Overview

overview

7

Static

static

7

1.20.40.01...ca.apk

android-10-x64

1.20.40.01...ca.apk

android-11-x64

7

1.20.40.01...ca.apk

android-9-x86

7

braze-html...dge.js

android-10-x64

braze-html...dge.js

android-11-x64

braze-html...dge.js

android-9-x86

gameplay-b929b.js

android-10-x64

gameplay-b929b.js

android-11-x64

gameplay-b929b.js

android-9-x86

gameplay.html

android-10-x64

gameplay.html

android-11-x64

gameplay.html

android-9-x86

index-ced7a.js

android-10-x64

index-ced7a.js

android-11-x64

index-ced7a.js

android-9-x86

index.html

android-10-x64

index.html

android-11-x64

index.html

android-9-x86

partial.ps1

android-10-x64

partial.ps1

android-11-x64

partial.ps1

android-9-x86

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1.20.40.01 Oficial + Xbox Live + Sin Musica.apk

  • Size

    206.3MB

  • Sample

    231030-3t87yafe7x

  • MD5

    74616c59358a7cf8e0ac8e981393f12c

  • SHA1

    3ce8402fab80e2f7e5e04efd60b4490125fa28c9

  • SHA256

    f79976ae30dc0eb0ece2d9af4497e399be0ed7426dc5465d805dd4c5d59ca1a5

  • SHA512

    37da8649b96d27f250eca18f77326880cbe7849ff0b5cd6912e891134b8dd02ab44a07e19c3e834783a05b5ddcb7d667db7dfec7989887b1aeaf50446acfa0d8

  • SSDEEP

    6291456:jVVKDJfHl7Q0tbOyhBJHOC6p3FKMJ9FLbCn/UtAf:jnKDJfHl7QIOyhuh3DFLbrq

Score
7/10
androidevasionransomware

Malware Config

Targets

    • Target

      1.20.40.01 Oficial + Xbox Live + Sin Musica.apk

    • Size

      206.3MB

    • MD5

      74616c59358a7cf8e0ac8e981393f12c

    • SHA1

      3ce8402fab80e2f7e5e04efd60b4490125fa28c9

    • SHA256

      f79976ae30dc0eb0ece2d9af4497e399be0ed7426dc5465d805dd4c5d59ca1a5

    • SHA512

      37da8649b96d27f250eca18f77326880cbe7849ff0b5cd6912e891134b8dd02ab44a07e19c3e834783a05b5ddcb7d667db7dfec7989887b1aeaf50446acfa0d8

    • SSDEEP

      6291456:jVVKDJfHl7Q0tbOyhBJHOC6p3FKMJ9FLbCn/UtAf:jnKDJfHl7QIOyhuh3DFLbrq

    Score
    7/10
    evasionransomware

    • Checks Android system properties for emulator presence.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

    • Uses Crypto APIs (Might try to encrypt user data).

      ransomware
    behavioral1behavioral2behavioral3

    • Target

      braze-html-in-app-message-bridge.js

    • Size

      4KB

    • MD5

      59466d519960df9d27f00239547c2f4a

    • SHA1

      e07274c13de4b4d5317e65f7b5fe9f283146488e

    • SHA256

      6c8980d63d6249934cf0936255e0e34013f28232e839af61d888d420a3bc95b7

    • SHA512

      de575e07debef82abfb70466bdc27ed8aad64e16d965cb386fa2b881c5c206d350e3518f0bbf6798d634517a589790d6977a40e180988429f9a04328a82dd05c

    • SSDEEP

      96:ClCF13kkhTmmDbm7o5q8rnC3pjG6qWo307IRs/QW:uq13kkfPm7o5qJxZiOIm/QW

    Score
    1/10
    behavioral4behavioral5behavioral6

    • Target

      gameplay-b929b.js

    • Size

      1.3MB

    • MD5

      ec4a1b5c563ef5ab76696f0055eec9c4

    • SHA1

      08e8e488117723031bb696e78d46f02486fb53b3

    • SHA256

      2614279b2861a4ca52820d7cd5939a65d8137c4f55db1b5d5f17e359d720a73e

    • SHA512

      3df07e689cec21a84a0bb5c805601f9d989e48267413555f16437c77d4d6ff48bbe2ee21c12e14129308afab238a0e92fde2f9c32ab909dc70257508725ab294

