c8e3a9082b31403c368859c97768e10f3779131827caf47ed80992e677bb22ca

Sharing

Copy URL

Twitter E-mail

General

Target

3c7d732f60c57dab84803cee24908bb08d317c636e377c581597391d28350c3e.apk.zip
Size

40.9MB
Sample

231008-ae5xragh3t
MD5

7c9f256436b489947c4bd3eb0315ea71
SHA1

ee3cca441d105d202b1b962fd4c21e80e6139b42
SHA256

c8e3a9082b31403c368859c97768e10f3779131827caf47ed80992e677bb22ca
SHA512

adfc4d5802867f2ad5558223e25b5f40c70a5d8fa55a416d83335ed9cd13c5822cea23e9aae9286d5b77fb396d7b6b3e7d9d82440154b845424be787adbdd7fc
SSDEEP

786432:yIEloK6NX9CcokzWJRxj365tenxOsJ5QyE6dg79RikhBpIzdD53xBj:HElMNXAclujK7qiegx0oBcR5n

Score

8^/10

Malware Config

Targets

- Target
  
  3c7d732f60c57dab84803cee24908bb08d317c636e377c581597391d28350c3e.apk
- Size
  
  43.5MB
- MD5
  
  57ba1c4983c530e383dca778ad34e56a
- SHA1
  
  93d9b47f89d486de0912b467368e206b3066ffa3
- SHA256
  
  3c7d732f60c57dab84803cee24908bb08d317c636e377c581597391d28350c3e
- SHA512
  
  ce662909fd59e38796078b49f5b64c9d1305c1a543df7cce082c7a1fd94faf89e9606dfb3657a89c7044bcc5075f7d49307f4c0c5d32c84656fa9b88438a8c8a
- SSDEEP
  
  786432:WTndUZArDyriozJ6fkFH2OnS3+fvBVC/jnnZGfy/U7hAZa:WjdUmPyuoN6USu3TujM6s90a
Score

8^/10

banker evasion ransomware
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
  banker
- Checks Android system properties for emulator presence.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads information about phone network operator.
- Removes a system notification.
  evasion
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1 behavioral2
- Target
  
  pie_openvpn.arm64-v8a
- Size
  
  7KB
- MD5
  
  eed5383d70e6b7dc05a2db80c88b8290
- SHA1
  
  4c106372c8b0d5b9ece8a39234c0d140eeec213e
- SHA256
  
  ec489d541787b8f060ec98e79252b51a7e782e4edd7780eda16ded91c31bd2eb
- SHA512
  
  f34ad4f42a72bdfe06cdf282dc476abfe85e77d93ad11d63dfc47bb62b3d54bd51ae7db31ca91022e3adf85012e9d88fcf8871eeb5d53ad6cdc837cb6f9b4a9a
- SSDEEP
  
  48:QYUtEy5+x7aHLkbd81bdp2dBv0ZgbJ+BUetc3UfcgH:7UtEyg74Jpcv0ryscS
Score

1^/10
behavioral3 behavioral4 behavioral5 behavioral6
- Target
  
  pie_openvpn.armeabi-v7a
- Size
  
  6KB
- MD5
  
  09c750458eac119c97eac971299e8b8f
- SHA1
  
  70ec363b9ef98e2efc4f02aa0d195100c3d961b9
- SHA256
  
  728945679556916d5eebb74f864498ac50a3039dd0c694e877ec0ccc5096f9b5
- SHA512
  
  69b9c0073bb59d78b2602043bc2f691278a0962683bea68cf3dac5ff03a55b4d8870a008f39572a18eabb260a022e0379b23be2bd203531410b9006488a1345c
- SSDEEP
  
  48:fsO6ij2OoR6rJ3rivPLbd81bdSjoiSls+sHIdQQ8HxmpcuENly/837/i:VLoQbpCofEIdMkpcuMlV37/
Score

1^/10
behavioral7
- Target
  
  pie_openvpn.x86
- Size
  
  6KB
- MD5
  
  5a3b8234491dc6b63a60093b8f5d98a6
- SHA1
  
  204698e325e71477501e1e99c3701e6d0630c4c4
- SHA256
  
  734ee1f231151d0a2ceb94f128cea847d525aedbbdfe8643dd94fd074263ddc0
- SHA512
  
  43a1c763b7fe64b67c8097b58f5773046bb33fabd162a922e926eec05f808e47b5fd67e29c241ed2ee65633442e0afc831fcb88191687b9ef2a2af55135ee232
- SSDEEP
  
  48:j9/PPbwIthRaW8tbd81bdSjVl+/5GWd9/a5xVrqSlbiuNNdK:5XUSaWTCG5JIprqmbNPdK
Score

1^/10
behavioral8
- Target
  
  pie_openvpn.x86_64
- Size
  
  7KB
- MD5
  
  5fbf6c1417286f8cc12f9127d160894c
- SHA1
  
  76c185b9a208d0e61e59edc2fe1fe229215f2b12
- SHA256
  
  0f3b1de4b64c70c6f5d2863a3cc2db7bf349abfe42e32869e005505cee430527
- SHA512
  
  b8f01788b67e46bfaf061e17f925e6c009e86e6fff5de32bc9cc99fafb6d9a47df39ad9ffb31982918c4f67e224120d109b53ba08d154c34459b0f2ca1d94593
- SSDEEP
  
  96:RlV5l/El/i6tChESuWl/Gl/yIdnU4BftldK:RlV5l/El/imCySrl/Gl/ygnU4a
Score

1^/10
behavioral9

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).

Checks Android system properties for emulator presence.

Loads dropped Dex/Jar

Reads information about phone network operator.

Removes a system notification.

Uses Crypto APIs (Might try to encrypt user data).

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9