Resubmissions

22-05-2024 15:43

240522-s6cz6agb7y 9

22-05-2024 15:41

240522-s4ytvagb36 6

General

  • Target

    Neji_4_MOD.apk

  • Size

    113.1MB

  • Sample

    240522-s6cz6agb7y

  • MD5

    d2b570fc0a3b6ee3b443af6db7024102

  • SHA1

    d0a0be10b052c18dcb2d568d3cb02e1bc46013b4

  • SHA256

    8eb50431b57c97d0551d4e36459d263e29e50bc802c4775a4f2978b7e0cca1ce

  • SHA512

    d05866514f690a8bd71aa046229d8ec9667019c6c7344fde25a4fabfdb03970f9c25d24bd9d515db94f5194aebfae92e51bbc62f079213df089e984594a422f3

  • SSDEEP

    3145728:yw4Sfap6TjQNahBzw8ymCUC0W4y8R0nKtaUbi7q01aAj:N4SffsUBzjytxMyjnKtjmO3Aj

Malware Config

Targets

    • Target

      Neji_4_MOD.apk

    • Size

      113.1MB

    • MD5

      d2b570fc0a3b6ee3b443af6db7024102

    • SHA1

      d0a0be10b052c18dcb2d568d3cb02e1bc46013b4

    • SHA256

      8eb50431b57c97d0551d4e36459d263e29e50bc802c4775a4f2978b7e0cca1ce

    • SHA512

      d05866514f690a8bd71aa046229d8ec9667019c6c7344fde25a4fabfdb03970f9c25d24bd9d515db94f5194aebfae92e51bbc62f079213df089e984594a422f3

    • SSDEEP

      3145728:yw4Sfap6TjQNahBzw8ymCUC0W4y8R0nKtaUbi7q01aAj:N4SffsUBzjytxMyjnKtjmO3Aj

    • Renames multiple (72) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Checks if the Android device is rooted.

    • Checks Android system properties for emulator presence.

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Checks Qemu related system properties.

      Checks for Android system properties related to Qemu for Emulator detection.

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks