General

  • Target

    Bendy and the Ink Machine v1.0.829 - espacioapk.com.apk

  • Size

    55.9MB

  • Sample

    241105-yest7awqbs

  • MD5

    21bc7e368607cf003b123089a8c50b15

  • SHA1

    04b6cf96909303ee9be302645c2d0fbee88b4601

  • SHA256

    c26af2f25a1c2157a6b6893e7451bb32d9d0e537828e21cf41e28b11892c7d24

  • SHA512

    7506a0576a46ef5fef0d493ac96d9027ec3658cd355b372b3a6ae9dc680b3e8648ce8ff397e3d3b8afb3d771be57a1f6ea7c4188b0c29949e3ece7179f0999df

  • SSDEEP

    1572864:LP9prxP2pusqX7OO6BDKh1y9t4OHNdneIG:Llp1+pdqrBYKD0ZfnBG

Malware Config

Targets

    • Target

      Bendy and the Ink Machine v1.0.829 - espacioapk.com.apk

    • Size

      55.9MB

    • MD5

      21bc7e368607cf003b123089a8c50b15

    • SHA1

      04b6cf96909303ee9be302645c2d0fbee88b4601

    • SHA256

      c26af2f25a1c2157a6b6893e7451bb32d9d0e537828e21cf41e28b11892c7d24

    • SHA512

      7506a0576a46ef5fef0d493ac96d9027ec3658cd355b372b3a6ae9dc680b3e8648ce8ff397e3d3b8afb3d771be57a1f6ea7c4188b0c29949e3ece7179f0999df

    • SSDEEP

      1572864:LP9prxP2pusqX7OO6BDKh1y9t4OHNdneIG:Llp1+pdqrBYKD0ZfnBG

    • Renames multiple (129) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Checks Qemu related system properties.

      Checks for Android system properties related to Qemu for Emulator detection.

MITRE ATT&CK Mobile v15

Tasks