60b89d80857538d4828d87ed825b078c62b7a41785dcba345d0b6ddbdc19df81 | Triage

Sharing

General

Target

f65bcb89-9eba-43f9-b9db-1d0343b8bf7b.apk
Size

31.4MB
Sample

230816-xrj75sdd36
MD5

9907210422077f6af307dfde5e30b002
SHA1

109cc514997c7ad0c5c278d3464daf8357c042a6
SHA256

60b89d80857538d4828d87ed825b078c62b7a41785dcba345d0b6ddbdc19df81
SHA512

da204a02bdb70cd3f5b838e4d43c9817d492b26ffea193610798a92c9f0fdfc0a6839351fbdfe8b81a16b56cd33bce99d5649b26a06585076fdf8ff5830fc009
SSDEEP

786432:6aQMZ4rOARgRHk4lOOzitxPC8sCkzWjiAgijY8LNFBfTPcz:sHKKgF+Ozitxa8+2l/rNHr0z

Score

7^/10

android evasion ransomware

Malware Config

Targets

- Target
  
  f65bcb89-9eba-43f9-b9db-1d0343b8bf7b.apk
- Size
  
  31.4MB
- MD5
  
  9907210422077f6af307dfde5e30b002
- SHA1
  
  109cc514997c7ad0c5c278d3464daf8357c042a6
- SHA256
  
  60b89d80857538d4828d87ed825b078c62b7a41785dcba345d0b6ddbdc19df81
- SHA512
  
  da204a02bdb70cd3f5b838e4d43c9817d492b26ffea193610798a92c9f0fdfc0a6839351fbdfe8b81a16b56cd33bce99d5649b26a06585076fdf8ff5830fc009
- SSDEEP
  
  786432:6aQMZ4rOARgRHk4lOOzitxPC8sCkzWjiAgijY8LNFBfTPcz:sHKKgF+Ozitxa8+2l/rNHr0z
Score

7^/10

evasion ransomware
- Checks known Qemu files.
  Checks for known Qemu files that exist on Android virtual device images.
- Checks known Qemu pipes.
  Checks for known pipes used by the Android emulator to communicate with the host.
- Reads information about phone network operator.
- Removes a system notification.
  evasion
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1
- Target
  
  app_feedback_type.json
- Size
  
  156B
- MD5
  
  8bb434233e0a9856431502129e680dd0
- SHA1
  
  4ab7b9b9f45e79297577b8d4c4f1a137fb4300c7
- SHA256
  
  b1be45903bac4d5f9bea34e90c850f782d8eac69bbde3e074a617a6a802b68f2
- SHA512
  
  237ba90a8e203dd69ee53fd4cc46b510ecb92d990192b8dcf7e740b9630b1fdb633d47d0527b36fee515950b0658cb9477ceea252cb1daeae358a311f814403f
Score

1^/10
behavioral2 behavioral3 behavioral4
- Target
  
  applovin_adinfo.json
- Size
  
  2KB
- MD5
  
  1bfb5fab7394889159f91ceddaa1b3db
- SHA1
  
  a50137ed430a573ff2060602a0dcbe00fa265a14
- SHA256
  
  100a1ec98bb882c51dd450bb12dd0afcde38c5f20bf48eb00dddc753ce25e8d8
- SHA512
  
  0b527ca044b38c2aa236c54209ee4bd310e71b6f31ed75a47a507cc1236d6ab95bb814d0f49ff7c70a5c98e3a068a6666393674e89dbb43e2ae2b72c5088d42d
Score

1^/10
behavioral5 behavioral6 behavioral7
- Target
  
  area_ar.txt
- Size
  
  6KB
- MD5
  
  4b35b52c7f959c6a85ddbddf25b46a01
- SHA1
  
  2713eb9c8bf34f74cfbb91ff2eee27b1ae3e341a
- SHA256
  
  a812d4605effbdbee0e634f81ca42f88fdf1d2aedb910e2a65d348422208d531
- SHA512
  
  353dbb74a3d195e2e66e95781b1156b2ec21a6c9e8f25423c673339cc9c3a4ac30e26d55b7b2b3b9fe0dba940ec5f940a3cc1e830d0c42e59a96c5de9604756d
- SSDEEP
  
  192:jZw8xS4ryoUXsU20fIB2hwlqpRWOPzdkOhx:twI/ryosUtmjzp
Score

1^/10
behavioral10 behavioral8 behavioral9
- Target
  
  area_de.txt
- Size
  
  4KB
- MD5
  
  114851e4648a3dd67a9c36b7415cfaaa
- SHA1
  
  18dfb619e249e3f24ecbfddd686ff66d5d86fe01
- SHA256
  
  5d0b83df2e92f136850a8fc8365cdccaf8692cf9dfdcba1d4327fa24a1cf8ca2
- SHA512
  
  68f8b2b55ac17ff9a55962edfdae89e24a4bbaa0661137f73ac08b4c46c95ecfb7ba490006c15f80274e32fb4ee0052c741c7d0a367eaf0829d1728f393063ba
- SSDEEP
  
  96:ESNZeM5WYSoSVPiZyGHjiuVxj6F+6rOV5nsYrHzC5KuV:E0F3SbVPumKH6qV5sGHzC8M
Score

1^/10
behavioral11 behavioral12 behavioral13
- Target
  
  area_en.txt
- Size
  
  3KB
- MD5
  
  cadc3c279a470ed9292c7b1524c2d6a8
- SHA1
  
  fc3561efb1ed5a3346feac10b9b71b4ff73aacab
- SHA256
  
  30fc9d47cf8f0e44e9cac8bad10f6f33645d9905d2c2f777098b3bb707396a7a
- SHA512
  
  296f381d5c7014ba1959e9cd548696c9a16fcdfc54b9d90fc7a96fb465cbb0f2aecffd1556e77b8d0883f84ca5d1194dc3dab83367623b0333e752152bbfca47
Score

