Overview

overview

9

Static

static

1

efa90befdb...0f.apk

android-9-x86

9

Analysis

  • max time kernel
    31s
  • max time network
    181s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    01-07-2024 04:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    efa90befdb730fdd9f34e446c6b5ad0f.apk

  • Size

    125.3MB

  • MD5

    efa90befdb730fdd9f34e446c6b5ad0f

  • SHA1

    13b76b810b594e6e8181123686c5b6711eb88e18

  • SHA256

    f31277a234580e742648b517ef5c3f72f0993ab4a5aca987321dee018e2c9eee

  • SHA512

    694fc574ea0b0c89c4c2f808309c4c59c8b501fc65ce8c7758b8050e8f6aeadadaf37f7d84cfe90bc4a88657b5d4b1e2dc31d80052a09c83bc129909bfecbd37

  • SSDEEP

    3145728:MdpNrlUds5Z0Ix17eBtCBX87NyC32XnEQoXr2io+KlzBciq6KB3LjX:epEWZV7evjpL32XOXrQzBcijI3LL

Score
9/10
evasionpersistenceransomware

Malware Config

Signatures

  • Renames multiple (52) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Checks if the Android device is rooted. 1 TTPs 1 IoCs
    evasion
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.mklvana.ShoppingMadness
    1⤵
    • Checks if the Android device is rooted.
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks CPU information
    • Checks memory information
    PID:4231

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /storage/emulated/0/Android/data/com.mklvana.ShoppingMadness/files/il2cpp/Metadata/global-metadata.dat
    Filesize

    5.6MB

    MD5

    4f3bddb4d27395798d8c926e70283d9b

    SHA1

    95b8bc4be7a96703118964fd4a51034d8dcd19b5

    SHA256

    94dcb13ebbe5c1e8c44a97d150ee2512f0feda1affbc771e2e9df80444adc2d4

    SHA512

    103aeeba3a26a6262641df0aed0febc67a867061bdeaa7e2af2c105f4902a6619c9d7d762f884c724c6c5bfc9be9d4d96bb1b909429376427b0885929e9fba40

    Download Submit
  • /storage/emulated/0/Android/data/com.mklvana.ShoppingMadness/files/il2cpp/Resources/System.Data.dll-resources.dat
    Filesize

    91KB

    MD5

    4860ddd4350579f8fcacb1881582335a

    SHA1

    493c03e9cfef6f72a00f92023cdb88527dfdf72c

    SHA256

    98a7950ec6de3242c2e190dfa630188dfa32511a125542b94baa952d1c757d49

    SHA512

    51421a1e79914cb6d828305103c5f7cdb020d98107586abd7e04614f65bae8004101e5567a873f52fe2daa3a7984bf4f7a4930e628cc5f86e709e3a37f812a95

    Download Submit
  • /storage/emulated/0/Android/data/com.mklvana.ShoppingMadness/files/il2cpp/Resources/mscorlib.dll-resources.dat
    Filesize

    329KB

    MD5

    21d06dbc8af6432b2b49536ed30609af

    SHA1

    11a1c0e2ab2f8c06fe4507535ed47e0dd279a60d

    SHA256

    c5baa176a5b72cd545266340e42102d393a5e43d38c95796bc828918bb95277f

    SHA512

    2971f54eaa14c3ce6e2352e5a1aea5b044f0894bf4eac92de8cd92515b6473b5ca56ebfcad4369a9d4935cbefea2540a83f332fd4d832c37768310e8776ceb5e

    Download Submit