slocker | SARA-3[.]0[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

SARA-3.0.zip
Size

8.0MB
MD5

ac33370c030ae29334d023f07121fb0c
SHA1

ebdd1c3309f8a864e619759a3ff308db918429b9
SHA256

a5465bbed3bb5734eacc1e32139998a204ee2a75ffc3a17d2a0f577573cb5f34
SHA512

7e9fc10053549b4e6eace88d81f47d60dfb41612e4e2147765b734a58562225db7d541f6011889e72bb23633b507970fe7d5773357e4b317eacc47afb5b69786
SSDEEP

196608:jq4uPUnEXxLYyfjQwtHcu2LTGXsafpPxEjlAtYDzVvAtW9:mjPUnEXhbXtuAZxEjetizBSY

Score

10^/10

slocker

Malware Config

Signatures

SLocker payload 1 IoCs

resource	yara_rule
static1/unpack001/SARA-3.0/data/tmp/lockscreen.apk	family_slocker_1

Slocker family
slocker

Requests dangerous framework permissions 1 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE

Files

SARA-3.0.zip
.zip
SARA-3.0/LICENSE
SARA-3.0/README.md
SARA-3.0/data/bin/BIN.md
SARA-3.0/data/bin/ubersigner.jar
.jar
SARA-3.0/data/key/KEY.md
SARA-3.0/data/key/debug.jks
SARA-3.0/data/src/sara_menu.png
.png
SARA-3.0/data/src/src.md
SARA-3.0/data/tmp/TMP.md
SARA-3.0/data/tmp/decrypter.apk
.apk android

sara.decryptor

sara.decryptor.MainActivity

Activities

sara.decryptor.MainActivity

android.intent.action.MAIN
SARA-3.0/data/tmp/encrypter.apk
.apk android

com.termuxhackersid

com.termuxhackersid.ui.MainActivity

Activities

com.termuxhackersid.ui.MainActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.QUICKBOOT_POWERON
android.permission.ACCESS_NETWORK_STATE
android.permission.FOREGROUND_SERVICE
android.permission.WAKE_LOCK

Receivers

com.termuxhackersid.receivers.BootCompletedReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
com.htc.intent.action.QUICKBOOT_POWERON

Services
SARA-3.0/data/tmp/icon.png
.png
SARA-3.0/data/tmp/lockscreen.apk
.apk android

com.termuxhackers.id

com.termuxhackers.id.MainActivity

Activities

com.termuxhackers.id.MainActivity

android.intent.action.MAIN

Permissions

android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.SET_WALLPAPER
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_CONTACTS
android.permission.READ_SMS
android.permission.ACCESS_FINE_LOCATION
android.permission.WAKE_LOCK
android.permission.INTERNET
android.permission.REQUEST_INSTALL_PACKAGE
android.permission.CAMERA

Receivers

com.termuxhackers.id.BootReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

Services
SARA-3.0/install.sh
.sh linux
SARA-3.0/sara.py
.py .sh linux

Sharing

General

Malware Config

Signatures

Files

sara.decryptor

sara.decryptor.MainActivity

Activities

sara.decryptor.MainActivity

com.termuxhackersid

com.termuxhackersid.ui.MainActivity

Activities

com.termuxhackersid.ui.MainActivity

Permissions

Receivers

com.termuxhackersid.receivers.BootCompletedReceiver

Services

com.termuxhackers.id

com.termuxhackers.id.MainActivity

Activities

com.termuxhackers.id.MainActivity

Permissions

Receivers

com.termuxhackers.id.BootReceiver

Services