MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 faa0efaad40e78bf27ca529171aaf0551db998a276d4ff501209d1f5ef830dfb. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: faa0efaad40e78bf27ca529171aaf0551db998a276d4ff501209d1f5ef830dfb
SHA3-384 hash: 32d324d7186f5aee4511405f9f6055ddb9a8d1e03eb00d5b8c4ae11b4944d08e37eb7898cb57e78001cd502c42cd2aa8
SHA1 hash: 322aab72228b1a9c179696e600c1af335b376655
MD5 hash: 381134ea0f0be535b9d2ce8a94093576
humanhash: alanine-friend-moon-orange
File name:faa0efaad40e78bf27ca529171aaf0551db998a276d4ff501209d1f5ef830dfb.apk
Download: download sample
File size:1'171'650 bytes
First seen:2020-06-26 09:34:04 UTC
Last seen:2025-04-30 08:09:29 UTC
File type: zip
MIME type:application/zip
ssdeep 24576:+kFC9GXbaejn1zNnct5EjZnTaRmiKq9pgoeQ+O:/492baeDbyEjZneRpKqfgoec
TLSH 4F45BE45F288B423C9F7903246F6CB7A41454E9A4B46D3034A95B2BC6DBBFC49B85FC8
Reporter JAMESWT_WT
Tags:android CryCryptor

Code Signing Certificate

Organisation:tUDObuPbIO4plmz5
Issuer:tUDObuPbIO4plmz5
Algorithm:sha256WithRSAEncryption
Valid from:Jun 18 17:46:44 2020 GMT
Valid to:Jun 12 17:46:44 2045 GMT
Serial number: 6F3DCE6B
Thumbprint Algorithm:SHA256
Thumbprint: 3BE5F6C708953B55341B88FC6FA550483D44ED3B9EEA217493A63159C5BF9766
Source:This information was brought to you by ReversingLabs A1000 Malware Analysis Platform

Intelligence

File Origin
# of uploads :
5
# of downloads :
229
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Android.Locker.1292.origin.14134.22821.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/faa0efaad40e78bf27ca529171aaf0551db998a276d4ff501209d1f5ef830dfb/
Threat name:
Android.Ransomware.CryCryptor
Create hunting rule
Status:
Malicious
First seen:
2020-06-23 14:09:17 UTC
File Type:
Binary (Archive)
Extracted files:
725
AV detection:
26 of 48 (54.17%)
Threat level:
  5/5
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
Link
https://www.welivesecurity.com/2020/06/24/new-ransomware-uses-covid19-tracing-guise-target-canada-eset-decryptor/

Comments