General

  • Target

    base.apk

  • Size

    74.0MB

  • Sample

    241109-vpgccs1ndj

  • MD5

    d7a488d7668cb33061ef77aa577a8bca

  • SHA1

    bd8e00596500c9da75441e825a978e88c8aee225

  • SHA256

    c1805dc06a7b3adbb18dc2c7111aa6aa133dc1418c050e9a1eaae3f3dae836e5

  • SHA512

    9526c7dd4220e3a6f95e01c58eb36d3e222a98d7b48ed13d169a5b6a54d3bfdabb444f84fe4409ed1320f3f5885ec4ac333cc2fbaf02e5a5ff61de3551efcf21

  • SSDEEP

    1572864:YyIvN8kHfqlyh8aFHuQ2BtP0Uzc607bI4PNFgNSoI40oq0w+wJGsf+xs:4vh/qlyLH8tcUP0nFPNFoILoqkwGTs

Malware Config

Targets

    • Target

      base.apk

    • Size

      74.0MB

    • MD5

      d7a488d7668cb33061ef77aa577a8bca

    • SHA1

      bd8e00596500c9da75441e825a978e88c8aee225

    • SHA256

      c1805dc06a7b3adbb18dc2c7111aa6aa133dc1418c050e9a1eaae3f3dae836e5

    • SHA512

      9526c7dd4220e3a6f95e01c58eb36d3e222a98d7b48ed13d169a5b6a54d3bfdabb444f84fe4409ed1320f3f5885ec4ac333cc2fbaf02e5a5ff61de3551efcf21

    • SSDEEP

      1572864:YyIvN8kHfqlyh8aFHuQ2BtP0Uzc607bI4PNFgNSoI40oq0w+wJGsf+xs:4vh/qlyLH8tcUP0nFPNFoILoqkwGTs

    • Renames multiple (54) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Checks if the Android device is rooted.

    • Queries account information for other applications stored on the device

      Application may abuse the framework's APIs to collect account information stored on the device.

    • Reads the contacts stored on the device.

    • Reads the content of photos stored on the user's device.

    • Acquires the wake lock

    • Queries information about active data network

    • Checks the presence of a debugger

MITRE ATT&CK Mobile v15

Tasks