64fd1e079f21f00ade7320aec0530e0c9866e1acac19bd626381082cde53ffce

Sharing

Copy URL

Twitter E-mail

General

Target

LinhYM - PvZ 2 10.8.1 Oficial.apk
Size

102.1MB
Sample

230830-rttlpsga38
MD5

6cbeb1d1a9ea6a6daecea0307c507e83
SHA1

c60443be48d344e5f9e765c9bc04fd956556ed4b
SHA256

64fd1e079f21f00ade7320aec0530e0c9866e1acac19bd626381082cde53ffce
SHA512

6d9e09c9d1e47e5ca5df3b6b06e88ff56ef689a5ca37cf63ab0ad54a78286b5cb760fbb24f65845a71c3d46f189092eec11e810dd4617d162dd54105fa8de210
SSDEEP

1572864:6VsDUyRWVjn1TYW0t3N815FMPFWCmT6rDdR79KD:65uWcBt3NTJp9KD

Score

7^/10

Malware Config

Targets

- Target
  
  LinhYM - PvZ 2 10.8.1 Oficial.apk
- Size
  
  102.1MB
- MD5
  
  6cbeb1d1a9ea6a6daecea0307c507e83
- SHA1
  
  c60443be48d344e5f9e765c9bc04fd956556ed4b
- SHA256
  
  64fd1e079f21f00ade7320aec0530e0c9866e1acac19bd626381082cde53ffce
- SHA512
  
  6d9e09c9d1e47e5ca5df3b6b06e88ff56ef689a5ca37cf63ab0ad54a78286b5cb760fbb24f65845a71c3d46f189092eec11e810dd4617d162dd54105fa8de210
- SSDEEP
  
  1572864:6VsDUyRWVjn1TYW0t3N815FMPFWCmT6rDdR79KD:65uWcBt3NTJp9KD
Score

7^/10

evasion ransomware
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads information about phone network operator.
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1
- Target
  
  SuppressionRulesEvaluator.js
- Size
  
  8KB
- MD5
  
  8f4fdf22c453911f849fe76b71a27f07
- SHA1
  
  b0273804f6ebc162d1934d7c2d33f8e438acdbac
- SHA256
  
  6f9378d895c9936c1cddee43884fd29e80bc39866aec1b421a80f1457db31174
- SHA512
  
  f0f0abdfb5f3811983310f22c7f644a26c32c5a5716d430ed75e8e70793166d61efd72ef83cb5803a7d6adaccc00a216f0ffd2517539d65b923873520b948042
- SSDEEP
  
  192:dWN3oooeTWNP9oK9oo0W/qe6CtRVQ9xcShpNBHivITWXnhF/1fq/RbO7lXziwB0p:wJinCW/qe6CtixcShPBEITWRffq/RbOq
Score

1^/10
behavioral2 behavioral3
- Target
  
  consentform.html
- Size
  
  107KB
- MD5
  
  606b67fe07d406edcd05430cfa764227
- SHA1
  
  10c0204754ec23b1954f703d20bf0b8ba606b29f
- SHA256
  
  347cc76e8788f515007cfa98e6ee0fe3cfd021492580fe79372a33850bca3f04
- SHA512
  
  dc7bc673c8408bf1fc01976f8c33b8d8e777c850ae5dddb0699bdbddc2e7ad017a078d2c26564b95bc176e62829824c86c4e5d9d4f8edbf410d0e5482a4605da
- SSDEEP
  
  1536:yqtgPagx3amKvGiNU58kmXzyr5SgobiDJgsdfU:ATEvGiNU5zm455obUJgr
Score

1^/10
behavioral4 behavioral5
- Target
  
  dt-mraid-video-controller.js
- Size
  
  19KB
- MD5
  
  b1fe77fe619b46ae3e167fae84bd8830
- SHA1
  
  f185f3fa2b390c14df5cafa42066f77348d50ab3
- SHA256
  
  25a4f95f4d060b2a57a950b2071a2934e1d32caec8f0e67d9c6ab71332cc0af1
- SHA512
  
  63c05560ab097debf98c42de21664975544791ee9f227e933843c9e8cb759256c376987ced33e08a12f868064d01f7b2b42ce519db618fb5c85dce0f2ca9bfac
- SSDEEP
  
