6071912d0d3211bcb9f67356cff4e6f272e0ab507f0d5c03ce416cfa428b8d47

Sharing

Copy URL Twitter E-mail

General

Target

com.gstarmc.android.apk
Size

95.7MB
Sample

231112-fj3wvade82
MD5

82f3ddf4205530b9b2a1068e98875b4a
SHA1

844b1c39074534083b4294bf65d75e8271296462
SHA256

6071912d0d3211bcb9f67356cff4e6f272e0ab507f0d5c03ce416cfa428b8d47
SHA512

4795d94c4df23bbe0328c25563959b1f7234b01cb8ece0aeddaabc95bc91cadad1ad39558f917ae0d4bf6fa7ed4980db24eb5f660f56acc3fa3c0fd1af521f8f
SSDEEP

1572864:rqDaOz+C0KrdxOMZjJ5B14xdFdeu6e3Eu6EGg1yFpEvuRZKQaxd3YLPycz5V3bGn:rqDaWFrdxOMZjf4RdUe3Eu6d0y9zazKM

Score

7^/10

Malware Config

Targets

- Target
  
  com.gstarmc.android.apk
- Size
  
  95.7MB
- MD5
  
  82f3ddf4205530b9b2a1068e98875b4a
- SHA1
  
  844b1c39074534083b4294bf65d75e8271296462
- SHA256
  
  6071912d0d3211bcb9f67356cff4e6f272e0ab507f0d5c03ce416cfa428b8d47
- SHA512
  
  4795d94c4df23bbe0328c25563959b1f7234b01cb8ece0aeddaabc95bc91cadad1ad39558f917ae0d4bf6fa7ed4980db24eb5f660f56acc3fa3c0fd1af521f8f
- SSDEEP
  
  1572864:rqDaOz+C0KrdxOMZjJ5B14xdFdeu6e3Eu6EGg1yFpEvuRZKQaxd3YLPycz5V3bGn:rqDaWFrdxOMZjf4RdUe3Eu6d0y9zazKM
Score

7^/10

evasion ransomware
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Requests dangerous framework permissions
- Reads information about phone network operator.
- Removes a system notification.
  evasion
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1
- Target
  
  Account and payment.html
- Size
  
  3KB
- MD5
  
  7a4a0a100748164aa74b66ded445b64b
- SHA1
  
  4c03a5cf0dfac7631bd4d289b431d81b805257b9
- SHA256
  
  230eb6b7b5cc671fe64fb13afe0a96a64f983bc097abe283dd653b55bf839b73
- SHA512
  
  ff73087e0565a38babeceecadc48472dca42db7cec93d90d20df4c32819ff3d88720b6fa6ed288658d737371565dd350e4b363709d58ac836c4594d490f7074e
Score

1^/10
behavioral2 behavioral3
- Target
  
  AddFriendInGroup.html
- Size
  
  1KB
- MD5
  
  5af6fed91f18894f062093123eb25872
- SHA1
  
  614a24b97c93d9a2c23621c381ee7594c3e592cd
- SHA256
  
  24633d216222e68bfbe430178f20ae4195d8268b9fea8c3760a56a4210039e79
- SHA512
  
  67addb15b1893b897b0773f7c70fb6def62be7ecbbd51c9fff487af86d35c03560b8d96874989521d9e7a14c8ce74797e240a109b12a0218d68c02b8ca7a6b16
Score

1^/10
behavioral4 behavioral5
- Target
  
  AddOthers.html
- Size
  
  1KB
- MD5
  
  f4ea073cddc8da24bbb44924624d54fe
- SHA1
  
  1b64ae71c6c8e33d3c34706b2f8faa8ea0e54452
- SHA256
  
  01ec207f916f3dd7d72b800d530771defa2481f78e53f5ce7dcc21c5dfc254e3
- SHA512
  
  7c052282470d6a4a067ad1ac49395408c942a02d72a3b227ef4add41ec76d6f9895c1537768dbe608a7c9ba98a0e5482377ca750ec9b3cce920cce090c61edaf
Score

