3dc8d17563d2f39dd5c9a8b2eeb07f55dcdda94abd59b5d94b4ccd4e7aff74a8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

apkmody_3.2.26_6.apk
Size

27.4MB
Sample

231013-191jmaeh92
MD5

24ce96d5033fd0b68a858e36d398f1d7
SHA1

436bd5555ff02edec0308040f6d0575d0b30cf2e
SHA256

3dc8d17563d2f39dd5c9a8b2eeb07f55dcdda94abd59b5d94b4ccd4e7aff74a8
SHA512

d20be1ba4b35fbf3aba90aed95f4c94fa4875b39acd759f693ebcae40738026c3764e6d528299344e0225c2e2b684e9b9621604f5cbe5804c06ea95b4318478b
SSDEEP

786432:oHTHV0AzM2Kp20QAxMocB2J9ES8pidc4ljCbYZTDd6:oHTvMTpTxMzoJ9EfiS4xCbYth6

Score

7^/10

android evasion linux ransomware

Malware Config

Targets

- Target
  
  apkmody_3.2.26_6.apk
- Size
  
  27.4MB
- MD5
  
  24ce96d5033fd0b68a858e36d398f1d7
- SHA1
  
  436bd5555ff02edec0308040f6d0575d0b30cf2e
- SHA256
  
  3dc8d17563d2f39dd5c9a8b2eeb07f55dcdda94abd59b5d94b4ccd4e7aff74a8
- SHA512
  
  d20be1ba4b35fbf3aba90aed95f4c94fa4875b39acd759f693ebcae40738026c3764e6d528299344e0225c2e2b684e9b9621604f5cbe5804c06ea95b4318478b
- SSDEEP
  
  786432:oHTHV0AzM2Kp20QAxMocB2J9ES8pidc4ljCbYZTDd6:oHTvMTpTxMzoJ9EfiS4xCbYth6
Score

7^/10

evasion ransomware
- Acquires the wake lock.
- Reads information about phone network operator.
- Removes a system notification.
  evasion
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1
- Target
  
  no_sleep.js
- Size
  
  13KB
- MD5
  
  7748a45cd593f33280669b29c2c8919a
- SHA1
  
  e17ecf67de61920504d79194dbee5cd552a01cfd
- SHA256
  
  dce4eef0b197b640ad6aaab2228ee1ee7dccf8bd6d6b5de5484dd1bd16430a78
- SHA512
  
  49b3225a5994b724b16b1890e41697c71096402f48c338fe193cb538ac8f88b7d013c0b70e81786d476be3eaf3170049df1ced6cd8957098fffecf11c13b5586
- SSDEEP
  
  192:nRG+Fgkw+wi+FrZJqbzr+5rA7wbUCzebIkuHeIabmEWUSiaNRGApaFnoNhCaTLIf:n/gzi+FrZJqbzrarAyUX5uHej27W
Score

1^/10
behavioral2 behavioral3
- Target
  
  t-rex.html
- Size
  
  80KB
- MD5
  
  16911fcc170c8af1c5457940bd0bf055
- SHA1
  
  eb44540186285271130b056fa6099b1988319fc4
- SHA256
  
  dc72cfc1f1d2a5013bb9de34f8cacf5e26e542d7d713fcbe09b865b4aaca6ddf
- SHA512
  
  131a00b7895a40ea0fb355ecc5292b3cbbcd23b45dd59b07da1b8eb86501ff0ec698ab5446687cd7ff5fba03d97b7a0b6e47196dc284a51c677cf04dbe13e393
- SSDEEP
  
  1536:V5OdudTTa8udsB7g1BuqHkFT5VgYzMGgbJsMPz:Vq0y80I7OuikXm3bJsMPz
Score

1^/10
behavioral4 behavioral5
- Target
  
  toastify.js
- Size
  
  5KB
- MD5
  
  e7006a0a033d834ef9414d48db3be6fc
- SHA1
  
  43462bf4955f4818911f6d93904e3a2d3f8a2c4f
- SHA256
  
  99fa91fad6dcf4497f838937b8fc57105eef131d5adbd4cbe3936ce6d4248ec1
- SHA512
  
  82e1b67e75f61ca0cb3a5861fc8a669f7bf2c7a6b3dadb0871a038412ab4ce83c4b98f3061b39f93c2ef910351ac2a5c2e7c6e34317a1c2ba31816cb313fede0
- SSDEEP
  
  96:TSr4NkSo+hVCsGwnVE8y2d7QC3305q5uUy:GrGPChSV33Kq5ul
Score

1^/10
behavioral6 behavioral7
- Target
  
  tt_nd
- Size
  
  5KB
- MD5
  
  cfb58d5a778a4da98783db9388bacfc5
- SHA1
  
  4e826b8e65f7a81ee0c30836f132632054f338e7
- SHA256
  
  64f11eb5134f29bcff547988289baff229b05faf93adac63d3a3bfe97c7f810a
- SHA512
  
  1cac2288c9d222dbd195e3b929aebb887e5ff8d13c46675bcc879c762d09311b97a1e331389df520165cb994f1717ee5debf1a97a7563c474130943d5cd4267c
- SSDEEP
  
  96:PWuzrX8H2mrqoAuRJff9SgbhWFllXU+9z:PlrXWRJ9Sgbh0l5
Score

1^/10
behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionransomware

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8