05ec45735db9d58d3991941cff56d25ba6ae26dd300b2c1250aca093e68843d1 | Triage

Resubmissions

20-09-2023 15:26

230920-svpvksha9x 7

19-09-2023 21:51

230919-1qy7fscb8y 7

Sharing

General

Target

xManager.apk
Size

9.1MB
Sample

230920-svpvksha9x
MD5

15e16125c1cd2e4eda8058dc1b957362
SHA1

4649e99fccb758e34be68ccaed63db1053c8337a
SHA256

05ec45735db9d58d3991941cff56d25ba6ae26dd300b2c1250aca093e68843d1
SHA512

e1cfcde3ef453045aa267cdf2ea48ffc6e80cfd054c9dfc5ed0edddfedae61d8bfb12389e248ae44ee4f6cbd408b97befcae368d8e23a0ea3ad2985e9bac219a
SSDEEP

98304:1g4OD3plY2bl11NHC77QE7j01xkgnk3Jx+V0L0QUllb/JGxBbSg64kA/32d2ZrC6:1cD3p5l1zC7D01xXnaxjLalmBR6yxrOm

Score

7^/10

android evasion ransomware

Malware Config

Targets

- Target
  
  xManager.apk
- Size
  
  9.1MB
- MD5
  
  15e16125c1cd2e4eda8058dc1b957362
- SHA1
  
  4649e99fccb758e34be68ccaed63db1053c8337a
- SHA256
  
  05ec45735db9d58d3991941cff56d25ba6ae26dd300b2c1250aca093e68843d1
- SHA512
  
  e1cfcde3ef453045aa267cdf2ea48ffc6e80cfd054c9dfc5ed0edddfedae61d8bfb12389e248ae44ee4f6cbd408b97befcae368d8e23a0ea3ad2985e9bac219a
- SSDEEP
  
  98304:1g4OD3plY2bl11NHC77QE7j01xkgnk3Jx+V0L0QUllb/JGxBbSg64kA/32d2ZrC6:1cD3p5l1zC7D01xXnaxjLalmBR6yxrOm
Score

7^/10

evasion ransomware
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads information about phone network operator.
- Removes a system notification.
  evasion
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1 behavioral2 behavioral3
- Target
  
  base_font.ttf
- Size
  
  54KB
- MD5
  
  77171d8f5b5283f9d47a3434704bf944
- SHA1
  
  74c87f67010f63777e33c5114c76b1fc67e4ae5b
- SHA256
  
  b5b3eb8e443fe9e3976dedaa2650d68d37d992c4e4e2e7676674a1f3027e2a41
- SHA512
  
  ebd772c548bd863dd9f9c112acdc5b4ca4aa645866ec2ccf96bd0ec7e77fe165c393bafc18aeb143b14b4bf945c2586656b53b36bf79184381109655bb2bdeca
- SSDEEP
  
  1536:8dff4+NKCvJfrhCo+yvTwUnlPx5428MWyH40oM/:8dfQr0frhCQx5t8g4tO
Score

1^/10
behavioral4 behavioral5 behavioral6
- Target
  
  base_glitch.ttf
- Size
  
  13KB
- MD5
  
  0508b6f4a82712a7c3284e89186b345a
- SHA1
  
  07575b936d88d0f06ae7e6c3f20cab95bda1744c
- SHA256
  
  e487b3aad32e3a61b34eed00cde2662800182010496a063f542e8b472f6bc9e5
- SHA512
  
  60abf57feb637db678f19531f611b0616eed2466eda4d6a1dbcc02c97114127d66fd454dc3e424ce80c26640aee02075bd8dbd9186428ddc12f7a71e60808402
- SSDEEP
  
  192:W9c4iEGnngkLOFTUrLBbWcXEBVe+Hlj635bhEhgDtUNAhpNrG2oFJ9Dc+FDV9MJ3:LZOFgEDK5XDtUNv9D9x4s0AZgt8fHW
Score

1^/10
behavioral7 behavioral8 behavioral9
- Target
  
  splash.gif
- Size
  
  612KB
- MD5
  
  8cdddded728de445824d542fdf5e219d
- SHA1
  
  98cfc4886a2c926f3fe2ddf4ca1d95a964ea5749
- SHA256
  
  aba9617af6ceb1a39fdb3c37098381bcc0283808c23f316e0510ee3faa4325f3
- SHA512
  
  6e4702fb9f1dcf9d69c19925bf3860b7aa5f0cc4c77ea8a92d245a5fcf2b5313990635bf439ace09d99ffbdba86da48a57b12a580aac849ebe93e24f3304f439
- SSDEEP
  
  12288:9YknWtnqeEumOlzahodjEGdfwmKlMDmM8SAW:XuEhLCdjnfqP3e
Score

1^/10
behavioral10 behavioral11 behavioral12

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

evasionransomware

behavioral2

behavioral3

evasionransomware

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12