1^/10
behavioral6 behavioral7
- Target
  
  Angle.html
- Size
  
  1KB
- MD5
  
  0c4681302ac8ea2a596c5d87cfc7aaef
- SHA1
  
  8f32e0ab824da190d853fe74754ae4c056cbac55
- SHA256
  
  59f024761497d0eaaaa59ae69ddb07c1fbefa150c8743ef73334cb91c84265f3
- SHA512
  
  b71157b7ab4ee33304865d62a64d35fb5db56c02bfe34e6947c0e2388cc60464b884c037417b0d90a19e4bd6ae9cb25b7062d62bd8cc9ccd810211fbdb03eb84
Score

1^/10
behavioral8 behavioral9
- Target
  
  Annotation.html
- Size
  
  3KB
- MD5
  
  d441436d2e11257268cc817548d0a6a8
- SHA1
  
  4d86d2b8a497c86a2d5f9bab2c46358dfac2aa82
- SHA256
  
  94a0f04279dcafa80764784448bbeed635a74afb6bb7f5210e264d7feeb8ff36
- SHA512
  
  25deac9d5a98db406a4bc03b8217cbc0c93d998b8aa88d3ca54fd8c6bce463df092ceb34c2731eecdf2960fbc6548cb16805f84cb4537633fca2bb2f024ecf30
Score

1^/10
behavioral10 behavioral11
- Target
  
  Annotation_arrow.html
- Size
  
  1KB
- MD5
  
  73d689638be00c31b4a4ca020ae5731e
- SHA1
  
  6cd5af97d26223fc6afbd09d07efae1ddc8694be
- SHA256
  
  1f35cda71e65de7e0c99af0b8c70e3db4226988f519c7e03aabf776af33ad057
- SHA512
  
  fd2891142691517e90cbe1387e2e9544484a600eacf139d0a078741e8414ae64da099eaa2b1f3715024860b03ffc0f67495a0761461dcad2cb3c8a09deafafe0
Score

1^/10
behavioral12 behavioral13
- Target
  
  Annotation_ellipse.html
- Size
  
  1KB
- MD5
  
  c1c80ae6672d693085bf37fe80648604
- SHA1
  
  24a0f37e4a13c71aa87f59f7edde19fb4549e53a
- SHA256
  
  ff47a9524daa7c21da9bd176c30c48d3a681c3fb225a8f18e043c25541c8f919
- SHA512
  
  c3353aeb23fabf60f1af89a058c07c9cc2ed6c6d1c75781d1367389dd1df6d382ea69bd45f07ec6700cfb5a5edf1cb2d2a3123db1a5adf25e6f9ca18c4417d03
Score

1^/10
behavioral14 behavioral15
- Target
  
  Annotation_find.html
- Size
  
  1KB
- MD5
  
  05587406812c71e018614539b3a43c31
- SHA1
  
  911f4e2bae35ccabbfde1c557d402ed1562df89f
- SHA256
  
  245451077c58c2720a517e259110238acf5b1c377168836d28e96d2e9f36445c
- SHA512
  
  9ac0ab619264c9db3c7cc768bf4a269a9d6a818646515534886b70ab0cef9f262bc0d349ba7ec7f2e77ccaeaf44f866ae9590574f115546731d488629e269bc3
Score

1^/10
behavioral16 behavioral17
- Target
  
  Annotation_image.html
- Size
  
  1KB
- MD5
  
  5f8e08c42784275dd23e5de1afd52f61
- SHA1
  
  8fe4173b1386e2b62fc809f28fc25c8adc18d71d
- SHA256
  
  4f7b643f2371d032640e60bf5904be99a3b1efbe6fed38aeb15ad2b6cbd2c76a
- SHA512
  
  be6dfab0926694a57def48a2964ed72ed173c681ecb6d2d4f6eb0a4fd99812119d3c06a0d467d53e6eb6366683366ce2bd53c5c53e4d7de035884128d2e77873
Score

1^/10
behavioral18 behavioral19
- Target
  
  Annotation_leader.html
- Size
  
  1KB
- MD5
  
  0a748b62caeb1cfc7fe92ad0e254618d
- SHA1
  
  22ec2515c73594785b4a6ae0b8035ecffe63cc88
- SHA256
  
  c9fa1ae4fa4a0a48efaa0ebd76d380bf1cd90a30b15a69a4e5b95889d42061f9
- SHA512
  
  17a143c64812a7bb3a3739d40100df2e7b5853cf06e43e562cde48ff12cc02dc30406f8bcb1dda632e3a1c29b453e796b314d8db039e84fcb62b868618903540
Score