    • SSDEEP

      6144:rQARFoKducApMU4+M7Dlw0TqLIv9OmrEGPNF4yN+l0MzoFZi6il9ZBnTDmlT9+7K:c7pMU4+Mdw0es9OjGYyNpgrMLp9

    Score
    1/10
    behavioral7behavioral8behavioral9

    • Target

      gameplay.html

    • Size

      72KB

    • MD5

      e905dce994a76b0deabb840bc70efee0

    • SHA1

      b83258030e8dec7e3d450f4003a3cc7e9cf3191e

    • SHA256

      cf63b3703ef297acf1775afbdba7c9f7e310d6d49789868772ef0228b590b2e2

    • SHA512

      ab7aaa6c9d9225cf1b71a652cbd2d3b3fe717101a2f4b4c2d8c1c5474b80a003b2555748ea745b1ef5c7a03fcf9882d9fca3d28d8435053be107928d30bcb016

    • SSDEEP

      1536:O/saiRfJQ6PrpdSXA4n+ar6SN7TyDse1W6r/EG825ZdZ4gNoeoUn11jUG02OkDFt:/rO25ZdZ4gNvXn11jUG02OkDFOk+3TXg

    Score
    1/10
    behavioral10behavioral11behavioral12

    • Target

      index-ced7a.js

    • Size

      2.5MB

    • MD5

      4bfa28277d0253984e7b98813c3e911e

    • SHA1

      82265ece647401adcc5a54e1877d846548013810

    • SHA256

      1f9411c63cabd12b96d652d21780682bad9b885e123913de3e079473613c65c5

    • SHA512

      315386bb7ef6ef27a8bdbf79830e215a54b2c0996067787ce439f6ce92f666f592ba0df32897f2bce1375410f72e01e8fa825866837a1d1a79e12bcfefb4935b

    • SSDEEP

      24576:cJpMU4+MANw0R3Ob8F9vTbVCQjOkD4lI3AqT:cJpMU4+MANw0FP9vvVCQjTD4lI3AqT

    Score
    1/10
    behavioral13behavioral14behavioral15

    • Target

      index.html

    • Size

      72KB

    • MD5

      1681f1a32112e9a85c0fb6bffcbb0c3c

    • SHA1

      4ccdba40bfe7ace0bf39cfdf7eca86393a666434

    • SHA256

      45552ac6be6b65a6eb9b09d7b728378709d99784bddcb0342395fda9bf779444

    • SHA512

      2037e7e61a067583c6a520a7328ddbb05cb5c63f272cacdb8f79c0ab551216c624945de4fb1af61875b9c5aecc62c7869e66304cb6030423f4207e7c45d0717a

    • SSDEEP

      1536:O/saiRfJQ6PrpdSXA4n+ar6SN7TyDse1W6r/EG825ZdZ4gNoeoUn11jUG02OkDF8:/rO25ZdZ4gNvXn11jUG02OkDFOk+3TXd

    Score
    1/10
    behavioral16behavioral17behavioral18

    • Target

      partial.dat

    • Size

      2.5MB

    • MD5

      da4df96bc801d0948250e4ae400326c0

    • SHA1

      3e6e0d048fafc2787ac7f69a9ff3a71a03b5112e

    • SHA256

      b54672357b1092323b3f35d63ba3fb59bf71fdf678d69cacb8135d75359009f5

    • SHA512

      cc7a771201940e98686891e69d5fc17135775b4dadae4665e4f71290e1f2b4da5dc9553331c71ae534fefee1a2af7d24552f5a0cb3c76e70577705237a388f5b

    • SSDEEP

      49152:e2NpAkI/CV2as4MY3HRuRhCxFDvz0ytWLFDvz0ytW2p:FpAkmqrMY3xAhT

    Score
    1/10
    behavioral19behavioral20behavioral21

MITRE ATT&CK Matrix

Tasks