88661a0b0e2f399525c2ebe3a0680ec1bec721a5bbf41333e76e56846fe359d0 | Triage

Sharing

General

Target

Blue_WhatsApp_Plus_v9.82_sign.apk
Size

72.2MB
Sample

231005-lbef6saa5w
MD5

48fb897f0fe7e8b5ab2ff86714c4a051
SHA1

89b4e30a307f59f77beda46d73de83c3bbe4afd6
SHA256

88661a0b0e2f399525c2ebe3a0680ec1bec721a5bbf41333e76e56846fe359d0
SHA512

69c93623d915f3a5fa6a3a4323241da48be650d59a2b2e5ac8bb3820825979b5ba7a519734494e20267958a119fc9e5c4b6905b73ec1b53c1248b2ecc19dc340
SSDEEP

1572864:NK/uND/iYe+rOaVkeXzD9dOUehYfQGG4Eg4kpA6:QGJbrOaVkq9J3f523c/

Score

7^/10

android evasion ransomware

Malware Config

Targets

- Target
  
  Blue_WhatsApp_Plus_v9.82_sign.apk
- Size
  
  72.2MB
- MD5
  
  48fb897f0fe7e8b5ab2ff86714c4a051
- SHA1
  
  89b4e30a307f59f77beda46d73de83c3bbe4afd6
- SHA256
  
  88661a0b0e2f399525c2ebe3a0680ec1bec721a5bbf41333e76e56846fe359d0
- SHA512
  
  69c93623d915f3a5fa6a3a4323241da48be650d59a2b2e5ac8bb3820825979b5ba7a519734494e20267958a119fc9e5c4b6905b73ec1b53c1248b2ecc19dc340
- SSDEEP
  
  1572864:NK/uND/iYe+rOaVkeXzD9dOUehYfQGG4Eg4kpA6:QGJbrOaVkq9J3f523c/
Score

7^/10

evasion ransomware
- Acquires the wake lock.
- Reads information about phone network operator.
- Removes a system notification.
  evasion
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1
- Target
  
  YOWA.html
- Size
  
  651B
- MD5
  
  9bf20c91938a21bb8459742fdd2d3d5d
- SHA1
  
  da89a9552686f3953545254003ce416726017112
- SHA256
  
  a4349473a61fbff475f116da0ee9468e9ed22ef9d64ba0b1f9c58b9b288e27e2
- SHA512
  
  11e9fb287b62548e24b27d787b527f7eda71b9f005995afd8f30cae9fc6bbcb273378f2d7d3e42c1283a3f67b54cd63600ef69789c4b683c418679c57e347e37
Score

1^/10
behavioral2 behavioral3 behavioral4
- Target
  
  changelog-ar.html
- Size
  
  2KB
- MD5
  
  05582234204e710f3fc0f6802b924401
- SHA1
  
  ad3feb37f3fe3cb06f7771e31b521af183f9d410
- SHA256
  
  7a047bc66590d6ba1ea401e76dd6e4a36b2b6e6b28e7e472db4d9a0a6bba71d2
- SHA512
  
  ebb856cd228fe47a0d382e8176c315e8d716b478d5183b7bee47a1a12f8e73dd17dbc8e91d062aa8abedbaa8c4e9c10d74142bfc5f418d00bea22c8935c257e5
Score

1^/10
behavioral5 behavioral6 behavioral7
- Target
  
  changelog.html
- Size
  
  2KB
- MD5
  
  05820c6ee4e8219897b0fa36866fc9d4
- SHA1
  
  6d9b6586cc25bde7f9b616ab8eaab913c80dbddd
- SHA256
  
  e961d8721375bdf81bb5a9c7485849b4a4b6d1502828aac81be00435c8b7fd2c
- SHA512
  
  729d5ff3b56abd20747b2fb38ab66ea242132273d2860eccfe4547f87fb94d61f86cac505753fe7128cdf9cb01c3433058573c7a342adce003c1313abe800535
Score

1^/10
behavioral10 behavioral8 behavioral9
- Target
  
  credits.html
- Size
  
  3KB
- MD5
  
  e9fee4ad42289910a2c6d2ad448a23f5
- SHA1
  
  2588bf885b6bcaa6775a5ab1c8ffdd2d59e25404
- SHA256
  
  73fc40390abebc8af299e32ab5691e5af3ba6229409d57969c87b6ef2959c133
- SHA512
  
  21b1d1fd00daf08d2713b4b918087bb77f8d10026b8807e9de4ffa4776a83122233695ef8e50bf6cc4b7e7dee4d2972419fe6d14b8b41a8e29a8cb89f1dd3272
Score

1^/10
behavioral11 behavioral12 behavioral13

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

evasionransomware

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13