70aca053b8e209f16038b118d16db2d7412e26ecf6763ca3bedb6cf045ab4476

Sharing

Copy URL Twitter E-mail

General

Target

70aca053b8e209f16038b118d16db2d7412e26ecf6763ca3bedb6cf045ab4476
Size

8.3MB
Sample

231223-xn5dxadgel
MD5

e3cf3305564dffce7f803b82b4ef7813
SHA1

4a5ab394309ae84b9d1d0e716c6b170c9a3a2d0a
SHA256

70aca053b8e209f16038b118d16db2d7412e26ecf6763ca3bedb6cf045ab4476
SHA512

11aadad2ec16d520bfd37c7cd5a8bef8e6903c02440e9e8aedc94bfe6741ed0442d049484257107934891595286839551a5e372b4129c2329faec89f26aca45a
SSDEEP

196608:Jk46fsq5re+uJEQi3QGQ2XN1YXSjS9yT/gCDPWAWp:KQq5rrJgGHHAyDVrWAWp

Score

8^/10

android ransomware

Malware Config

Targets

- Target
  
  70aca053b8e209f16038b118d16db2d7412e26ecf6763ca3bedb6cf045ab4476
- Size
  
  8.3MB
- MD5
  
  e3cf3305564dffce7f803b82b4ef7813
- SHA1
  
  4a5ab394309ae84b9d1d0e716c6b170c9a3a2d0a
- SHA256
  
  70aca053b8e209f16038b118d16db2d7412e26ecf6763ca3bedb6cf045ab4476
- SHA512
  
  11aadad2ec16d520bfd37c7cd5a8bef8e6903c02440e9e8aedc94bfe6741ed0442d049484257107934891595286839551a5e372b4129c2329faec89f26aca45a
- SSDEEP
  
  196608:Jk46fsq5re+uJEQi3QGQ2XN1YXSjS9yT/gCDPWAWp:KQq5rrJgGHHAyDVrWAWp
Score

8^/10

ransomware
- Requests cell location
  Uses Android APIs to to get current cell location.
- Checks Android system properties for emulator presence.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads information about phone network operator.
- Changes the wallpaper (common with ransomware activity).
  ransomware
behavioral1 behavioral2
- Target
  
  com.nd.android.widget.pandahome.flashlight
- Size
  
  420KB
- MD5
  
  d7ed82aa742154281da5c6c64baa72be
- SHA1
  
  833fa9169f66a4fac0a844902d8305da875f316e
- SHA256
  
  5f54363be719d281f9d64d68af9e7093aba66b0781d99025e331a2375636e271
- SHA512
  
  222b0664cdf950a8e6d189a822ed379c29f56e2d3e36d35a35b4afc07a800a225df23a8bd1de43455a94eedaf3e8a28773ea5da13009279191d27bca3106594b
- SSDEEP
  
  6144:KvuvJ1RJBq3MA4DQ1siZAGml4T+fLJ7W1VXS4e8iay+8/faWdhDlE/8MskMZjv7c:KWx1Rm4DQ1cGlTWtINe8C+s3zPXwdp
Score

1^/10
behavioral3 behavioral4 behavioral5
- Target
  
  com.nd.hilauncherdev.plugin.browser_V_8_M_f165c502636f263575522307251b7978.jar
- Size
  
  298KB
- MD5
  
  bda023fa5081a8185a8b8edaec1e17bb
- SHA1
  
  e1cea96300871bdeaf79f230fa4f89f440f2d1e4
- SHA256
  
  9c52d43de16ca0ddce8195b8d7efc73f7ae8da8c450fde3d4a894951f2680d18
- SHA512
  
  7207925194e7050ec561b0561fa10ff14f64f4a98dbce68311e87fbc56edfc03f7bef0b72a3d9139a06eedf80fddc18a523da35dcb2d4664f1ab0b810c78540e
- SSDEEP
  
  6144:sJstCchhoER5bWWtHWnUZ/xeB6MuPMmejhf3oup24zJyBTINWrT+:jI4oERJfQWwwEa4/NW+
Score

1^/10
behavioral6 behavioral7 behavioral8
- Target
  
  com.nd.hilauncherdev.plugin.navigation_V_19_M_495ca44b768b45a157161d8450414c09.jar
- Size
  
  828KB
- MD5
  
  0af3bce8816b5f367d81e24c6072391c
- SHA1
  
  730f50cfecaa6c2da31ad2663a493591fa1a216d
- SHA256
  
  e2d1b649e31e98083782cc5d67e94bda56adb5fd8dccca437dcef76394c6bc2f
- SHA512
  
  99625d337d0c093a76c6ef99b732fcafa987d751afe78c6619621133ec774f3a3844088aea64ddd1bbf4959d4af6bb5c65905c1956c03493a45c16ae1f36107a
- SSDEEP
  
  12288:WQrzAIfl9sUdryrs510R2I5ga94sS3XR7oAY1+8hN3s/qQ/9lW55zo4q51T7uu:vPP9tdGu10R28kNoAifNUqSCymu
Score

1^/10
behavioral10 behavioral11 behavioral9
- Target
  
  nd.jar
- Size
  
  3KB
- MD5
  
  330e5a7a65f3d6593b4e3693cb6b581a
- SHA1
  
  97ed25af93827667740ddc0f5f20efaa0db79f2f
- SHA256
  
  effd679a8cfef061b537814b41f2733a9785d80d1d11f8c61216a78b35c747ca
- SHA512
  
  3b2234d683cfbfde304d23150678595076eff41c691269dfc0d1d035b784113879e84d19ec732b257ea2146b4170edda2d8ece79449c2a33d948d0ae4e777328
Score

1^/10
behavioral12 behavioral13 behavioral14

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Requests cell location

Checks Android system properties for emulator presence.

Loads dropped Dex/Jar

Reads information about phone network operator.

Changes the wallpaper (common with ransomware activity).

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14