metasploit | 848b390ddf887b11cf8e03981006409e8c1eb76d405243e5f801cf2db5d52c3e | Triage

Submit
Reports

Overview

overview

Static

static

GBWhatsApp...52.apk

android-9-x86

7

Resubmissions

18-09-2023 11:34

230918-npkw8abd36 10

18-09-2023 11:26

230918-njy7nagh7w 10

Sharing

General

Target

GBWhatsAppProv1752.apk
Size

68.8MB
Sample

230918-njy7nagh7w
MD5

20eaf9558017eee65f349ed3d28c6d46
SHA1

e004b4ef1230d53dcd0aafa0f1bd422d8c07f146
SHA256

848b390ddf887b11cf8e03981006409e8c1eb76d405243e5f801cf2db5d52c3e
SHA512

0ee9d06c164221d4955d75c71a9eb58ac44932d21f196fe0a26fc93134daeeb135767cfe49bacdebfa58e4f6f7e3af361bf8495dd74afba6ef8554588f7afea1
SSDEEP

1572864:5jCthVXrbM5QfC6sZm4oc89kQfohXYZZW+jBeEdxXCjrXS0H:5utz81Zm4oc8XodYZZWhEdxXGX5

Score

10^/10

metasploit android evasion ransomware

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

GBWhatsAppProv1752.apk

Resource

android-x86-arm-20230831-en

evasion ransomware

android-9-x86

4 signatures

600 seconds

Malware Config

Targets

- Target
  
  GBWhatsAppProv1752.apk
- Size
  
  68.8MB
- MD5
  
  20eaf9558017eee65f349ed3d28c6d46
- SHA1
  
  e004b4ef1230d53dcd0aafa0f1bd422d8c07f146
- SHA256
  
  848b390ddf887b11cf8e03981006409e8c1eb76d405243e5f801cf2db5d52c3e
- SHA512
  
  0ee9d06c164221d4955d75c71a9eb58ac44932d21f196fe0a26fc93134daeeb135767cfe49bacdebfa58e4f6f7e3af361bf8495dd74afba6ef8554588f7afea1
- SSDEEP
  
  1572864:5jCthVXrbM5QfC6sZm4oc89kQfohXYZZW+jBeEdxXCjrXS0H:5utz81Zm4oc8XodYZZWhEdxXGX5
Score

7^/10

evasion ransomware
- Acquires the wake lock.
- Reads information about phone network operator.
- Removes a system notification.
  evasion
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

evasionransomware

© 2018-2024

Terms | Privacy