97b2a33f1a17a849cdcafbeb1b1386ab7aca992c766b134754fd52824df578ef

Analysis

max time kernel
3845730s
max time network
163s
platform
android_x64
resource
android-x64-20220310-en
submitted
20-05-2022 23:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

97b2a33f1a17a849cdcafbeb1b1386ab7aca992c766b134754fd52824df578ef.apk
Size

5.9MB
MD5

bbe0707fac13e3e7ef058f8b4dd66e13
SHA1

49fd14f340ca9e8a9d0f2ea308d866d144faff30
SHA256

97b2a33f1a17a849cdcafbeb1b1386ab7aca992c766b134754fd52824df578ef
SHA512

9a34af476bb50b3f2822e342965ce1e19fb331267b837a93374d8cdfbbb4b8e5208ee83b12aabcb340fad00327a6e71097fa556b851b9e9feabec19741f13b6e

Score

6^/10

ransomware

Malware Config

Signatures

Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.ramadan.oumwalid

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.ramadan.oumwalid

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.ramadan.oumwalid

com.ramadan.oumwalid
1⤵
- Uses Crypto APIs (Might try to encrypt user data).
PID:6195

com.ramadan.oumwalid:Metrica
1⤵
PID:6247

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.ramadan.oumwalid/files/ZPkFS.log
Filesize
90B

MD5
71bf6453abeb50b02931ef80ddea6d38

SHA1
2fc9af2001c646b844458763fefd1bbfeccaf8a7

SHA256
ab76a31def80a4ceb989a0b58fdd2919b986ffc2375826a554e1bc2b3ec582c9

SHA512
cc21bade4122192a83f3243f1bb34849d7bd7c29c69ea2de085e8b31e5a3b69d9b8ded9c631160ac3a1f77c85fccf01430c8595ec75f0e89089ca17ca22321f1

Download Submit
/data/user/0/com.ramadan.oumwalid/files/credentials.dat
Filesize
234B

MD5
d63110f73006a387e7241f171d9e06d0

SHA1
99a91a67fe7c807b1a2dc62201eae755c928046d

SHA256
3003c0be8fada1c1c0d111d66d2f03b8f2831f2632a897462f8e7a7f55d75d83

SHA512
6d0f30cdb56fe9e3427e83a4124ec39de11f44f99964a1b4d1d2d8e483164da824cfcf8c0da4985ace8ac6ab0dd4d3acff38b428b4cf2ace3ba03a1b5f09eb48

Download Submit
/data/user/0/com.ramadan.oumwalid/files/metrica_client_data.db.lock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.ramadan.oumwalid/no_backup/credentials.dat
Filesize
234B

MD5
d63110f73006a387e7241f171d9e06d0

SHA1
99a91a67fe7c807b1a2dc62201eae755c928046d

SHA256
3003c0be8fada1c1c0d111d66d2f03b8f2831f2632a897462f8e7a7f55d75d83

SHA512
6d0f30cdb56fe9e3427e83a4124ec39de11f44f99964a1b4d1d2d8e483164da824cfcf8c0da4985ace8ac6ab0dd4d3acff38b428b4cf2ace3ba03a1b5f09eb48

Download Submit
/data/user/0/com.ramadan.oumwalid/no_backup/db_metrica_com.ramadan.oumwalid
Filesize
1.2MB

MD5
2c03488852f6018cb220e3755b5267fb

SHA1
18227fbbf995e6e22c2b7bd7bf7767175066f5d0

SHA256
f13767b6b5b9405e85b7da6b8974d4fcd7e86e039c49cba97d9043edf339735d

SHA512
ed30102bff32892cc51867ca0f7acf8b317be86d1cc8f2fb5f9b82c2aef5891c40a61967de522c57f458edc2121a63e825b76769ea51b312ff1e289d2abbed63

Download Submit
/data/user/0/com.ramadan.oumwalid/no_backup/db_metrica_com.ramadan.oumwalid-journal
Filesize
1KB

MD5
71f58169e6b66a67bf99a470729ff3cf

SHA1
bb78ef7419eb066992e22e334cbf72bac02a19b3

SHA256
896502ed32ee78bd49e406a37ca880c147aadbf12b500360d9af5f7060afc494

SHA512
64796dbb521c9ac6babfcfb541d1ebef2b05e71eaba8a48ee834416113d03d6e46b5a169f9179e645da3d5cba157d0370c86d122d168254cc4d6d297496f89c2

Download Submit
/data/user/0/com.ramadan.oumwalid/no_backup/db_metrica_com.ramadan.oumwalid_20799a27-fa80-4b36-b2db-0f8141f24180
Filesize
376KB

