Overview

overview

7

Static

static

7

97b2a33f1a...ef.apk

android_x86

6

97b2a33f1a...ef.apk

android_x64

6

97b2a33f1a...ef.apk

android_x64

Analysis

  • max time kernel
    3849304s
  • max time network
    140s
  • platform
    android_x86
  • resource
    android-x86-arm-20220310-en
  • submitted
    20-05-2022 23:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    97b2a33f1a17a849cdcafbeb1b1386ab7aca992c766b134754fd52824df578ef.apk

  • Size

    5.9MB

  • MD5

    bbe0707fac13e3e7ef058f8b4dd66e13

  • SHA1

    49fd14f340ca9e8a9d0f2ea308d866d144faff30

  • SHA256

    97b2a33f1a17a849cdcafbeb1b1386ab7aca992c766b134754fd52824df578ef

  • SHA512

    9a34af476bb50b3f2822e342965ce1e19fb331267b837a93374d8cdfbbb4b8e5208ee83b12aabcb340fad00327a6e71097fa556b851b9e9feabec19741f13b6e

Score
6/10
ransomware

Malware Config

Signatures

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware

Processes

  • com.ramadan.oumwalid
    1⤵
    • Uses Crypto APIs (Might try to encrypt user data).
    PID:5402
  • com.ramadan.oumwalid:Metrica
    1⤵
      PID:5467

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/user/0/com.ramadan.oumwalid/files/credentials.dat
      Filesize

      233B

      MD5

      027dfe0960b2d2a1b972533f474f1db9

      SHA1

      70a60c8f0fe7e1359b76a52e890ef24c4254845e

      SHA256

      a37efc27fdfdcdcbeaf5931b5f57ef9ce4d09f8d6c2d53a74e996b1c793c82a5

      SHA512

      144ce45536580861d5f1ef1381be5abc8e7b6cd76a693aba6ef91f4c7b566ff7669dcadd87421338024f59546eb759167d5b2a6223fe43ce8e225072ef8478d1

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/files/metrica_client_data.db.lock
      MD5

      d41d8cd98f00b204e9800998ecf8427e

      SHA1

      da39a3ee5e6b4b0d3255bfef95601890afd80709

      SHA256

      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

      SHA512

      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/no_backup/credentials.dat
      Filesize

      233B

      MD5

      027dfe0960b2d2a1b972533f474f1db9

      SHA1

      70a60c8f0fe7e1359b76a52e890ef24c4254845e

      SHA256

      a37efc27fdfdcdcbeaf5931b5f57ef9ce4d09f8d6c2d53a74e996b1c793c82a5

      SHA512

      144ce45536580861d5f1ef1381be5abc8e7b6cd76a693aba6ef91f4c7b566ff7669dcadd87421338024f59546eb759167d5b2a6223fe43ce8e225072ef8478d1

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/no_backup/db_metrica_com.ramadan.oumwalid
      Filesize

      40KB

      MD5

      686ef09da5b0d920ed9ff63ee7ade535

      SHA1

      f3e9bb56188d6d45184739e6c0f321c1476524ad

      SHA256

      baa2965b1e9cb3946c97312694e6a6d03e605d68c894de40baccadb323b41863

      SHA512

      abc527610e17be37d571080d1abf479c4ac858412b99bca73950b49a7f7494e17c4cff11ff68019c9bb75cef5bba11534983098a2a483c1d77e5c465846078a1

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/no_backup/db_metrica_com.ramadan.oumwalid-journal
      Filesize

      524B

      MD5

      3edb7e1db9c6b0c64e41d02d5d22568c

      SHA1

      dc0a132eafb923ae85eb01a2934b111d08bf9ed7

      SHA256

      585783380654880eecd2e918ea77ff169cc92b7c9ff69907dc701a4262b8d44a

      SHA512

      1a54c3e49fef174b28d9bc0e3634a13b8b60ec0f5a8975d9443acf92134d70d7ffb5e8cd2b3afb07547b1aa191c41ddc989b8f19d8b1ac8eb6c867c2c0ce4ac6

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/no_backup/db_metrica_com.ramadan.oumwalid-shm
      Filesize

      8B

      MD5

      7dea362b3fac8e00956a4952a3d4f474

      SHA1

      05fe405753166f125559e7c9ac558654f107c7e9

      SHA256

      af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

      SHA512

      1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/no_backup/db_metrica_com.ramadan.oumwalid-wal
      Filesize