1^/10
behavioral14 behavioral15 behavioral16
- Target
  
  area_es.txt
- Size
  
  4KB
- MD5
  
  14647e0d21b358c3ee7b94fdbf251a8d
- SHA1
  
  46492b0f12f3f3f7033b78dbfdebedd70a6e87cd
- SHA256
  
  26c5c7b798077ef0083ba5fa2580aed95e73a17d626220b4c2702d139265d7e0
- SHA512
  
  945eb6b85f7a46957136da4704e57592939d9d9b18ee136670533fa2c27175637ad44f6b79e0ddd3cc1ac8e8172eec5f1561bd7529ccd5fc2ab131e48b8b561c
- SSDEEP
  
  96:DQ3jmoO6vtIrjeKv3X4VHyvXRJkHeuVdOloeSMlrwudJyQ1Ar:GfO6vkeK/IVHGXRJkHeWSoeprw+kVr
Score

1^/10
behavioral17 behavioral18 behavioral19
- Target
  
  area_fr.txt
- Size
  
  4KB
- MD5
  
  5069513ab1c4e752f310eed1d3f5ad4f
- SHA1
  
  d968ffb5717b7ca1314028482c63c787d91d4eed
- SHA256
  
  4528efc73b7cdbe8f1865058f1899cbf3c73c3dd9eac7fbc9d3faa60a7c6bf1b
- SHA512
  
  e457fcc4cd21f9c4b685f894a25af965372dfea21db1891b1328be8295300c5fbf3274653ad6afd280fd778d6d2b62cfb9d6170553582b191c7e6d5bd6a5e5d4
- SSDEEP
  
  96:HSZMnCwWkVNGhfETn9JmzGHAb6hMOpuVwJSYutIPBqZNdA4SMQx:HOoWmGhfGsSHMOpxyePMZNdQhx
Score

1^/10
behavioral20 behavioral21 behavioral22
- Target
  
  area_hi.txt
- Size
  
  9KB
- MD5
  
  d1d423a32720d3b0838a4761d1f2694d
- SHA1
  
  49724d12b291ff123dcacaf770e96a5afa0a0ce7
- SHA256
  
  88664271851def2c54fe0d01b93f80ccd8456ff7289643e19051e1f0bdf7c50e
- SHA512
  
  e2633f58e3d0edd53058ec799fb3283727769f913afc7d84957463779f524f9154899984189848f80fe20698bf663e11a7d71d75992f3b4150964ec8fbd387f2
- SSDEEP
  
  192:dUDZpFdJbPAXw7RtrIny/q6w4O4eaxfDJ/0lEuZ6IqjmwBM5:6pmw7RtEyrnyZZwmj
Score

1^/10
behavioral23 behavioral24 behavioral25
- Target
  
  area_in.txt
- Size
  
  3KB
- MD5
  
  d64024a118ee4bc4f9814514e3dd9563
- SHA1
  
  c1b96a2c5fab2498e24c15b7e6ddc705e76fac4b
- SHA256
  
  48c5352976a0f00ad6129bc149462977a70aabf4bb478682182ce3c1acc4fe37
- SHA512
  
  d767759e7d6e076dd8eceb891e3017e08874bdd66d0e8ab22e6196cd20c4db388e39277ae6d4f375b8c68976f84215ab1b3f6687c672895f0cf043ea2ac523b8
Score

1^/10
behavioral26 behavioral27 behavioral28
- Target
  
  area_it.txt
- Size
  
  4KB
- MD5
  
  66c784f6d7b45f0791e775670e52b294
- SHA1
  
  15c429e4856558b1f225eb16b0f407f6df9b6b67
- SHA256
  
  a148947dc20f0913ba6f516ea7ab4fb34c475739af2faf54fdc9160991eee68f
- SHA512
  
  966fff33e010faf2ab1993c0470cfc1a72e34abb314ccee9e3da007afd5f5cb5c16b7d09b225b89af49b113d9948d59c152f10e472b599bf76c97b507f8818a9
- SSDEEP
  
  96:48F8gJfaNMhxXnxJWCoVuVpUZQZeALazgY8dN:4E8maNIhJWCoVgUikowgYyN
Score

1^/10
behavioral29 behavioral30 behavioral31
- Target
  
  area_ja.txt
- Size
  
  5KB
- MD5
  
  d15cceaf38621aa4df3692e193c7d3be
- SHA1
  
  fb09dc294186eb00c78b7ee76bf1f0dd947c1f44
- SHA256
  
  da23111f0f38c182fa674bee7453e777009fb2f565619df37e8caf1c42ac1e81
- SHA512
  
  9175713067bb993929a2ae5bdda76f570b9383e5103504aeb8506ea8f91a43807c4259fd4e7051aae58d1ffaf6d80ca71244e5462aee6b18ddf61ddbee778cfb
- SSDEEP
  
  96:j1o9zzXqqP/P25RwL2AdQKiknu7944EyVYLqodRiT1T2J5zb0EgQrFBjhb:O2qHuo6AhVu7944EUZIU92J5IQZphb
Score

1^/10
behavioral32

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

evasionransomware

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32