Overview

overview

9

Static

static

6

samurai-2-...od.apk

android-13-x64

samurai-2-...od.apk

android-9-x86

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    samurai-2-vengeance-v1.5.0-mod.apk

  • Size

    52.9MB

  • Sample

    240519-zmpceahd2y

  • MD5

    81d93333da9f170e59a2ed5110d1f423

  • SHA1

    5529083f15665f8562439ba1f937a676826e9436

  • SHA256

    fe5386a699041d4f3bbf5a08f52772fb5801a76f3324220044436a03a84be281

  • SHA512

    7fd4b663d30a3e0be17b91ea005ca194ee11c0039b09ec941f799d65158fccc2bdc72cef2eee004e0353d0dff0eee7283987944152961927932498d81635da47

  • SSDEEP

    1572864:qGboQEw/c6Kw/QDihib5y21D84TXlMxwyjFb4SlE93:qYoQfk6Kw/7hc5ykDlMxwypb4/3

Score
9/10
androiddiscoveryevasionpersistenceransomware

Malware Config

Targets

    • Target

      samurai-2-vengeance-v1.5.0-mod.apk

    • Size

      52.9MB

    • MD5

      81d93333da9f170e59a2ed5110d1f423

    • SHA1

      5529083f15665f8562439ba1f937a676826e9436

    • SHA256

      fe5386a699041d4f3bbf5a08f52772fb5801a76f3324220044436a03a84be281

    • SHA512

      7fd4b663d30a3e0be17b91ea005ca194ee11c0039b09ec941f799d65158fccc2bdc72cef2eee004e0353d0dff0eee7283987944152961927932498d81635da47

    • SSDEEP

      1572864:qGboQEw/c6Kw/QDihib5y21D84TXlMxwyjFb4SlE93:qYoQfk6Kw/7hc5ykDlMxwypb4/3

    Score
    9/10
    discoveryevasionpersistenceransomware

    • Renames multiple (51) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Checks if the Android device is rooted.

      evasion

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence
    behavioral1behavioral2

MITRE ATT&CK Mobile v15

Tasks