      414KB

      MD5

      d311171716240b2c59b0658dab35576e

      SHA1

      0dd798e1b46a1fd29d536041fafe2a9bbf4536bd

      SHA256

      66ea7d74c5e02a11d7fa75bde1649a02e068c00cc56f3fc9caf6c5339060fab4

      SHA512

      bcdaa4f3bcc8ee81c62b601cda1ee0dbffb75224c1f9b030d74baa619a0445e290149bef3074d584c368823572d3b87d8716d211346fc01bef781c09893cd9bd

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/no_backup/db_metrica_com.ramadan.oumwalid_20799a27-fa80-4b36-b2db-0f8141f24180
      Filesize

      4KB

      MD5

      f2b4b0190b9f384ca885f0c8c9b14700

      SHA1

      934ff2646757b5b6e7f20f6a0aa76c7f995d9361

      SHA256

      0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

      SHA512

      ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/no_backup/db_metrica_com.ramadan.oumwalid_20799a27-fa80-4b36-b2db-0f8141f24180-journal
      Filesize

      524B

      MD5

      df6aeb08e1566dbef84dc6b00ebdfcb1

      SHA1

      a58fd200dcb304ca3e1a088f91458d8d42250775

      SHA256

      26f383289f982bc7ddf750d6615faa4360a02d7e0a5edf822601700c65fd9f7c

      SHA512

      02d9393528d36fd6e3496337c02ba9ac8c20c67fdb7d67feead6bc5718346cf2e2d4b413a20398a978f97eb26d7f88cddfc8b2ff39ea77673207efa215f64148

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/no_backup/db_metrica_com.ramadan.oumwalid_20799a27-fa80-4b36-b2db-0f8141f24180-shm
      Filesize

      8B

      MD5

      7dea362b3fac8e00956a4952a3d4f474

      SHA1

      05fe405753166f125559e7c9ac558654f107c7e9

      SHA256

      af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

      SHA512

      1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/no_backup/db_metrica_com.ramadan.oumwalid_20799a27-fa80-4b36-b2db-0f8141f24180-wal
      Filesize

      148KB

      MD5

      f922f0d5748ae848f0ae9caf16e2be2c

      SHA1

      a98c5d63bf061adea2f168f393802052c98b82bd

      SHA256

      c5a657d8b59a26f17fe5ee219de4e12a03dfff2e39672816c854ac169c068f86

      SHA512

      0fbfa1b9991ec5bd0e862cd51aa556af852e3ced5e96c2e62605ba0309763162df3dffbdb3aab5a69ef49ea90f5d812863b7fcc50fa8db6aea7ee66b2c8a674a

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/no_backup/metrica_client_data.db
      Filesize

      24KB

      MD5

      68eb592ff94b07e483f6e8a4b6ec8a71

      SHA1

      e7e7aff857255a76b29934abd0ee0d93846b835b

      SHA256

      53f9f0ce9da296cc00a2c87813a5db11e29f08370603f65a52c474153f8941e7

      SHA512

      dbc98de0593700286005d7bb23a642df1112df7786adf9f730b3740aeae22df4e64d6987d310a8297d12657c30b18cbb277108345320c6047638b360461d43ad

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/no_backup/metrica_client_data.db-journal
      Filesize

      524B

      MD5

      b4c1fb443ff746d12bc406d82a85c185

      SHA1

      84e206c63f712196f705c4589807e7192cd14c47

      SHA256

      d5d84b9017b61ba512f3b53c3765de97607771173be3f1f22bfe65d0da279479

      SHA512

      f800067f5a0569838d4547c038361ffa93df9eb1a97089f92abc3c1212fb24e95f69351b5d1ba3286d45af3251b979a414ee646911575af02f0d69054ffb1f3a

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/no_backup/metrica_client_data.db-shm
      Filesize

      8B

      MD5

      7dea362b3fac8e00956a4952a3d4f474

      SHA1

      05fe405753166f125559e7c9ac558654f107c7e9

      SHA256

      af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

      SHA512

      1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/no_backup/metrica_client_data.db-shm
      Filesize

      8B

      MD5

      7dea362b3fac8e00956a4952a3d4f474

      SHA1

      05fe405753166f125559e7c9ac558654f107c7e9

      SHA256

      af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

      SHA512

      1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/no_backup/metrica_client_data.db-shm
      Filesize

