c18c5ca32b80d4b595500853e1899d03edbe954d1e79da14f167aa888918d547

Analysis

max time kernel
3892850s
max time network
93s
platform
android_x64
resource
android-x64-arm64-20220310-en
submitted
21-05-2022 19:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c18c5ca32b80d4b595500853e1899d03edbe954d1e79da14f167aa888918d547.apk
Size

312KB
MD5

1285e688bb834e348023425ab4bbbfa5
SHA1

605526f8ee8bb7150dbd2a4b90ab9ab5edabd7da
SHA256

c18c5ca32b80d4b595500853e1899d03edbe954d1e79da14f167aa888918d547
SHA512

6cf4ab3fa4222487731d7cc353b96db63129e9138092167abdb577f6cace82f4f7ffb0a992e9d76c30ae5b2a24f4c87a9bdcd767f30c52ee885ea1f5b2d5d258

Score

8^/10

ransomware

Malware Config

Signatures

Makes use of the framework's Accessibility service. 2 IoCs

Processes:

wcqrucdpzh.otstodvvsm.vrbnjqrsrr

description	ioc	process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	wcqrucdpzh.otstodvvsm.vrbnjqrsrr
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText	wcqrucdpzh.otstodvvsm.vrbnjqrsrr

Acquires the wake lock. 1 IoCs

Processes:

wcqrucdpzh.otstodvvsm.vrbnjqrsrr

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock wcqrucdpzh.otstodvvsm.vrbnjqrsrr
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

wcqrucdpzh.otstodvvsm.vrbnjqrsrr

description ioc process

Framework API call javax.crypto.Cipher.doFinal wcqrucdpzh.otstodvvsm.vrbnjqrsrr

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	wcqrucdpzh.otstodvvsm.vrbnjqrsrr

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	wcqrucdpzh.otstodvvsm.vrbnjqrsrr

wcqrucdpzh.otstodvvsm.vrbnjqrsrr
1⤵
- Makes use of the framework's Accessibility service.
- Acquires the wake lock.
- Uses Crypto APIs (Might try to encrypt user data).
PID:6861

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/wcqrucdpzh.otstodvvsm.vrbnjqrsrr/shared_prefs/Data.xml
Filesize
159B

MD5
dac20021784a0d1e5453867edb3a31ad

SHA1
a744a42d105bcf914674c29fbd2236d0f5587c3f

SHA256
2400b7820045d56caf2dd5c2222cb0803d833599d1d5e8ba3b4c9d0124b93079

SHA512
88276794fa274a9f04a00098caef178667b9651d600d0a5c16e7280ff1add922482dddd2fdf737ed86c74eff9f5a9f1fc566d2e5ac18663f6fe28a9a470a0f82

Download Submit
/mnt/sdcard/Movies/.thumbnails/.database_uuid
Filesize
36B

MD5
5a8f3204273b6cd34bd7b9a624530de9

SHA1
c33484c8bfb5c29d782703b82dadf05f07bb1a8f

SHA256
bda71aca01c6c0435ebf3f1564e5d80c5d7879e42b6e8c530eeb9c925e98b2c0

SHA512
a551ec511ac355631f9b154ae4df7a4b07e3670569f1324bd99f9caa7e69e9147dd8aed8f5290cb149db4cafdf2a8de1eb48f79d49ec52375a85fd66d1ba9c53

Download Submit
/mnt/sdcard/Movies/.thumbnails/.database_uuid.Lucy
Filesize
48B

MD5
c7207cbce82031192e683e49347730b8

SHA1
9c639ff14f991633e246c27f7d4d0837e673def9

SHA256
22f7a085970f5dbb76924eede0a6be4ec3ab7ca33167275b0ddd5b0371b3c166

SHA512
a2314d6620347f3e823eb4960a3599340df1179d058eabd6ae4bd0e503ce93a46e3b0d2b69d989de34cbe183e20f98bf20f3c1081699e3c6dd1e6edc1c83cbba

Download Submit
/mnt/sdcard/Movies/.thumbnails/.nomedia
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/mnt/sdcard/Movies/.thumbnails/.nomedia.Lucy
Filesize
16B

