c612cbe7fa3230fa068618a5572ebd5cf680e240dbc1b243a1359862214ffa22

General

Target

Temu_ Shop Like a Billionaire_2.9.5_Apkpure.apk
Size

127.8MB
Sample

231009-1cdnlaae37
MD5

3a8744cca97d9e04b53a16d736d2272c
SHA1

cdf53843ca0a607e0e20ee19f047d1ab09cda7c3
SHA256

c612cbe7fa3230fa068618a5572ebd5cf680e240dbc1b243a1359862214ffa22
SHA512

b5871dda85be1e4497aaf77d0cf8a8653403c2ff28a205cbe6de3e308748011f94b7b8e6fe2378845c56787263fc585f7590d3e1c6f0cb0413cf64bab2d70b34
SSDEEP

3145728:Op3bkvZPb7ainiqEWXHxs95jML4zEoSgllbyRk8I1hyBoSh1D6:a3crjHAWoDZllbm68oSL6

Score

7^/10

Malware Config

Targets

- Target
  
  Temu_ Shop Like a Billionaire_2.9.5_Apkpure.apk
- Size
  
  127.8MB
- MD5
  
  3a8744cca97d9e04b53a16d736d2272c
- SHA1
  
  cdf53843ca0a607e0e20ee19f047d1ab09cda7c3
- SHA256
  
  c612cbe7fa3230fa068618a5572ebd5cf680e240dbc1b243a1359862214ffa22
- SHA512
  
  b5871dda85be1e4497aaf77d0cf8a8653403c2ff28a205cbe6de3e308748011f94b7b8e6fe2378845c56787263fc585f7590d3e1c6f0cb0413cf64bab2d70b34
- SSDEEP
  
  3145728:Op3bkvZPb7ainiqEWXHxs95jML4zEoSgllbyRk8I1hyBoSh1D6:a3crjHAWoDZllbm68oSL6
Score

7^/10

evasion ransomware
- Checks Android system properties for emulator presence.
- Checks known Qemu files.
  Checks for known Qemu files that exist on Android virtual device images.
- Checks known Qemu pipes.
  Checks for known pipes used by the Android emulator to communicate with the host.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads information about phone network operator.
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1
- Target
  
  Filter.js
- Size
  
  22KB
- MD5
  
  bf6e8182b740d6f482b76d10c124d002
- SHA1
  
  dd6f0d4b6337d813081cd1288c2fa901a209a59f
- SHA256
  
  ea49f6855091b71c2f5bf9d45dce4dde9bda7c9ba8a71f6e2a9c9911b86a5497
- SHA512
  
  79ea1d8d9d8f1a6eb1b631c34701df0302d009d548d3d80f8e322449ce14db55206de6b79ef2e3645440ddc828bf9f6fb60e03e68196686dfdf3fa3db1195076
- SSDEEP
  
  384:WnbbpSfCFwRkBBUSqHo2FZLzFeUoPBejkI4coW/fGSXOLvn5QQ4Asn2QHx:Wb9CRkzUSqHo2FZLzFuoULvn5QQ4As2E
Score

1^/10
behavioral2
- Target
  
  Service.js
- Size
  
  26KB
- MD5
  
  30bbde19a9f6925607ad6eab4c1e6067
- SHA1
  
  55d1e80fa921b853b2edc96ec39f1b4fd452009b
- SHA256
  
  a98979bc7b468e59e0b23ea6f53f0567c2247359db9a8edf327576d58bccb688
- SHA512
  
  5f7153ea416c25a96411195568f3d4cb112d0f567aa8db76e45674cd12be8ab01bc5355735d8f3de457c716a2f408d44d9c508d7eac7bcd98cda2e72d7259d21
- SSDEEP
  
  768:VxCh10KBDh+MHkpLhnHC2FbbzFJiC7zV5JZFcNTx2vk2:VG0KB1+MHkpLhnHC2FbbzqyZ5JZFcNT4
Score

1^/10
behavioral3
- Target
  
  debug_meco.html
- Size
  
  815B
- MD5
  
  e16307e9250cff28cf4d76e92e01d6d7
- SHA1
  
  e116e899689fb91b5b2cc2244b255cd3e81c7929
- SHA256
  
  cbb037370c0c40b2ba32162b7f7e113132e8d090bdd4f4ec441b133e676d0811
- SHA512
  
  b7742bfecd21fed67a53f4e6ccdc7ed567b978ffe68b50dffb5ac1f94e0261c6d7259cad60be1f13d79de1a854a62e5f03bfbc88241822496e0cfe7b372b6c10
Score

1^/10
behavioral4

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Checks Android system properties for emulator presence.

Checks known Qemu files.

Checks known Qemu pipes.

Loads dropped Dex/Jar

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data).

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4