      8B

      MD5

      7dea362b3fac8e00956a4952a3d4f474

      SHA1

      05fe405753166f125559e7c9ac558654f107c7e9

      SHA256

      af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

      SHA512

      1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/no_backup/metrica_client_data.db-shm
      Filesize

      8B

      MD5

      7dea362b3fac8e00956a4952a3d4f474

      SHA1

      05fe405753166f125559e7c9ac558654f107c7e9

      SHA256

      af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

      SHA512

      1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/no_backup/metrica_client_data.db-shm
      Filesize

      8B

      MD5

      7dea362b3fac8e00956a4952a3d4f474

      SHA1

      05fe405753166f125559e7c9ac558654f107c7e9

      SHA256

      af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

      SHA512

      1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/no_backup/metrica_client_data.db-shm
      Filesize

      8B

      MD5

      7dea362b3fac8e00956a4952a3d4f474

      SHA1

      05fe405753166f125559e7c9ac558654f107c7e9

      SHA256

      af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

      SHA512

      1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/no_backup/metrica_client_data.db-shm
      Filesize

      8B

      MD5

      7dea362b3fac8e00956a4952a3d4f474

      SHA1

      05fe405753166f125559e7c9ac558654f107c7e9

      SHA256

      af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

      SHA512

      1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/no_backup/metrica_client_data.db-wal
      Filesize

      8KB

      MD5

      840735f027a51015a5895fef1bf354c9

      SHA1

      d2315991702c083715f15f3699b5b4a0a0e4b09f

      SHA256

      40059595dca88b10c154a05712e679ee42e46bc2da946ae57bf5e65edc003428

      SHA512

      1f0dae4cb7a616dbecb5d230451b97ef6af6f38c0ea6f27f072aef52b0162dedbf747441e26bed9b010b36910f7766e2f494c4c0ce3b770cd61771e7f55fd49b

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/no_backup/metrica_client_data.db-wal
      Filesize

      8KB

      MD5

      a40477a61524bbcef0fb2ffde175fa88

      SHA1

      b83998b5fe62d0b403453ac64bfde6f1b6cfaa81

      SHA256

      45a5d3cff3059d362d37b9a3397d3ae04b18bf9427efd6313472baef494e2e97

      SHA512

      690ec2a74955d8ba19d473b6db198837fee922c9ba2f23507f978236badc2b1b8f8a58b2a2eba70a742fe0dd0975cbcd0d7f65d380eb36a4f0ab41fc3955dba3

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/no_backup/metrica_client_data.db-wal
      Filesize

      8KB

      MD5

      0a540d1c202dedd33da407d858d64d74

      SHA1

      729639385d294da669bac2fc1d1fbf105e8f196c

      SHA256

      d668aec334500f1648c4c5f69b7939efcf682d546862a1ebe8a8c5c99540fa2f

      SHA512

      4757d8bf5fce81353bb39f8f35e2314d786acbf97fef75ed6d49e757f191f2c215b56042ce5d2f46ffe59c9d3a2ea071d0c79684983ee3f45d816fc0eec8ea75

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/no_backup/metrica_client_data.db-wal
      Filesize

      32KB

      MD5

      22d8b32f498aab3c4279390d6aae3b53

      SHA1

      641189fb5d7b3fa9a4e518df424624ea23acf114

      SHA256

      1570c4dca17bc8be89ac6fe7d6084cba1665e226b94709ec93dd7c7478f0c548

      SHA512

      675e97876338b7b78030cb2d132c991ba3b336e6e8b7f55e16f433eee23b5c706ddaf4561505e9619674e15909538924588424fef55045607a4f0b8a23f99d58

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/no_backup/metrica_client_data.db-wal
      Filesize

      8KB

      MD5

      5136b5263f2dd0de971c4c48f4ca5fa9

      SHA1

      1f850672f1e59e725b1cba221e552b8274d40561

      SHA256

      36d30a434a1419c531530730ad487d14429541c035072840777105b514fc8089

      SHA512

      b2794028ed27d9e0fde2186130825b0be70a22e935c2db4c4cf0b0d2f4a18a21e4aaa996caeb388080ee2ed14af3fd7e6a02e70fec5e993cb8ca2f61480bf96a

