bf6f76ed0750f5bd278acb0b859038e49acdd31ea64bc9f2cbf60806022b4f26

General

Target

HappyMod-3-0-6.apk
Size

14.3MB
Sample

231124-rlc9racf4x
MD5

f150d0aa65ad6d31c7fb10a20af2edee
SHA1

a22a5a9a5daed84ca9dcd9edcf444d0581dfef69
SHA256

bf6f76ed0750f5bd278acb0b859038e49acdd31ea64bc9f2cbf60806022b4f26
SHA512

f00978372e740913e2a783329407c86477761bf93503dcf9edf6ad2ab31203bd767fdb5e16536345073b88ccec2f169d22ede6c3793cc28622d84fdc2c6aa58a
SSDEEP

196608:+4iGcEbIMcth5/IEtInqw3n8HvUhIirN9YdH1SRROOloSXF1hYpRohEkSfAql/Ob:hhcEb7NM6P8Hqm2v88EkSL1yaX/Cl

Score

7^/10

Malware Config

Targets

- Target
  
  HappyMod-3-0-6.apk
- Size
  
  14.3MB
- MD5
  
  f150d0aa65ad6d31c7fb10a20af2edee
- SHA1
  
  a22a5a9a5daed84ca9dcd9edcf444d0581dfef69
- SHA256
  
  bf6f76ed0750f5bd278acb0b859038e49acdd31ea64bc9f2cbf60806022b4f26
- SHA512
  
  f00978372e740913e2a783329407c86477761bf93503dcf9edf6ad2ab31203bd767fdb5e16536345073b88ccec2f169d22ede6c3793cc28622d84fdc2c6aa58a
- SSDEEP
  
  196608:+4iGcEbIMcth5/IEtInqw3n8HvUhIirN9YdH1SRROOloSXF1hYpRohEkSfAql/Ob:hhcEb7NM6P8Hqm2v88EkSL1yaX/Cl
Score

7^/10

evasion ransomware
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads information about phone network operator.
- Removes a system notification.
  evasion
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1
- Target
  
  demo.html
- Size
  
  1KB
- MD5
  
  03b178d1ff60f7b47438321299c1e1ea
- SHA1
  
  b4097afe68a2b28456cafad4b70f28bb87020527
- SHA256
  
  56a53efdc143e241faafa8eb1fafbf8aa82ea1c630465a5d66a9c406a134c99b
- SHA512
  
  ccd7c1c2c99de385b4c53056d2e014ae03164cc3927084750716a100316bb94a42ce4c127faf0bf8caf884ef470df23216c004b5f75deff1a4b62721d233ff7f
Score

1^/10
behavioral2
- Target
  
  happygame.js
- Size
  
  2KB
- MD5
  
  35087f967af3fc9a9cc42df602eff110
- SHA1
  
  e100c9518d9d689ebb58849508c9da8ed8b745a4
- SHA256
  
  585ae6e48db41266166f185b8c7c9b17876b23f70b8205d14f94ee737a081eb9
- SHA512
  
  2e1473138b031ac0bfe79423009619a5a7ead16a04d4018f40aa3c0e956ae43cd3455cf488f8cc1137d76b27aa3d4278dc0b967cacd385a70b77ca595c622260
Score

1^/10
behavioral3
- Target
  
  slow.html
- Size
  
  3KB
- MD5
  
  bb5120365ae32b156749e60184fdd68e
- SHA1
  
  2b7fbd67c51d0c0a39682c09d75912fbd44061c1
- SHA256
  
  189c01f32ddaa5a2e43676447b86fda1696e8ff9ed7cb8cd5ea1aad0b5d7b532
- SHA512
  
  c42d8d7d623422e5852e07fa488cde5d3576882cfdb621ad4b31bc357231f0d69f4c0a893f57b6839b5bf260a56657638e03988ff9c25af32e6cd30d57d83680
Score

1^/10
behavioral4
- Target
  
  t86
- Size
  
  272KB
- MD5
  
  f2e89801427fa6c3816a2f30192d9ab8
- SHA1
  
  cf97771b637ab3279e787396dbbad720f468d9e6
- SHA256
  
  943814761d969f1502cbb55953e33173681454f669e0f9c4185a388bd3da6bff
- SHA512
  
  2e4d6d4cb4b0b73e7c02a6b9085c038bb73975d38f90a6bd39d8a3bc93c3aff406d58017a5ab0b132e30889a06be443fc691fa6de76533c47fe9bc9f0567b6ff
- SSDEEP
  
  3072:u14kc2zjaTsjP0PZ51e+dfK1lg5Uc6BVZbgQmMcNnk1Wfx0i:u14kc2cs7y1rEzrtmMcyMxJ
Score

1^/10
behavioral5
- Target
  
  t86_64
- Size
  
  285KB
- MD5
  
  c0fcdd9ed7df54af35f8fccf212bb026
- SHA1
  
  20909e81c8242fb01c4a3176abcfc0232a1c5112
- SHA256
  
  c756f8715bd9561f7335c1fe040c19efc3cff8c7831d273b4ca02ba14220099a
- SHA512
  
  961313e88731f8f45cbeea4e0918e1684ec80b3754a64c7e746c336b96c5762029a29c3e585f85bb640a8f524b4f11faa1ea0d1226da4ff6b81ce9f0e2fce241
- SSDEEP
  
  3072:zE/XFknRAs3EUWS2ajMpP6rUdYkw56y6+a0kr25JJykjNNe/r8rB4gFADHJw:iXWRX39ABd+kw5v6+X5JJ7He/ynOHJw
Score

1^/10
behavioral6

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Loads dropped Dex/Jar

Reads information about phone network operator.

Removes a system notification.

Uses Crypto APIs (Might try to encrypt user data).

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6