1^/10
behavioral20 behavioral21
- Target
  
  Annotation_line.html
- Size
  
  1KB
- MD5
  
  890007215b99e557cfba709dcd99919b
- SHA1
  
  a431687bbd0d1988252ec639c9057e7b1cf4fc71
- SHA256
  
  bd77493c711ddb1c02f1fa30b6e89228422144fbf1870e17c41cf68d6a048ddd
- SHA512
  
  fa4c4cafe0c8a5282ae8ac87a1d5a42bee2d6b310d6c216b4f974e2c34b3dd1dbb6d5d7f97ff0b534e148e13ac03b0d8925e1d2e9783ef942919898594986221
Score

1^/10
behavioral22 behavioral23
- Target
  
  Annotation_recording.html
- Size
  
  1KB
- MD5
  
  7597ef1b18d256bbe19f0dc046d8b734
- SHA1
  
  6e244f3d3a8a0c515c0f72aefd5af619ad2b65f2
- SHA256
  
  82f37b711162b212499562c3b9285dea981ef88cdbaa0abd3dcbe6e51a259b28
- SHA512
  
  804a9e6b144a43d27b9cb334c39b39482fdae6d0e9727b6c08c0ed4101d4a7a81d8f92f32bddd81a15e7a56d44620849acf332ca506fb812db186be20d5cf240
Score

1^/10
behavioral24 behavioral25
- Target
  
  Annotation_rectangle.html
- Size
  
  1KB
- MD5
  
  ad6c81a2f8332ce50853ff2ba82c087d
- SHA1
  
  b8da0aa8d122a4986513e832486f3fe46f52363b
- SHA256
  
  5e891b28ad581f6e9234ff010f4178d28a2626758b1a628a9140f35a6aa804e7
- SHA512
  
  e17446fd0464797b18bda87e27ae44b0cd000333381e6a654037b23b32c12cc1598fc3466fec6c463917646a076523c0caa47dc4089f49140018362cf8302ac3
Score

1^/10
behavioral26 behavioral27
- Target
  
  Annotation_revcloud.html
- Size
  
  1KB
- MD5
  
  d58e289d7777486ca1b90fe828db7134
- SHA1
  
  c69219b46e8358a11ddba526f8c0eeed64193ac6
- SHA256
  
  4d28b30f70a3b5ba7683fa4bacff279ee945275cb7b6762b119a5e5105e635d6
- SHA512
  
  3f6cb1e9bfda84e1f1ec18225dce5008930a63abca0fb0dc0cf94622c673ef925dfe3f4f1b0afd8901aa8481f1d35eb6151112b348f7bb89fa03af8c02f5c288
Score

1^/10
behavioral28 behavioral29
- Target
  
  Annotation_sketch.html
- Size
  
  1KB
- MD5
  
  10f95131497deb3b347d5731b57a0803
- SHA1
  
  8a68555228e1089d8eedca5370461cc6a16ffcda
- SHA256
  
  a423a55a029f11ee298236e1359828be68152cfdb482213a3aca425353e084a9
- SHA512
  
  8ee5cc9d0088ab8f75f7cf0e304d59e9055187c9b681f8d25b119753d625698bcf8d1552f3f1ae8dba259094b37e625168c740bacfd020367afcfe99acf11e1e
Score

1^/10
behavioral30 behavioral31
- Target
  
  Annotation_text.html
- Size
  
  1KB
- MD5
  
  7e0f4989b7fb92513c72df1a5f6a4b33
- SHA1
  
  eccc2a6431ab9e9d2094fe9d5c21a08fd2b6d977
- SHA256
  
  9f62f7311addeff29afe55aedf0fc957d6bbf1353df9253d78623dc057762e5f
- SHA512
  
  841494213cfde6263cb66fc383d34d68c8beec22445a9b8d740d34c2f42b10c91e9a7f0c1f376de9f3a0d67aa4e11463a136dfc165e226a42e1409397764dddc
Score

1^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped Dex/Jar

Requests dangerous framework permissions

Reads information about phone network operator.

Removes a system notification.

Uses Crypto APIs (Might try to encrypt user data).

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32