MD5
96a3e5c76d902987028d9d1c408c5a12

SHA1
db94f6448864a785c0a722ff6f3cb4539fa00bfa

SHA256
9c28184005d968978605510c61cc527c74d5f4d9b4275a5fba4cc88754b56ed4

SHA512
00e90b7d38abd80b72e0633c9fc5887d55e3248770425f7559d4045da311bee9f1cd4b2aa8d21a8e4545c6f3c66f05bf9f1bf4db6eb74eb2a9a564355dba4421

Download Submit
/mnt/sdcard/Music/.thumbnails/.database_uuid
Filesize
36B

MD5
5a8f3204273b6cd34bd7b9a624530de9

SHA1
c33484c8bfb5c29d782703b82dadf05f07bb1a8f

SHA256
bda71aca01c6c0435ebf3f1564e5d80c5d7879e42b6e8c530eeb9c925e98b2c0

SHA512
a551ec511ac355631f9b154ae4df7a4b07e3670569f1324bd99f9caa7e69e9147dd8aed8f5290cb149db4cafdf2a8de1eb48f79d49ec52375a85fd66d1ba9c53

Download Submit
/mnt/sdcard/Music/.thumbnails/.database_uuid.Lucy
Filesize
48B

MD5
c7207cbce82031192e683e49347730b8

SHA1
9c639ff14f991633e246c27f7d4d0837e673def9

SHA256
22f7a085970f5dbb76924eede0a6be4ec3ab7ca33167275b0ddd5b0371b3c166

SHA512
a2314d6620347f3e823eb4960a3599340df1179d058eabd6ae4bd0e503ce93a46e3b0d2b69d989de34cbe183e20f98bf20f3c1081699e3c6dd1e6edc1c83cbba

Download Submit
/mnt/sdcard/Music/.thumbnails/.nomedia
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/mnt/sdcard/Music/.thumbnails/.nomedia.Lucy
Filesize
16B

MD5
96a3e5c76d902987028d9d1c408c5a12

SHA1
db94f6448864a785c0a722ff6f3cb4539fa00bfa

SHA256
9c28184005d968978605510c61cc527c74d5f4d9b4275a5fba4cc88754b56ed4

SHA512
00e90b7d38abd80b72e0633c9fc5887d55e3248770425f7559d4045da311bee9f1cd4b2aa8d21a8e4545c6f3c66f05bf9f1bf4db6eb74eb2a9a564355dba4421

Download Submit
/mnt/sdcard/Pictures/.thumbnails/.database_uuid
Filesize
36B

MD5
5a8f3204273b6cd34bd7b9a624530de9

SHA1
c33484c8bfb5c29d782703b82dadf05f07bb1a8f

SHA256
bda71aca01c6c0435ebf3f1564e5d80c5d7879e42b6e8c530eeb9c925e98b2c0

SHA512
a551ec511ac355631f9b154ae4df7a4b07e3670569f1324bd99f9caa7e69e9147dd8aed8f5290cb149db4cafdf2a8de1eb48f79d49ec52375a85fd66d1ba9c53

Download Submit
/mnt/sdcard/Pictures/.thumbnails/.database_uuid.Lucy
Filesize
48B

MD5
c7207cbce82031192e683e49347730b8

SHA1
9c639ff14f991633e246c27f7d4d0837e673def9

SHA256
22f7a085970f5dbb76924eede0a6be4ec3ab7ca33167275b0ddd5b0371b3c166

SHA512
a2314d6620347f3e823eb4960a3599340df1179d058eabd6ae4bd0e503ce93a46e3b0d2b69d989de34cbe183e20f98bf20f3c1081699e3c6dd1e6edc1c83cbba

Download Submit
/mnt/sdcard/Pictures/.thumbnails/.nomedia
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/mnt/sdcard/Pictures/.thumbnails/.nomedia.Lucy
Filesize
16B

MD5
96a3e5c76d902987028d9d1c408c5a12

SHA1
db94f6448864a785c0a722ff6f3cb4539fa00bfa

SHA256
9c28184005d968978605510c61cc527c74d5f4d9b4275a5fba4cc88754b56ed4

SHA512
00e90b7d38abd80b72e0633c9fc5887d55e3248770425f7559d4045da311bee9f1cd4b2aa8d21a8e4545c6f3c66f05bf9f1bf4db6eb74eb2a9a564355dba4421

Download Submit