General

  • Target

    ayuGram-universal-20240720 (1).apk

  • Size

    115.7MB

  • Sample

    241107-n5by9asbkk

  • MD5

    b36ee5a662879200c98ddff0767e4469

  • SHA1

    bec63838fcb4eec1fa55db66ef494434cdddcf6e

  • SHA256

    0d3b8725329c583bad2f44fe528f3f3027cdca3a0b4f42d701f899f482cc7f50

  • SHA512

    4d2bbe0c24bb581b63f018f3a7aacb957fcee65ccdd47656b1d8fe0e5c634220e777d3f46b037c0919cc08a454baac7ec38ab363a99d8611601acc06f1db48e5

  • SSDEEP

    3145728:p/Pvh/qlyLH8tcUP0nFPNFoOHh5F0Pa+Tm8Ry4tcBLoqk8G2:p/x/cywt7clNFDHh70i+Tmn4tc5zko

Malware Config

Targets

    • Target

      ayuGram-universal-20240720 (1).apk

    • Size

      115.7MB

    • MD5

      b36ee5a662879200c98ddff0767e4469

    • SHA1

      bec63838fcb4eec1fa55db66ef494434cdddcf6e

    • SHA256

      0d3b8725329c583bad2f44fe528f3f3027cdca3a0b4f42d701f899f482cc7f50

    • SHA512

      4d2bbe0c24bb581b63f018f3a7aacb957fcee65ccdd47656b1d8fe0e5c634220e777d3f46b037c0919cc08a454baac7ec38ab363a99d8611601acc06f1db48e5

    • SSDEEP

      3145728:p/Pvh/qlyLH8tcUP0nFPNFoOHh5F0Pa+Tm8Ry4tcBLoqk8G2:p/x/cywt7clNFDHh70i+Tmn4tc5zko

    • Renames multiple (54) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Checks if the Android device is rooted.

    • Queries account information for other applications stored on the device

      Application may abuse the framework's APIs to collect account information stored on the device.

    • Reads the contacts stored on the device.

    • Reads the content of photos stored on the user's device.

    • Acquires the wake lock

    • Queries information about active data network

    • Checks the presence of a debugger

MITRE ATT&CK Mobile v15

Tasks