304bd30bb73c0ea98947559b1c476c25a87d934d0378138cef178d6616b00105

Analysis

max time kernel
1474183s
max time network
320s
platform
android_x64
resource
android-x64-arm64
submitted
25-11-2021 16:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

304bd30bb73c0ea98947559b1c476c25a87d934d0378138cef178d6616b00105.apk
Size

6.1MB
MD5

db321c27feb2da461ee8e9a2ed58f1a9
SHA1

cc5c73d00c55e3f38532aaa04e5fef2063fb0a13
SHA256

304bd30bb73c0ea98947559b1c476c25a87d934d0378138cef178d6616b00105
SHA512

fb8d3de5b1756b2015c0c41b105b487926dbdf5ad06475bdad43cc4991bb2547524f7f859ca44ad47d863e796b4965b6f13089cdeab946baefa2950d1d2a23a0

Score

7^/10

ransomware

Malware Config

Signatures

Checks Android system properties for emulator presence. 1 IoCs

Processes:

ministerio.dejusticiaespana

description ioc process

Accessed system property key: ro.product.model ministerio.dejusticiaespana

description	ioc	process
Accessed system property	key: ro.product.model	ministerio.dejusticiaespana

Loads dropped Dex/Jar 13 IoCs

Runs executable file dropped to the device during analysis.

Processes:

ministerio.dejusticiaespana

ioc	pid	process
/product/priv-app/PrebuiltGmsCore/PrebuiltGmsCore.apk	4946	ministerio.dejusticiaespana
/product/priv-app/PrebuiltGmsCore/PrebuiltGmsCore.apk!classes2.dex	4946	ministerio.dejusticiaespana
/product/priv-app/PrebuiltGmsCore/PrebuiltGmsCore.apk!classes3.dex	4946	ministerio.dejusticiaespana
/product/priv-app/PrebuiltGmsCore/PrebuiltGmsCore.apk!classes4.dex	4946	ministerio.dejusticiaespana
/product/priv-app/PrebuiltGmsCore/PrebuiltGmsCore.apk!classes5.dex	4946	ministerio.dejusticiaespana
/product/priv-app/PrebuiltGmsCore/PrebuiltGmsCore.apk!classes6.dex	4946	ministerio.dejusticiaespana
/product/priv-app/PrebuiltGmsCore/PrebuiltGmsCore.apk	4946	ministerio.dejusticiaespana
/product/priv-app/PrebuiltGmsCore/PrebuiltGmsCore.apk!classes2.dex	4946	ministerio.dejusticiaespana
/product/priv-app/PrebuiltGmsCore/PrebuiltGmsCore.apk!classes3.dex	4946	ministerio.dejusticiaespana
/product/priv-app/PrebuiltGmsCore/PrebuiltGmsCore.apk!classes4.dex	4946	ministerio.dejusticiaespana
/product/priv-app/PrebuiltGmsCore/PrebuiltGmsCore.apk!classes5.dex	4946	ministerio.dejusticiaespana
/product/priv-app/PrebuiltGmsCore/PrebuiltGmsCore.apk!classes6.dex	4946	ministerio.dejusticiaespana
/data/user/0/ministerio.dejusticiaespana/cache/1582435991586.jar	4946	ministerio.dejusticiaespana

Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

ministerio.dejusticiaespana

description ioc process

Framework API call javax.crypto.Cipher.doFinal ministerio.dejusticiaespana

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	ministerio.dejusticiaespana

ministerio.dejusticiaespana
1⤵
- Checks Android system properties for emulator presence.
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data).
PID:4946

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/ministerio.dejusticiaespana/cache/1582435991586.jar
MD5
fde2ee00cbd121cfab5290b078aa3ceb

SHA1
e2b77d5320e155e413d040a8c20020962065b2f8

SHA256
2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685

SHA512
a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

Download Submit
/product/priv-app/PrebuiltGmsCore/PrebuiltGmsCore.apk
MD5
acb8d244ae783e869e00aa7877e5b26e

SHA1
2002840b1e4e7d0b4cfac046fab6502e10ef6d07

SHA256
bab3fa39b28e625ba4d9a4f5e30fcceddeeec2a78416a3504747efe57fa772af

SHA512
b8d995e1dc679cb15d341d6d36b02139f6d7f9def76a23310d3f9601921e6a341669e190dd70c1f943a915601503580d42b113cf84f5264f6e6ca95016aacde3

Download Submit
/product/priv-app/PrebuiltGmsCore/PrebuiltGmsCore.apk
MD5
acb8d244ae783e869e00aa7877e5b26e

SHA1
2002840b1e4e7d0b4cfac046fab6502e10ef6d07

SHA256
bab3fa39b28e625ba4d9a4f5e30fcceddeeec2a78416a3504747efe57fa772af

SHA512
b8d995e1dc679cb15d341d6d36b02139f6d7f9def76a23310d3f9601921e6a341669e190dd70c1f943a915601503580d42b113cf84f5264f6e6ca95016aacde3

Download Submit
/product/priv-app/PrebuiltGmsCore/PrebuiltGmsCore.apk!classes2.dex
MD5
e39da779cc64228b367532dd6046eaca

SHA1
bc15606799815043d560eab28037737edd69c00b

SHA256
dde73c570b9d2c5a4323502d33a6b4f4c7cff38d782c92f279c35b4cdedde72b

SHA512
45ad7a8d6509384e0509333c634cf3b73cf8269532ba5205393ebab25f521054ae5ed39b4315982a09b74a401c42540385d218c82768c0a7b5612edb82662875