  384:7eEgPcMVXh9OLjFmgeFIS3JOSMP3TKa8m9T:7biZhyF
Score

1^/10
behavioral6 behavioral7
- Target
  
  dt-omsdk-mraid-video-tracker.js
- Size
  
  4KB
- MD5
  
  985e868e5a88c72cac44928496dedfec
- SHA1
  
  b68a8bfc75c34cf6b8bc4316f045d88c8d748e91
- SHA256
  
  1e36560eda8c2d290d00266a7da4adf9f46c890969bdaac32b5ac95238392065
- SHA512
  
  54b97ffb8b3c4455031fe909ce80e2601e10ce77b486c944ead8f7de8c2dcf9e888d602ff5776b625d4556e2574ea4784e07f08d75c657cb3f89f9fe6bb850da
- SSDEEP
  
  96:6AwI+Rtr3nKdI+W5EJs9GrehUgdAczj0uzvOKnVNIhjnin7yIyg:6AwTX7nWT6EW9xUSAUguzvOKnVNMin7T
Score

1^/10
behavioral8 behavioral9
- Target
  
  fyb_iframe_endcard_tmpl.html
- Size
  
  520B
- MD5
  
  7844cba73b7b4b439b587dd501e92d82
- SHA1
  
  25a452bc6886d0e05d4a73da785021fd4c477a04
- SHA256
  
  e042e304cecd19bb6816de0150d3895e2717e66dda91f7e189610687c049dae6
- SHA512
  
  f54c2d7c0b265aa7c6feb18b8fb6740e01c9e3aeb19bf420d39832737fa59eed8fb959c8aa8a99c0efc87ca3399a244a918f0b4e90b0ee831a87e8afefdf2711
Score

1^/10
behavioral10 behavioral11
- Target
  
  fyb_static_endcard_tmpl.html
- Size
  
  3KB
- MD5
  
  d18fb1787ce0e84567496b8564e452aa
- SHA1
  
  007033d0824685600611af6992060577e127dd23
- SHA256
  
  2ae5e0576febb1a1cd63b10bf71644f99fcfd0fe7fb1f2d19525594165294e51
- SHA512
  
  ba5225a80941e3ee4ff18401b910968a6cab47634914ecb68213599b96fd4b39c8722e82bf2883faf355d9416a6f2acaa36151a5d8969079cfcd4c6795f6003b
Score

1^/10
behavioral12 behavioral13
- Target
  
  omid-session-client-v1.js
- Size
  
  55KB
- MD5
  
  ec66bd4160d9cb6db650caf6cb69b796
- SHA1
  
  8c38ea5527844653eb6014130923542b57451297
- SHA256
  
  e6c434e64d8c73759b7fdc69d331e89489127bb0da59168b02e16e6c9165afb0
- SHA512
  
  b8e6e93ccd9b5a275f6f35a25055513fbdd99b9ec8cd4271a7bc7f8096f13cf83ad2195e8d88af013e48133276361dd54fd4373163ab197b1b8668fad376e045
- SSDEEP
  
  768:RJkFU2PZiCCZVHAzqfiTGmKHg/1wEcvA5fioZgkwqDCWBoxKmvwLqI6Jg656TT6D:4FzCZ2tTDHCFT54/dE
Score

1^/10
behavioral14 behavioral15
- Target
  
  vpaid_html_template.html
- Size
  
  16KB
- MD5
  
  e276e92e96646fdac5a1988074f33954
- SHA1
  
  1a7aa338deba5f148ea18666ec1ec4fbf5ea148e
- SHA256
  
  4b8fd03cf268f9cd2f7432e13e8a7862760f7a6ed10bbf96dcc8232d2d382b42
- SHA512
  
  8425f53afde718047c310fc74a8d3924ce47f61f33fbb99d52147364244b9252b87ce1ebaac80db9d27151d0969537737c042e0f615e354bf2edaac6b13ce065
- SSDEEP
  
  192:mrLYJFkVvGFQshArPtP842+Lw1wOEeR6kad8bWXSrJEBOn8TsjNC4ck8aanlDTt2:8U42Fn9qW4+EQNuSXIlodoG
Score

1^/10
behavioral16 behavioral17

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped Dex/Jar

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data).

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17