20a29b362aa58c42df9f3e1033ef7ffb32a87b9932111345512b2a4f01d593b7

Sharing

Copy URL

Twitter E-mail

General

Target

20a29b362aa58c42df9f3e1033ef7ffb32a87b9932111345512b2a4f01d593b7
Size

9.9MB
Sample

231223-qp8dmabegp
MD5

3671253047d6f4cfb73c727774edec19
SHA1

0e2d17b0f8c236c903a54f4a44b9478d69b7dc9c
SHA256

20a29b362aa58c42df9f3e1033ef7ffb32a87b9932111345512b2a4f01d593b7
SHA512

9414a284bf39c52c3ece6b1bdd0162dcbc760ed038ee50fafecf28fed31cd5e6fa931b54de042990c938ba965f7ba2fcfb19c964abd31d95a44d2419c6351955
SSDEEP

196608:9dk2gFao0cSaTrwHTYoIMMfy2gdeO8Q1hOn4bbyr3yQ+4bY+/LLw:vpczTrwHU6CgR8Q1hrybBw

Score

6^/10

android ransomware

Malware Config

Targets

- Target
  
  20a29b362aa58c42df9f3e1033ef7ffb32a87b9932111345512b2a4f01d593b7
- Size
  
  9.9MB
- MD5
  
  3671253047d6f4cfb73c727774edec19
- SHA1
  
  0e2d17b0f8c236c903a54f4a44b9478d69b7dc9c
- SHA256
  
  20a29b362aa58c42df9f3e1033ef7ffb32a87b9932111345512b2a4f01d593b7
- SHA512
  
  9414a284bf39c52c3ece6b1bdd0162dcbc760ed038ee50fafecf28fed31cd5e6fa931b54de042990c938ba965f7ba2fcfb19c964abd31d95a44d2419c6351955
- SSDEEP
  
  196608:9dk2gFao0cSaTrwHTYoIMMfy2gdeO8Q1hOn4bbyr3yQ+4bY+/LLw:vpczTrwHU6CgR8Q1hrybBw
Score

6^/10
- Requests dangerous framework permissions
behavioral1 behavioral2 behavioral3
- Target
  
  PandaHome2.mp3
- Size
  
  8.5MB
- MD5
  
  503bec78394bf6e9b598ad7fef78b023
- SHA1
  
  78f7a5c53244e48291c73b0160b8d5e2cdaac7e5
- SHA256
  
  d4ae8ee3c3a79bb7b6468ffe173316042d541ffb91fcbc8f4f75261cfab5904a
- SHA512
  
  2664811c0338dc151a0198ca129ee971d01bf6608989e0075fe97ab4a42b320990111562deede729040dd1e5acda9c2f15f8daf4fd2a79a6a220d7275d7636d1
- SSDEEP
  
  196608:3dk2gFao0cSaTrwHTYoIMMfy2gdeO8Q1hOn4bbyr3yQ+45:tpczTrwHU6CgR8Q1hrybz
Score

5^/10

ransomware
- Changes the wallpaper (common with ransomware activity).
  ransomware
behavioral4 behavioral5 behavioral6
- Target
  
  com.nd.android.widget.pandahome.flashlight
- Size
  
  163KB
- MD5
  
  fc1ee8b7d7b5b17072fafbdffd395196
- SHA1
  
  586d7c89f01b91887c21a81723d6d36d60bf25ef
- SHA256
  
  5743674c3f97ba3fd74021e3ef4f5555956e2106b000d7ed24873518467ef193
- SHA512
  
  cb5bc71e9be547d778fe8e2a9d140bfe09a9e2da7e4dfb454d52fd7bd8d5b71cf7d51f85a0de734c2d83eec9c13b5e576cb1e832ab20e63a2ae927ee0eb6eadd
- SSDEEP
  
  3072:LhWni9jAvDFdQxWEb/OPqaSdf+Wsw/RdByegjmwpMih3cDnNmjhK:LhWniZAqeYf+W1RLyexwyihsDnn
Score

1^/10
behavioral7 behavioral8 behavioral9
- Target
  
  com.nd.shortcut.shortcutslot
- Size
  
  124KB
- MD5
  
  e1bf2d842729c99263dc5943d41fdf7d
- SHA1
  
  b49d7b3b50cbfd93dc1f8bc2ac775c076cdef950
- SHA256
  
  9b59f2fb60dc99d158f63fc30bcebff6b388f6628aebd0834292d4d204c3b0ba
- SHA512
  
  b91523a05aed9dcc20b989ea3bfef58d11f822d99a5cd2b62edcabc995e2ab9dd88aad62b7448f36b09d04fe58fa3273251614718be192e8a8e17f8e3a7815c3
- SSDEEP
  
  3072:Ig6020RoKcK4KmkeYvymaC9t7u11xu3siqtebur+tFPS:Igz20RoxK71/LO1ra/6ebuitFPS
Score

1^/10
behavioral10 behavioral11 behavioral12
- Target
  
  nd.jar
- Size
  
  3KB
- MD5
  
  7b7c0c6952f57d33066a769df3e2082f
- SHA1
  
  a1dfcf7cf617a60932a81f052f149408076b0875
- SHA256
  
  0dc4e1e1dfa9070a1c44ac52227586000454d114858622553db843aa999b9175
- SHA512
  
  6f39e3fad2de59305613660dd2377c412266a4428a624bc2fabfd4aec80ccf172ba8c46d5a51c3a9edca7cf3ae420d85ffb8d4afbf37d72f138a1b0994f517f1
Score

1^/10
behavioral13 behavioral14 behavioral15

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Requests dangerous framework permissions

Changes the wallpaper (common with ransomware activity).

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15