b9f4abcfbf019c28c6a8c1487962fdbbeb62100c8f02fc6311a6753bc9238ae8

Sharing

Copy URL Twitter E-mail

General

Target

Slenderman_ The Curse_1.4.6_Apkpure.apk
Size

38.9MB
Sample

230826-vm8ntscc34
MD5

7852de521dc52c85f5ea7c08a5be8687
SHA1

fe771d803405a872fe803d318cf2d161191eab4a
SHA256

b9f4abcfbf019c28c6a8c1487962fdbbeb62100c8f02fc6311a6753bc9238ae8
SHA512

55fa247803995f2b65b182d0e9cfda6d7c5b8bd9e793faee8ce581566512deaca6ee17f2fde3cf041299f67ad8e93376b9c833fa86bcb9a5f8e1ba0b4391c4c5
SSDEEP

786432:vj3NrrRvb4Hhq+RKBDy+194OtWuMgB3pyxkXIAuhfdawkgrBy0zvLEGa06s4hq93:b3xRvb4B93+f4CVB3cxZAqbkaMK5ajOJ

Score

7^/10

Malware Config

Targets

- Target
  
  Slenderman_ The Curse_1.4.6_Apkpure.apk
- Size
  
  38.9MB
- MD5
  
  7852de521dc52c85f5ea7c08a5be8687
- SHA1
  
  fe771d803405a872fe803d318cf2d161191eab4a
- SHA256
  
  b9f4abcfbf019c28c6a8c1487962fdbbeb62100c8f02fc6311a6753bc9238ae8
- SHA512
  
  55fa247803995f2b65b182d0e9cfda6d7c5b8bd9e793faee8ce581566512deaca6ee17f2fde3cf041299f67ad8e93376b9c833fa86bcb9a5f8e1ba0b4391c4c5
- SSDEEP
  
  786432:vj3NrrRvb4Hhq+RKBDy+194OtWuMgB3pyxkXIAuhfdawkgrBy0zvLEGa06s4hq93:b3xRvb4B93+f4CVB3cxZAqbkaMK5ajOJ
Score

7^/10

evasion ransomware
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads information about phone network operator.
- Removes a system notification.
  evasion
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1 behavioral2
- Target
  
  Assembly-CSharp-firstpass.dll
- Size
  
  53KB
- MD5
  
  9ec977f3e442afbcc1f7e3b5df10889e
- SHA1
  
  1c8422d5d5efc6ca952273afbf878aa49a4306f3
- SHA256
  
  2c44871108ef9e2a596a1ed9db2f495f2a56fada0c56c2238b5173452c95ef23
- SHA512
  
  8950c15bcf1832abcc96843ab86944e68ae2ed3d9e0eff7c017b010c001a780283f54e8e582e68e1d4325d9b19857447f44ddc76a82f4aa9da8205db731ded0e
- SSDEEP
  
  768:DfiW76p8xh14JAaTsESi437Ob++xiDb/arnBtkhE8t+e3iCvf3YFrv:M2xrqAaT1437OTiDbijHhe3lQ
Score

1^/10
behavioral3 behavioral4
- Target
  
  Assembly-CSharp.dll
- Size
  
  71KB
- MD5
  
  7e45fe4dc25745b9f7397b03ba256477
- SHA1
  
  a3aad6d083d1afe14e3c22e09d22e4c814664c6d
- SHA256
  
  215a6bc12441e7fd21c4b6d273889e7928d7263c86724561208ab71481a92238
- SHA512
  
  915e586e45b6e65bf3499143f6ef0e81d95851430fd9ce0af6f1d1819570b3810c0fa74e5455ce8f78cbcb941e0dc4cc2c68fdba42b8bdadaf77fdc642e77267
- SSDEEP
  
  1536:SQw2rakRYpTkTHyKBYyTHMOPrApKbyQ2oVlgOkmb8Lg3Hb:S9SaFpTkTHykY26pKbyQ2onzkmbd
Score

1^/10
behavioral5 behavioral6
- Target
  
  Mono.Security.dll
- Size
  
  286KB
- MD5
  
  17eb0a95815fe762b53a8b5518fb07d2
- SHA1
  
  97463e1a67c2bc92731c11bccbcfa5f540adb14d
- SHA256
  
  43cfad7fb74ce284c159a4775f12bda4e86f0218d10c11a0f9b25b6ea62ea898
- SHA512
  
  7754b42965211c55e977858e6707c899ce2481fc2c3a7480f12acbbfd9d725c3dedff7161e97aecce0d8fbe9a0aec5f08d9aaaaec4ada94aa87916c6484a92bb
- SSDEEP
  
  6144:+ytgJ7SzJWhaeQTVJRj02ooGzsbFNG5ms7hv:yB5ceQ502oVzB
Score

1^/10
behavioral7 behavioral8
- Target
  
  System.Core.dll
- Size
  
  259KB
- MD5
  
  03575623cad3c1535fe9ccdb3b4bce8a
- SHA1
  
  bb58c22e02c0e43901eab6e69a35d353e08e4722
- SHA256
  
  f3e5b30d96b315cbc85d968fc20b962e1445ead09f93f39dd5e828db45045ee8
- SHA512
  
  5dd7afcad39acf52474f42dcfdb6c98fe08ffabcc146883d6e0addcb138951a1b73020a8d46769ed1ddfd1eb93e10de1b2ae7bfb8cb2347ffc96dcbd9d1e25c7
- SSDEEP
  