MD5
c130d99fbc6cea100860ba80fac8f3eb

SHA1
2b6b4342fb3c43a60f1bef427509ff8ab75f0950

SHA256
64443382b9a0c92be28401d9107b49e7ed7adc3237276ec5d039c2501fe51377

SHA512
bd05c7eb4d3e1bc0c50cfcc92290cd5956ef829cd7537a320ab546e279081b12a7aa92a6391673d68714265d65333ea9226311dbc07a4d280cf5616e9a94fe33

Download Submit
/data/user/0/com.ramadan.oumwalid/no_backup/db_metrica_com.ramadan.oumwalid_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
1KB

MD5
2f8750272c0aefef178bc2b795040e23

SHA1
e422838307d4832a0cc3b0613c63a24e7efc75df

SHA256
439a1d24640732d9ffea19f6b31087dea83416c386152cf11937d66ffbcbca57

SHA512
70b8c3a255f619d9f4022beb752967402f9aa13ebc1137da5d1f0cfe7e7322e96975cdd43e75a38c08e39607fc64bdca3b3383451f88e6d4bd6c4cebb2d2f609

Download Submit
/data/user/0/com.ramadan.oumwalid/no_backup/metrica_client_data.db
Filesize
72KB

MD5
4adf3ead8dc343a313cbcf4b5760a572

SHA1
3047cdcc36e21cb521c1203cb4c4bbe44fd39f59

SHA256
07b3ed808e156d9ad0c8470db62c1ca4e8f279d493f4a6c7f8fb3f953a22f0a4

SHA512
8027fb748507c9ad725c572e1ad4fe04226c0f56f42c99603df07f9ca958e924423431a8e9aa4940abc69d7f97f763f8d67de3dcfb186b036534a3cfbc616fc6

Download Submit
/data/user/0/com.ramadan.oumwalid/no_backup/metrica_client_data.db-journal
Filesize
1KB

MD5
9a648148937e2559ceab3ed9fa28efc8

SHA1
d306759d5231a20ea880f5c03004cb4409fea98b

SHA256
1b641c7fbe66892c32e54e01d648fa3e22c64136dc9443476f4faa21df8aeb6a

SHA512
976ae3e52e8725d7c2c025f4c236b9c61dd87d8014ba3cef6e61fb3155c233c2b5365a6776034d1746030a8aa8ba204130bc3365096d0073b0820246b8b80764

Download Submit
/data/user/0/com.ramadan.oumwalid/no_backup/metrica_data.db
Filesize
1.2MB

MD5
604b798251b6440a7ee01728359a8ab3

SHA1
bab3a372c14c2db94820ea20d586f3136cf2eff6

SHA256
f98b25256c5bd2d1f97b654905f3d6ba295b1f7c6e225917dd339568dc4e97ee

SHA512
4fb1e4fe426f3d7a6da0ed9160b258b96dd6480f75e9a05b1141d5ab1afca1422a362b93a0dd7aa2b6a70fc891be800d74657a873bed3571e68b965420d2ecde

Download Submit
/data/user/0/com.ramadan.oumwalid/no_backup/metrica_data.db-journal
Filesize
1KB

MD5
c5b5d69b0053127a77e79523152f3bcd

SHA1
6fd5f123587d27f429536027f594b09448ec0ce5

SHA256
6dea06b9517c685af6b6c1ec3c97fddc93ebeaae2806feecb85dc5cf0fa0ffbd

SHA512
7f0e02ca91b3a8958529536a3a4bc3dbc7ab041c57a5ddb78e85da8ff2ebfc699d5c521b73038a2032c3f1a5e53316e2cce5432b5e22803687396e95453600cc

Download Submit
/data/user/0/com.ramadan.oumwalid/shared_prefs/com.ramadan.oumwalid_migrationpreferences.xml
Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/data/user/0/com.ramadan.oumwalid/shared_prefs/yteSlT7daYsGlbVGqXfR.xml
Filesize
2KB

MD5
52d32ab73bdba7357f1254573a6b3d27

SHA1
c52e4da69a91713416928aa73adaa2df696c5660

SHA256
12213fd0383bac08979c1a5e0da7c3da9c91031d52b00ab8f3309341ca04d5c0

SHA512
17adbc01df5af8b676fa17e4acb5d2b269883453d5b8cada6f24cf629b0eace0a959836aaa0f382f8171ca25db0affc8f48f59bc140a38b93492fae3f59aa95d

Download Submit
/data/user/0/com.ramadan.oumwalid/shared_prefs/yteSlT7daYsGlbVGqXfR.xml
Filesize
4KB

MD5
98847de7914c5b066538db057165ebee

SHA1
910c8c46ca5c14a98aee8ffd7a776dd2712e2c25

SHA256
cb9d6bf42e6b2edfaa0fc41794d5f8f0892a0c77da2578c469eff17c8dce1923

SHA512
6136bee2bea886a8585d262c6bf367876b550b711300f645f240175d92b6572adf9b1adb2abde9d35f0a0ff698107769b909f4cfaa4734a8a6614b16f9aedcb2

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads