  
  3bba7461813e3da2938ff6184f335c29
- SHA1
  
  299863208fab222d9ce349949e3419e1e47ecac6
- SHA256
  
  9c05e519808c8ff45e58ea422f445c718834e6f002751987d5c1c38c4874db26
- SHA512
  
  69bd00ba18a0be8a1057b992da3cbea5701024f3797b0313cc95914176668b6abbe7532c7e7c90cdeb744e7f75dcb22ac7246b6a168e5e997d019c85bda48600
Score

3^/10
behavioral5 behavioral6
- Target
  
  01_TriggerAndDisplayCampaign.md
- Size
  
  751B
- MD5
  
  5846bacf61ff1d363a1c0aac77975af3
- SHA1
  
  71ca62fa33c5dc640a8c9ca6c4c0f695a95eefa1
- SHA256
  
  b5a484f68e00d49f58606178fafe042c3696de9152c4d7dc647dbf41a8d1090a
- SHA512
  
  313da249605b63c04f163f761904b156896b32a6cce293c32196fb9d098028849c289fec504ebd6769e283ceaacac46a19f596f72c55eb8306c20941ed6fe1d6
Score

3^/10
behavioral7 behavioral8
- Target
  
  02_JumpRulesOneControl.json
- Size
  
  4KB
- MD5
  
  7a5300610534ffd55edc341b4b85ca98
- SHA1
  
  f11a901c6c9a997e8554d46bf2ca1baa540f5fad
- SHA256
  
  9e7cbf58eaf38ac5b720090336092b46596027216fbc252e443b84571e7de6b9
- SHA512
  
  932699b637c86ee868d80e773834d328233881f480f5a8dd4e980dde9d655bf2b10ef34abdc994000b17a8cef08b21e02cef4263654b89ceeaeab0ebf4d3ad94
- SSDEEP
  
  96:EYeb0dm5AghUmXCeKOXCeLVXCeYGYCecXCepsUvZb6iM:EL0dmIm8OdVmGFvsUvZb6iM
Score

3^/10
behavioral10 behavioral9
- Target
  
  02_JumpRulesOneControl.md
- Size
  
  691B
- MD5
  
  ec17f6bfe15c0f471bd770dfe9866ff0
- SHA1
  
  466dc5f6dc7731ea921263d6ce7d534ae66d24d5
- SHA256
  
  7d393c80eff2086ab1b5a44cd2187d1bc9514852f3b0790479bca8d726a36c03
- SHA512
  
  ec0a7275ba7fa59447db49e44d56018379248e16dd550a76c6f181065f5fabf5f897b5f7b7810d9c29c3d72f7a81dc2c3b2ce902969991fa8bb08ea9ca9fc958
Score

3^/10
behavioral11 behavioral12
- Target
  
  02_PreventTriggeringCampaignMultipleTimes.md
- Size
  
  710B
- MD5
  
  4987160b7b2b8fc8bc4de65cf12a267f
- SHA1
  
  d2e21584ed3a3faa8a3a6c792d2ff2781ee544f3
- SHA256
  
  86573096ec69425be33ef845974788e95689ef47a7355333d53af99b3bec3fac
- SHA512
  
  3bd41e3f71e4fad2c65ae8d405a91916c460f4888636ce61c07a1ce05a4d4db7003ed1981b54e0f9b93364ebaf9b153f25f9ebb1226559467d0f7d6bba76f83c
Score

3^/10
behavioral13 behavioral14
- Target
  
  03_JumpRulesManyControls.json
- Size
  
  5KB
- MD5
  
  71735b01f57af89ec5ac00d6c0da0bdd
- SHA1
  
  5f273853e3b3a714bb2d44708dc48c4d882239c9
- SHA256
  
  5c149a94e0f47965e0c44694923fd98161a024a5f2cbbe89ae8c4b9225c1c835
- SHA512
  
  5f43057959404a5cb8d23b43a05d24ca17430cae3855e350ad32aac1e8a8fe1ab63a7862402b138d728f8dcef96c7fb1cbc0cf0398f483f25714742ec9f67d02
- SSDEEP
  
  96:Q0Yez0dG4CeknPImXCeyuXCez1XCeAmYCeUXCeBMUvZb6iu:Q0j0dGFwmUuV1emFXMUvZb6iu
Score

3^/10
behavioral15 behavioral16
- Target
  
  03_JumpRulesManyControls.md
- Size
  
  786B
- MD5
  
  8428e2d59cb8ab51e7e19d9057530b59
- SHA1
  
  342490d60f4a5e89067eb2f635ae56810fb61d44
- SHA256
  
  698a0f66a748bd6164dd94f73908db0257e7c2dfb54403b7c4580fb31a09f6d6
- SHA512
  
  25c87e42fcde3e03232ec8384cd741aa34a82919fdc8c6b6ed7a596bd2c086f315655f566c8f6fb1b25ed5b357916888925e949e2e373e99f32ad97587132a8f
Score

3^/10
behavioral17 behavioral18
- Target
  
  04_VisibilityControl.json
- Size
  
  7KB
- MD5
  
  7ca25ebcab714506473851b22f039089
- SHA1
  
  432a98e685de18542167ba5ef1f805a106413283
- SHA256
  
  1dab087162377f70fab4d97212797a31c1743fdc47cf240a50d00c47647ac84b
- SHA512
  
  6fa90dca708f07350eacdee86f5842a647b3448225442477fe194a63af69beca9e2912faa4db7ed4943dd9bb598d1bb768f27903b5b52ad9dcb78b02b1c15a71
- SSDEEP
  
  96:1wIeTkl+4Se36FjXSe3GFbVXSeaSXSezxXSeYKYSesXSeRg0nJz662r:SDkl+9EVsSFxmKh3g0nJz662r
Score

3^/10
behavioral19 behavioral20
- Target
  
  04_VisibilityControl.md
- Size
  
  799B
- MD5
  
  968a50728f026a050c4fc3752685b14e
- SHA1
  
  b7eb21e97ff839976277c5e655094808b25d94d5
- SHA256
  
  fa1e25674ec161dbca5a780aaae596ce068dc6c118515607cb2a20451b48bd6a
- SHA512
  
  93ec791f7a4c1d3eacbc8b8fc8cd7048ca55b5283ee6df4424219aa3ecef753cf803eefe0f0363f00d79db712e518965908d38709e4fecb7526d6a17f8fafc91
Score

3^/10
behavioral21 behavioral22
- Target
  
  05_PassiveCheckboxJumpRules.json
- Size
  
  5KB
- MD5
  
  23169bc590c3289b904053a37bd3f6d7
- SHA1
  
  7c3a4ce7b0501fcdca071b05df6f6a0656085bf3
- SHA256
  
  a8c31864e26411e7934f67d1157390680289366f2eb42b91240863eeef8ac50a
- SHA512
  
  6bd6cf150b85fbec6603c3cd81fcb334cd0c57458fa4fb4c1eafa81a66200ce103c83131f772fcf748c9eaa13f0a223f41a59e97b920e1fb77fe93746a9e03b7
- SSDEEP
  
  96:vYex0duICehNQ5VRSmXCet7XCeSiXCeTXYCeNoLvZb6iu:vh0dusNuUm77UiVX2oLvZb6iu
Score

3^/10
behavioral23 behavioral24
- Target
  
  05_PassiveCheckboxJumpRules.md
- Size
  
  1KB
- MD5
  
  d243c3f56567320682818b00debda40a
- SHA1
  
  2a1c4891e696ac4a783a0c45d61b04d7ed2fd573
- SHA256
  
  cc488deec357997bb949562ed06a26f635384887a33fb978534d42c29c753a37
- SHA512
  
  e138e649bd75f3f7e4bad2b18229cdfd1bd704d6f9bb3c4a779e709492edfcaed5b0276795b4a1620dcb1c5ad5c13f9205d5f6f5856738dbfa034512d24b17ee
Score

3^/10
behavioral25 behavioral26
- Target
  
  06_BannerMoodNoJumpRulesGoesToNextPage.json
- Size
  
  5KB
- MD5
  
  16805de1aeb577dead01ed0fbb73ae0d
- SHA1
  
  c557f6b268779ce915f7268655855adc58c7297a
- SHA256
  
  02b7b308810e1094d66ccb13cb16c1bec89397bf5f4d66cb4d7d802586919658
- SHA512
  
  8e904cc0de098d0af903ee212ad1ab78c1f3e807b30b9eb8e9c1b3f8b4514bfa2bbf48378b203079104a5cad0adcf9d2322771b0cb7556b70e9d1b7a10af3737
- SSDEEP
  
  96:UbHZzK6G6KCesUlCUSeMeXCeRUSejnXCeR5EVL:2HZzK6G6TUlCVeTmnH5gL
Score

3^/10
behavioral27 behavioral28
- Target
  
  06_BannerMoodNoJumpRulesGoesToNextPage.md
- Size
  
  579B
- MD5
  
  959eb5d2af8ee0723d7f042aa9b585db
- SHA1
  
  082e32d299d6f591f5113da06bfc7cfbf211aa63
- SHA256
  
  bed9797beab1c825c5686374c6e93bf0c9ade63a36cea14dd6af723c73bfd6b9
- SHA512
  
  3477ac90fc3901ee3118411bb2f1a13b507f7ece4bb7a166dcc33893820f4ccf1134971efcf855e364fccd68cf7303a9c501a1437c65fc3fcfcaf054923d08be
Score

3^/10
behavioral29 behavioral30
- Target
  
  07_BannerMoodNoJumpRulesNoPagesGoesToToast.json
- Size
  
  4KB
- MD5
  
  fcaba931f4e68abd81603a4a5a32481e
- SHA1
  
  a68eb09c7078c3a19b8fdba6d61930e66dd6c39b
- SHA256
  
  07fdb250630d52811826a811ac031fb3749c8b47fb3c159a88caabed6dbb7b06
- SHA512
  
  0e13b80213565203cb8f0a8fc561c293c2afb10e193c51c0393cc87014886147d837535dd95b087eda9c114480c49ff5d0b056bf8ea4e5369eb0ea68ae03cb40
- SSDEEP
  
  48:2GvHZzKELXWugYp8C4ppJUnUlRMp+S4pMe41pZC4pR5srrLvpL:TvHZzK6G6KCesUlCUSeMdXCeR5EVL
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data).

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32