  6144:kpmYcnyyZrWiXZQOct0jaUDzLH8AhY3qJKV3I:gcnyyZrWiXbct02UjvhWqJ
Score

1^/10
behavioral10 behavioral9
- Target
  
  System.dll
- Size
  
  1.0MB
- MD5
  
  4f21ae12574420f6b978c8a4a8c5e5ed
- SHA1
  
  5451f81ac2bd643d7763b727fe9b1d598cb36ddd
- SHA256
  
  c32a01aa7b244eaa6da74b4619434b9cb0b52e9d84532ee76aaf492c70d91a4c
- SHA512
  
  f1a99c7e0a83544d08a53ca796a7ddf265ed4537702c31c281bb924fac5462472dac37a771662623aa2cf5002ac2c19b73b35438777d57c39e23c3ef693742cf
- SSDEEP
  
  24576:KvKCuaUIERHhTCzPIH98RlreZgkNoJXfBKsClf6ott50VYZwrJG8MAFPGmSu:KyCPvBCZwrJG8MAFPGm
Score

1^/10
behavioral11 behavioral12
- Target
  
  UnityEngine.AIModule.dll
- Size
  
  30KB
- MD5
  
  261e9edfe0340287a9e2c63374599163
- SHA1
  
  197c524005f7cbab060efb08b5d74f86004dcdee
- SHA256
  
  3ff748e9f6d9e39ed82d0ab5811f65b3029b42577101d9cbbcc66c53b8d913c3
- SHA512
  
  6a8e8e4ca637277ed472249a9eb5ccee6cdcf97588c660040512b0b11880f9b646652b69936184b646b8d5a31d89e9734987a413b0d2ede4c298351b4a290d79
- SSDEEP
  
  768:qdefUVh+T/+LY2TMX368LqFGkysJOwSr4:qITQYxIFdswSU
Score

1^/10
behavioral13 behavioral14
- Target
  
  UnityEngine.ARModule.dll
- Size
  
  20KB
- MD5
  
  a4a02d46805352afe65d81032013bb5b
- SHA1
  
  64b779652a188a0732ae497375dabd1150ec8e98
- SHA256
  
  f9e5f234d4b050943a8730f6c87db66f6cc7bae0723752b91b046d6b3bbf6ac6
- SHA512
  
  5b862e58c0c86c3c7d2a738172f17e44a7a4630efc9e3216886cd172506292df6a379a853c75b164efdafd0e542b34226ac53b70262ccc507c038592f61029a6
- SSDEEP
  
  384:qtfryKuzVJourYGuDQMo8fiujwXviP7NuLkbJPkS4mZ:q8xsNQMoNujKi7cLkVcS
Score

1^/10
behavioral15 behavioral16
- Target
  
  UnityEngine.AccessibilityModule.dll
- Size
  
  6KB
- MD5
  
  dde14030c4448df1946891baa49ad5e1
- SHA1
  
  3ad0e4e1c6913545c5c79bdc9442b60cc5c082bd
- SHA256
  
  c47d1b0a095ada987e55214712f48dbd2a8b7bf4fbb6b58191dfd4baa56830e4
- SHA512
  
  e92c49083e7d7d2dd19bd4970700e0c48fc65eaead50a8d80a0dc812f1e49b6a5f70ee5961a90d0c2e71a2647f1f50882ee98d2220267f0b23464252c6eb62c3
- SSDEEP
  
  96:4kDqgHphhdwBwktZdXG2K/Yz0eOcVxO+w+03AXYQm0SL:4wqudm3yo0VDt3ACL
Score

1^/10
behavioral17 behavioral18
- Target
  
  UnityEngine.Advertisements.dll
- Size
  
  28KB
- MD5
  
  296060ff09c2ff5fd91c7bcac5c84de3
- SHA1
  
  7d6cbf872559310497f11772c5313cc232365d03
- SHA256
  
  69af9e7e19a950581afa6f8769d9ce6764d639e9060472b36781361de6587cb5
- SHA512
  
  348a4b5fb6a79ef94ed5b444b8d66d648448e3839908c572c64fe1883ef518db2b336ccf0a4511656543e571c6e635bbf23b7c6e710551a478472014e51e0b45
- SSDEEP
  
  384:wh1OHzq3ZY6YjRUDGDuWms/wuQsnsgWpFs3IMMPPw0tjCcxuv3b5ajsAdATbuy:yOHjjRofWcasbi0tU5aAwYF
Score

1^/10
behavioral19 behavioral20
- Target
  
  UnityEngine.AnimationModule.dll
- Size
  
  69KB
- MD5
  
  6a8b58b841d6ea7e1fa17cf1983e7e19
- SHA1
  
  c0bbdce92536d1847461c503ab1f19fe0d46b5da
- SHA256
  
  ac267fbc51c77f306b9984010ef431391f00dafa49c4654911ad013f359c8e24
- SHA512
  
  ec6ac5fb453b2dca85fddee6346c5ef19acf656dd096034c9b9b4b28d5de2c902d5bdfae5f406fcd3b88d6c899fa2fae170060a8b62c4443cd58b45759682002
- SSDEEP
  