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/no_backup/metrica_client_data.db-wal
      MD5

      d41d8cd98f00b204e9800998ecf8427e

      SHA1

      da39a3ee5e6b4b0d3255bfef95601890afd80709

      SHA256

      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

      SHA512

      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/no_backup/metrica_client_data.db-wal
      Filesize

      8KB

      MD5

      2e8bfdace3ce39ea3559ec97970f0438

      SHA1

      5149e1b35f5abf76297f33c8e2c74599e909f156

      SHA256

      7fe421c8e4f0cef727c7d8b085f66f3072173dbcb60be511b73a452213b0a46a

      SHA512

      a99de7827b5308cc7d6b6196bb641a06b49c73c5ac76b6b88ebedb7a8e9ec43b3209c0f11e9f96cef0db37709046e37b1238a7002010f7b8ca1ed9f24050cca6

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/no_backup/metrica_data.db
      Filesize

      48KB

      MD5

      940b7df149f5de147ebe0ce6e8561e3a

      SHA1

      0557cfaafcb4eab825e1578772f83760e4e2046c

      SHA256

      66ad2db0fc03d98acd7ad912e145f8d4af93d86ca12a0efe5aea72dbe77895af

      SHA512

      4521cd8403cf743f6ad0711074285055503626894afdf3852d713b8f928734039b462a0f0c014531e1675e33d06f0d3558dc72444702bedcc4b4d205cfb13b00

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/no_backup/metrica_data.db-journal
      Filesize

      524B

      MD5

      589046620c51a10432a1650f603bc172

      SHA1

      f820bb5a3b7a0f18de564ca085aa73fdd18e2428

      SHA256

      0998548712fb354d64943ccc13accd30d6880469bd818c514d2ebdaab46bb48e

      SHA512

      b99763dfaf19b2401efb6a0c01bca7c786de6ed7d4d07cd3e407e21f9eb8e3139fd7f1496ad7234c832d80ff572fbfe28567fe84ec0ebd39b45dc2bf47443eb5

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/no_backup/metrica_data.db-shm
      Filesize

      8B

      MD5

      7dea362b3fac8e00956a4952a3d4f474

      SHA1

      05fe405753166f125559e7c9ac558654f107c7e9

      SHA256

      af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

      SHA512

      1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/no_backup/metrica_data.db-wal
      Filesize

      422KB

      MD5

      e6c4f01a9acd13a62622ea55d9fc1042

      SHA1

      f7a90ec7a6ee72e6e579813d2c94fac3ef80926a

      SHA256

      f769e5793b5983b316850a5d4a976e62b85b8f2f50bec29c6f0699fc4b38f441

      SHA512

      a9e48e08eef6466a6b7e320ad65f22cf699d11a19afffc2995904868b737420addef556c1b0f74ac462c1e1ac1df522e46d197ad1da24eca42012b0ff2369813

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/shared_prefs/com.ramadan.oumwalid_migrationpreferences.xml
      Filesize

      65B

      MD5

      9781ca003f10f8d0c9c1945b63fdca7f

      SHA1

      4156cf5dc8d71dbab734d25e5e1598b37a5456f4

      SHA256

      3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

      SHA512

      25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/shared_prefs/yteSlT7daYsGlbVGqXfR.xml
      Filesize

      2KB

      MD5

      52d32ab73bdba7357f1254573a6b3d27

      SHA1

      c52e4da69a91713416928aa73adaa2df696c5660

      SHA256

      12213fd0383bac08979c1a5e0da7c3da9c91031d52b00ab8f3309341ca04d5c0

      SHA512

      17adbc01df5af8b676fa17e4acb5d2b269883453d5b8cada6f24cf629b0eace0a959836aaa0f382f8171ca25db0affc8f48f59bc140a38b93492fae3f59aa95d

      Download Submit
    • /data/user/0/com.ramadan.oumwalid/shared_prefs/yteSlT7daYsGlbVGqXfR.xml
      Filesize

      4KB

      MD5

      98847de7914c5b066538db057165ebee

      SHA1

      910c8c46ca5c14a98aee8ffd7a776dd2712e2c25

      SHA256

      cb9d6bf42e6b2edfaa0fc41794d5f8f0892a0c77da2578c469eff17c8dce1923

      SHA512

      6136bee2bea886a8585d262c6bf367876b550b711300f645f240175d92b6572adf9b1adb2abde9d35f0a0ff698107769b909f4cfaa4734a8a6614b16f9aedcb2

      Download Submit