Download Submit
/product/priv-app/PrebuiltGmsCore/PrebuiltGmsCore.apk!classes2.dex
MD5
e39da779cc64228b367532dd6046eaca

SHA1
bc15606799815043d560eab28037737edd69c00b

SHA256
dde73c570b9d2c5a4323502d33a6b4f4c7cff38d782c92f279c35b4cdedde72b

SHA512
45ad7a8d6509384e0509333c634cf3b73cf8269532ba5205393ebab25f521054ae5ed39b4315982a09b74a401c42540385d218c82768c0a7b5612edb82662875

Download Submit
/product/priv-app/PrebuiltGmsCore/PrebuiltGmsCore.apk!classes3.dex
MD5
38c3953463c44d005bf6eb2d1a74a508

SHA1
5b871a7c1fe3af648efef950425c6c0ab9642cad

SHA256
7e604111e443300ec3057aee7fea0a78c238b7a10a9033524acdaba872f629d0

SHA512
2055eb7e21fca42278bb0aff0016200ad47dccb1e5dab750e6e7e0d37fd072afd0e60f115bc32c1a8b996baca886ab94751e59884bc839bb3e20beec8da6a09a

Download Submit
/product/priv-app/PrebuiltGmsCore/PrebuiltGmsCore.apk!classes3.dex
MD5
38c3953463c44d005bf6eb2d1a74a508

SHA1
5b871a7c1fe3af648efef950425c6c0ab9642cad

SHA256
7e604111e443300ec3057aee7fea0a78c238b7a10a9033524acdaba872f629d0

SHA512
2055eb7e21fca42278bb0aff0016200ad47dccb1e5dab750e6e7e0d37fd072afd0e60f115bc32c1a8b996baca886ab94751e59884bc839bb3e20beec8da6a09a

Download Submit
/product/priv-app/PrebuiltGmsCore/PrebuiltGmsCore.apk!classes4.dex
MD5
fe9fadb9c2e9587b1148ef4f9ad63229

SHA1
7b53fc1c9396fb9776c9ba5339f0e86f0a27031c

SHA256
05172bf4e90b654dcf2d5c04a3f6e738af5bd4f50fdfee412308b7faab70d119

SHA512
f44b743577ca49b43e5639b90f7f2e01378f42030c71d7fc340ff64da588d349886a5a82cd86651943957d25c52e8d716d30771b6ae139b157fa177e9cbe6637

Download Submit
/product/priv-app/PrebuiltGmsCore/PrebuiltGmsCore.apk!classes4.dex
MD5
fe9fadb9c2e9587b1148ef4f9ad63229

SHA1
7b53fc1c9396fb9776c9ba5339f0e86f0a27031c

SHA256
05172bf4e90b654dcf2d5c04a3f6e738af5bd4f50fdfee412308b7faab70d119

SHA512
f44b743577ca49b43e5639b90f7f2e01378f42030c71d7fc340ff64da588d349886a5a82cd86651943957d25c52e8d716d30771b6ae139b157fa177e9cbe6637

Download Submit
/product/priv-app/PrebuiltGmsCore/PrebuiltGmsCore.apk!classes5.dex
MD5
195287034fb323b2cd16f4a204cbc8fe

SHA1
6f91869b7411a786d1cde18314b3b85854eb5ac2

SHA256
62a69db53535fde59407cf7b5e4bcd37f0882b5d1ccf3f751b0cca8343fbefe0

SHA512
bb6e50646ceb98c22e8f883f5e08b094c7386bac1958d6bc16a47358befb1c14306924035361b5cf3eb702db54ad7eec61ddc0a766794a2a67360e65291961b1

Download Submit
/product/priv-app/PrebuiltGmsCore/PrebuiltGmsCore.apk!classes5.dex
MD5
195287034fb323b2cd16f4a204cbc8fe

SHA1
6f91869b7411a786d1cde18314b3b85854eb5ac2

SHA256
62a69db53535fde59407cf7b5e4bcd37f0882b5d1ccf3f751b0cca8343fbefe0

SHA512
bb6e50646ceb98c22e8f883f5e08b094c7386bac1958d6bc16a47358befb1c14306924035361b5cf3eb702db54ad7eec61ddc0a766794a2a67360e65291961b1

Download Submit
/product/priv-app/PrebuiltGmsCore/PrebuiltGmsCore.apk!classes6.dex
MD5
9ec5e8a88477e4570cf94bf0645b6587

SHA1
c4f1b16b8b8ae6f0b23a68c620737a24a644781f

SHA256
d0daed6e0378861df2cd7bd3f1660297b85fb8b43269ae6f3910c2003608c10c

SHA512
4dceabcf900917c0fd81c2ef993c8d4b28dba3c756bcb7e7b9bb5225054c20a9abf8179ae3124dae21a13d9e5c92cabc163c33cf85e70d7bb28728317209deb5

Download Submit
/product/priv-app/PrebuiltGmsCore/PrebuiltGmsCore.apk!classes6.dex
MD5
9ec5e8a88477e4570cf94bf0645b6587

SHA1
c4f1b16b8b8ae6f0b23a68c620737a24a644781f

SHA256
d0daed6e0378861df2cd7bd3f1660297b85fb8b43269ae6f3910c2003608c10c

SHA512
4dceabcf900917c0fd81c2ef993c8d4b28dba3c756bcb7e7b9bb5225054c20a9abf8179ae3124dae21a13d9e5c92cabc163c33cf85e70d7bb28728317209deb5

Download Submit