  768:gHOgmJkhrz1Fp/5DXg6EWuxqji5lFB1ugqa6ELTTKzXZirNIY8m16rtx/iQ3mwLC:Lju3OTx3TB1ug8EMX8aRm16RY+csBjm
Score

1^/10
behavioral21 behavioral22
- Target
  
  UnityEngine.AssetBundleModule.dll
- Size
  
  4KB
- MD5
  
  532b9f1d8fda34f3b84c008902c18fd5
- SHA1
  
  060a32d08b0c6bf7f45600194a86f11b08d4603d
- SHA256
  
  236a0a7717e77c1d42696a4e5495b14b9aef2b7c13ac2b6df77510ed340d3649
- SHA512
  
  61324dbc297d174fb4808e8ce0fe97203205bfb8cae651f5ce06f2b6890dc1c42f165cd849a09be8d5a912890f0ad622b38ec8d436a4540b1da862dd12bcefcd
- SSDEEP
  
  48:6Q1MtBljAEk0jiKr0TMuW5TByEVXXqnEaOPulI00hZI:fMtBgqiKkWH6200h
Score

1^/10
behavioral23 behavioral24
- Target
  
  UnityEngine.AudioModule.dll
- Size
  
  44KB
- MD5
  
  f06e5a70c4c94eca4783be98f6238623
- SHA1
  
  d32ef4ec351dceecbf6e881a0cbe78b703d5352f
- SHA256
  
  aadb357aa028634ed5a8fb475aedb861d3ebeb1448494b4d1b3359dd696a6dc6
- SHA512
  
  b50458cbe35cdce8830c94a563921661efc28d067f5318ab74cdc56fdce74d0ba3520b35d3292d788495415ec7882d86e7dd925037ea5f3d2ae8dea46cf99378
- SSDEEP
  
  768:n8VH1kdzAAKxShKhIbDIhhKboKTsJeIb/n1wP2I2+795/0z:90ShKhIbDIhhKbBZIT1a5/w
Score

1^/10
behavioral25 behavioral26
- Target
  
  UnityEngine.ClothModule.dll
- Size
  
  10KB
- MD5
  
  8ba69c0e64d84f2f13c310203812b2d1
- SHA1
  
  1b081b13b6ddcfdcc78a47331a3693ff50f85f3b
- SHA256
  
  7e1c776bddd817297adcb193bf2ca6bcbb71de2dba3c4c0c6aa47b306ceb5e6d
- SHA512
  
  38fb0d826f390066d9d4cea0c6f75bdac1800d60f668c9c75ef1a40eb547b4ccc376124b64f8e2db7d28d57810976b30aad3a6333c5f9bc70641e6a6c639eb10
- SSDEEP
  
  192:NaNfZsLc1KyBRXlZHJz4E5mSP2PXTRetSKvxOOfVhZ:NarsLc1KalZZ4Et2PXTRtKvxpdh
Score

1^/10
behavioral27 behavioral28
- Target
  
  UnityEngine.CoreModule.dll
- Size
  
  647KB
- MD5
  
  b89a58342c2dedf1b76631467a6c29d1
- SHA1
  
  5ad3df68f660d030e9ec4e92b3b956ee0deb393e
- SHA256
  
  a936625e691a98d228f73d6e1e2564fe5d2ea33f647f16ead3cb5c6030b861f2
- SHA512
  
  5ce5a620fc9ceba4935b75cda9b9a65ec0bf9bbea8d8e1ef408ef771040dddc2c3bc931e59c2e02753d32e5a202c4874391c91e64dfe783a3c3977453e6d4d87
- SSDEEP
  
  6144:/7D9H5x61hYoqhDVa7dncfgI+BiM+Miar76G39QuWn+CKh5g6KP4yM:jk1hYHU2fBKiMuar7XbW+CCs
Score

1^/10
behavioral29 behavioral30
- Target
  
  UnityEngine.CrashReportingModule.dll
- Size
  
  4KB
- MD5
  
  8dc08d6a69fac42c2630bb13c274de3d
- SHA1
  
  fbbe3c6627f7178537b8fdbae578fc89386bf4eb
- SHA256
  
  3dbefcacf21ebaef0901fe9ab4ea61bacffd23ac38dd22f342f8086c7a90a3a4
- SHA512
  
  23932346174eaef2ea54930f36b4a835056e8f5b17b72c3ab1baf5769a14ec9d38db59b51ef4594130481931ed41143363d4bc080af9aa6b78f531e7e8caa243
- SSDEEP
  
  48:64iqCr4OwUpR/DfN1BZqoTByEVDnqnAaOPulBzoZ05IomxI:PwfRPBz0rz005I/
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Loads dropped Dex/Jar

Reads information about phone network operator.

Removes a system notification.

Uses Crypto APIs (Might try to encrypt user data).

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32